Stepping towards two more Network Layer Protocol. The ICMP and the IPsec protocol.
Internet Control Message Protocol(ICMP)
In ICMP message, there is an ICMP type and its corresponding code. Lets have a look at these types and codes.
ICMP Type Code Description
0 0 Echo Reply
3 0 Destination Network Unreachable
3 1 Destination Host Unreachable
3 2 Destination Protocol Unreachable
3 3 Destination Port Unreachable
3 6 Destination Network Unknown
3 7 Destination Host Unknown
4 0 Source Quench (Congestion Control)
8 0 Echo Request
9 0 Router Advertisement
10 0 Router Discovery
11 0 TTL Expired
12 0 Bad IP header
Lets have an Example. You must be familiar with the ping operation. In ping operation , the sender sends an ICMP type 8 code 0 message to the receiving host. The destination on receiving this message replies with a ICMP type 0 code 0 message.
There is another ICMP type 4 code 0 message i.e. Quench message. This ICMP message was originally developed to prevent congestion control. But now because TCP does this job without the ICMP source quench message.
To take the benefits of IPsec, the whole Internet stack need not be transformed into IPsec protocol. Just the two hosts that want to communicate securely over IP, then only IPsec needs to be available on these 2 communicating hosts. Other routers and end systems keep continuing over IPv4 only.
For Example: Suppose there is a company selling computer products and having sales office in 6 countries and its employees travelling in different cities around the globe. Every employee has a company provided laptop. Now if the employees want to share the confidential information among themselves such as pricing information and product information. Then what should be done to exchange this information securely ?? Yes, What you are thinking is right. The company will install the IPsec version in all its employees’ laptop and in the server at the company headquarters. In this way, all the employees can communicate securely.
Services of IPsec:
1. Cryptographic Agreement:
The sending and receiving host agreed on the cryptographic algorithms and keys.
2. Data Integrity:
The communicating hosts are ensured that the data is not modified during its transmission through different routers and intermediate switches.
3. Encryption / Decryption:
The Data is encrypted using a certain algorithm on which the sender and receiver agreed. Then the data is only decrypted by the receiving IPsec host.
IPsec enables the communicating hosts to verify each other’s identity in order to provide data transmission between trusted hosts only.
***** When two end users communicate over IPsec, all the TCP or UDP packets are encrypted and authenticated. Thus it provides a layer of security to communicating hosts between all the network applications. ******
Modes of IPsec
There are basically 2 modes of IPsec. These are:
1. Transport Mode:
In transport mode, only the data or the payload of IPsec datagram is encrypted and is encapsulated in another IP datagram.
2. Tunnel Mode:
In this mode, the whole datagram is encapsulated and is encapsulated in another IP datagram. This is a bit complicated process, but for security, this has to be done.
This is all from us on ICMP and IPsec. We hope you enjoyed it.
This information can be useful for someone in your circle. Share with them on Facebook, Google+, Gmail etc.