I thought I was actually asking a CISCO syntax question but the ICMP discussion turned out to be very educational as I thought I understood ICMP but in fact was really not clear on the relationship of the echo and echo-reply. It sounds like it is fairly primitve and straight forward. THank you everyone!
Anthony Pace ""Gaz"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > You didn't muddy them half as much as I did! > > I think mine ranks up with my most inaccurate post ever. Unfortunately, I > answered with the junk that I had in my mind, which for creating > access-lists and configuring firewall rule bases has always been close > enough to allow things to work (even if totally for the wrong reasons). > As soon as I read John's post I realised what an arse I'd made of it. > > I will take a severe hand smacking for that one. Lesson learnt - get the > facts right - don't guess. > But maybe my totally incorrect answer induced John to shoot me down with a > decent answer. I'll console myself with that. > I've now read the RFC. > > John Nemeth, you're a cruel man, and I totally deserved it ;-) > > > Joe Bloggs > (Definitely not Gaz anyway) > > > ""Jeremy"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > I think it relates to the fact that ICMP uses TYPES rather than PORTS. > > Though it still uses source and destination IP address, ports are not > used, > > so the whole source port thing doesn't really make sense with ICMP. There > > really is no "source type", so they don't have granularity on the source > > address. Make Sense? Or did I muddy the waters further? > > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, April 25, 2002 5:29 PM > > To: [EMAIL PROTECTED] > > Subject: Re: Why does IOS only allow ICMP granularity on "destination" > > [7:42618] > > > > > > On Sep 15, 12:40pm, "Gaz" wrote: > > } > > } I don't think you will see the source as echo reply. By that, I mean > that > > } the echo reply will only be evident in the destination. The source could > > be > > } any port. > > > > ICMP does not have "port"s; therefore, this statement is > > non-sensical. > > > > } Remember ICMP is the odd protocol, which has to be allowed both ways > > through > > } a firewall, because the reply is a totally separate session. > > > > ICMP is a connectionless protocol; therefore, there is nu such > > thing as a "session". > > > > } If you telnet from A to B. The destination port is 23. In the reply from > B > > } to A 'source' port is 23. > > > > Telnet uses TCP. There is no comparison. > > > > } If you use ping though for example, from A to B. The destination will be > > } echo. In the reply from B to A, the source will not be 'echo' it could > be > > } anything. The important part will be the destination port which is > > } 'echo-reply'. > > > > ICMP does not have "port"s. It has "type"s and "code". Echo is > > type 8 and Echo Reply is type 0. Neither one uses codes, so the code > > is 0. The only information as to the source of an ICMP message is the > > IP address. As I said to the other guy, go read RFC 792 (especially > > before answering any more questions about it). > > > > } Hope I haven't confused. Hope even more that I haven't errored. > > > > You have errored. Go read the RFC, it is a simple one and will > > get you into the habit of going to the source when conducting your > > research. > > > > }-- End of excerpt from "Gaz" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=42675&t=42675 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]