On Sep 15, 12:40pm, "Gaz" wrote:
}
} I don't think you will see the source as echo reply. By that, I mean that
} the echo reply will only be evident in the destination. The source could be
} any port.
ICMP does not have "port"s; therefore, this statement is
non-sensical.
} Remember ICMP is the odd protocol, which has to be allowed both ways
through
} a firewall, because the reply is a totally separate session.
ICMP is a connectionless protocol; therefore, there is nu such
thing as a "session".
} If you telnet from A to B. The destination port is 23. In the reply from B
} to A 'source' port is 23.
Telnet uses TCP. There is no comparison.
} If you use ping though for example, from A to B. The destination will be
} echo. In the reply from B to A, the source will not be 'echo' it could be
} anything. The important part will be the destination port which is
} 'echo-reply'.
ICMP does not have "port"s. It has "type"s and "code". Echo is
type 8 and Echo Reply is type 0. Neither one uses codes, so the code
is 0. The only information as to the source of an ICMP message is the
IP address. As I said to the other guy, go read RFC 792 (especially
before answering any more questions about it).
} Hope I haven't confused. Hope even more that I haven't errored.
You have errored. Go read the RFC, it is a simple one and will
get you into the habit of going to the source when conducting your
research.
}-- End of excerpt from "Gaz"
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=42618&t=42618
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
