My doubt is why an icmp destination port unreachable error message generated for udp. Why we can't simply discard the udp packet if the destination port is not reachable by saying udp is connection-less
UDP – Why ICMP Destination Port Unreachable Error is Generated
icmpudp
Related Solutions
The first version of traceroute
was written by Van Jacobson and it used ICMP but it didn't work very well. The vendor interpretation of ICMP in RFC792 was that routers should not send an ICMP error message in response to an ICMP packet (see edit notes below). Therefore most routers would not send a "time exceeded" message in response to an echo request with a TTL of 1 or 0. So he changed it to use UDP and lo and behold it worked great and there was much rejoicing (and adoption). The traceroute
tool on Linux and FreeBSD (and I assume Cisco) is based on Van Jacobson's work.
The spec was later changed to "in response to an ICMP error packet." The world progressed, vendors made changes to their stacks allowing ICMP error messages in response to echo requests, and with the rise of firewalls and ACLs, stray UDP packets sometimes get blocked, but ICMP echo request could get through. Of course, your success on that today varies wildly. I would expect the tracert
and other tools were written at a time when using ICMP echo responses wasn't so problematic.
These days you can't really say UDP is better than ICMP. Or that either of those is better than TCP. It completely depends on the path you are traversing and the security policies in place. You may need to try one, both, or all three implementations.
Sources:
http://ftp.arl.army.mil/~mike/ping.html http://www.inetdaemon.com/tutorials/troubleshooting/tools/traceroute/definition.shtml
Edit:
Changed RFC from IP (RFC791) to ICMP (RFC792) that says in the intro:
To avoid the infinite regress of messages about messages etc., no ICMP messages are sent about ICMP messages.
That's the bit that caused vendors to not send "Time Exceeded" errors for echo requests.
RFC1122, Requirements for Internet Hosts, in section 3.2.2. is the update that says hosts shouldn't respond to ICMP error messages.
Just as MAC addresses are layer-2 addresses, and IP addresses are layer-3 addresses, port numbers are layer-4 addresses. When the transport layer wants to reply to a layer-4 request, it must have the address (port) to which it should reply.
When a PC sends an HTTP (TCP port 80) request to to an HTTP server, the PC uses an ephemeral TCP source port and the HTTP server's TCP port 80 as the destination port. The HTTP server replies back to the PC's ephemeral port, and it gets that port number from the source port of the PC's request.
Best Answer
From ICMP RFC 792:
Because the keyword is MAY, it is not required for the receiving host to send a destination port unreachable if there is no process listening at that tcp or udp port, but it is allowed per the standard.
As a UDP application developer, it is helpful to know that the destination port is unreachable, so the ICMP error message is helpful and appreciated.
Sometimes, the answer is, “we do it because the standard says to do it”.