1

According to the documentation, the length of the SEQ Number is 16 bits...65536; so, what will happen if I sent a 65536 ICMP Request (Ping)...?

Adrian Mole
  • 49,934
  • 160
  • 51
  • 83
ahmed deeb
  • 19
  • 5
  • 6553_5_ is represented as 1111 1111 1111 1111, it's not possible to represent 6553_6_ or higher in a 16 bit number. – Matthew Jan 01 '22 at 09:49
  • Sequence reset, to one likely. There is really no other option, unless terminating the operation. – user2864740 Jan 01 '22 at 09:54
  • Ok, But SEQ will increment every time you ping a host...
    if I used this line on the CMD: ping -n 65536 192.168.1.0...consider that 192.168.1.0 is my router gateway...what will happen at the last packet?     – ahmed deeb Jan 01 '22 at 09:56
  • @ahmeddeeb: if you read the entirety of the RFC, there's no actual mandate that sequence numbers are sequential. They may be an arithmetic sequence with a non-unit step (1, 7, 13, 19, ...) or even a geometric sequence (1, 2, 4, 8, 16, ...). The intent is simply to allow matching of replies to requests. – paxdiablo Jan 01 '22 at 10:04

2 Answers2

2

The only requirement is that the sequence number in the reply match the sequence number in the request. This is to aid in matching replies to requests.

In fact, I'm not sure it's even a requirement that the sequence numbers be consecutive(a). If they are consecutive, then the most likely case is that it will wrap from 65535 to 0 (or possibly 1 if zero is to be avoided)(b).

You may think that a sequence number mandates consecutive numbers but there exist sequences that do not have that property:

  • non-unitary arithmetic sequences such as 1, 5, 9, 13, 17, ...;
  • geometric sequences such as 1, 7, 49, 343, 2401, ...; or even
  • non-repeating digits of PI, 3, 1, 4, 5, 9, 2, 6, ... (back to 3).

(a) The RFC states (my emphasis):

The identifier and sequence number may be used by the echo sender to aid in matching the replies with the echo requests. For example, the identifier might be used like a port in TCP or UDP to identify a session, and the sequence number might be incremented on each echo request sent. The echoer returns these same values in the echo reply.

Words, like "shall", "must", "may" and "might" have very specific meanings in standards documents, with the latter two being more advisory than mandated.

(b) Keep in mind the intent is to match replies to requests. The chances of cycling through 65000-odd ICMP packets and getting a reply from the previous cycle is pretty slim. At one ping a second (though that's also not strictly mandated rather it's just what most ping programs seem to do), that would be on the order of 18 hours.

I would expect timeouts or TTL properties to kick in long before that point.

paxdiablo
  • 854,327
  • 234
  • 1,573
  • 1,953
0

and after pinging myself for 3 days on localhost 127.0.0.1 using termux on my android phone, It turns out that it becomes 0...yes SEQ NUMBER in ICMP MESSAGE can be in this case...enter image description here

ahmed deeb
  • 19
  • 5