Home / Programming / My first scapied IPv6 packet

My first scapied IPv6 packet

December 24, 2018

The idea of this lab is to craft an IPv6 packet from scratch using Python and Scapy library.

The IDE I use is JetBrains PyCharm Community Edition 2018.3.1 x64 which is available for free at : https://www.jetbrains.com/pycharm/download/download-thanks.html?platform=windows&code=PCC

The IDE interface looks like in figure:

You’ll need to add Scapy library in Project Interpreter section (File->Settings):

In my lab setup I use GN3 Version 2.1.11 x64 with Python 3.6.6 Qt 5.9.1 and PyQt 5.9.

R1 connects to real world (PC-2, my workstation running Windows 7 Professional SP1) through Switch-1. PC-2 “test” interface is a VirtualBox Host-Only Ethernet Adapter.

R1, R2 and R3 interfaces are in OSPF domain area 0.

We check that routing is working and PC-1 can ping PC-2:

R1#sh ipv route ospf
IPv6 Routing Table - default - 7 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP
H - NHRP, I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea
IS - ISIS summary, D - EIGRP, EX - EIGRP external, ND - ND Default
NDp - ND Prefix, DCE - Destination, NDr - Redirect, O - OSPF Intra
OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1
ON2 - OSPF NSSA ext 2
O 2001:3::/126 [110/2]
via FE80::C802:7FF:FEC4:1C, FastEthernet1/0
O 2001:4::/126 [110/3]
via FE80::C802:7FF:FEC4:1C, FastEthernet1/0
R1#

R3#sh ipv route ospf
IPv6 Routing Table - default - 8 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP
H - NHRP, I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea
IS - ISIS summary, D - EIGRP, EX - EIGRP external, ND - ND Default
NDp - ND Prefix, DCE - Destination, NDr - Redirect, O - OSPF Intra
OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1
ON2 - OSPF NSSA ext 2
O 2001:1::/126 [110/3]
via FE80::C802:7FF:FEC4:1D, FastEthernet1/1
O 2001:2::/126 [110/2]
via FE80::C802:7FF:FEC4:1D, FastEthernet1/1
R3#

PC-1> ping 2001:1::1

2001:1::1 icmp6_seq=1 ttl=61 time=40.002 ms
2001:1::1 icmp6_seq=2 ttl=61 time=38.002 ms
2001:1::1 icmp6_seq=3 ttl=61 time=39.002 ms
2001:1::1 icmp6_seq=4 ttl=61 time=39.003 ms
2001:1::1 icmp6_seq=5 ttl=61 time=40.002 ms

PC-1>

A wireshark capture shows the detail of the echo request as it is sent by PC-1:

Frame 3: 118 bytes on wire (944 bits), 118 bytes captured (944 bits) on interface 0
Interface id: 0 (-)
Interface name: -
Encapsulation type: Ethernet (1)
Arrival Time: Dec 21, 2018 13:53:44.166908000 Paris, Madrid
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1545396824.166908000 seconds
[Time delta from previous captured frame: 6.907395000 seconds]
[Time delta from previous displayed frame: 6.907395000 seconds]
[Time since reference or first frame: 16.181925000 seconds]
Frame Number: 3
Frame Length: 118 bytes (944 bits)
Capture Length: 118 bytes (944 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ipv6:icmpv6:data]
[Coloring Rule Name: ICMP]
[Coloring Rule String: icmp || icmpv6]

Ethernet II, Src: Private_66:68:00 (00:50:79:66:68:00), Dst: ca:03:0c:6c:00:00 (ca:03:0c:6c:00:00)
Destination: ca:03:0c:6c:00:00 (ca:03:0c:6c:00:00)
Address: ca:03:0c:6c:00:00 (ca:03:0c:6c:00:00)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Source: Private_66:68:00 (00:50:79:66:68:00)
Address: Private_66:68:00 (00:50:79:66:68:00)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: IPv6 (0x86dd)

Internet Protocol Version 6, Src: 2001:4::1, Dst: 2001:1::1
0110 .... = Version: 6
.... 0000 0000 .... .... .... .... .... = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT)
.... 0000 00.. .... .... .... .... .... = Differentiated Services Codepoint: Default (0)
.... .... ..00 .... .... .... .... .... = Explicit Congestion Notification: Not ECN-Capable Transport (0)
.... .... .... 0000 0000 0000 0000 0000 = Flow Label: 0x00000
Payload Length: 64
Next Header: ICMPv6 (58)
Hop Limit: 64
Source: 2001:4::1
Destination: 2001:1::1

Internet Control Message Protocol v6
Type: Echo (ping) request (128)
Code: 0
Checksum: 0xef85 [correct]
[Checksum Status: Good]
Identifier: 0x58e2
Sequence: 1
[Response In: 6]
Data (56 bytes)
Data: 000102030405060708090a0b0c0d0e0f1011121314151617...
[Length: 56]

The same packet that is seen by PC-2:

Frame 2: 118 bytes on wire (944 bits), 118 bytes captured (944 bits) on interface 0
Interface id: 0 (-)
Interface name: -
Encapsulation type: Ethernet (1)
Arrival Time: Dec 21, 2018 14:02:16.750226000 Paris, Madrid
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1545397336.750226000 seconds
[Time delta from previous captured frame: 7.890451000 seconds]
[Time delta from previous displayed frame: 7.890451000 seconds]
[Time since reference or first frame: 7.890451000 seconds]
Frame Number: 2
Frame Length: 118 bytes (944 bits)
Capture Length: 118 bytes (944 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ipv6:icmpv6:data]
[Coloring Rule Name: ICMP]
[Coloring Rule String: icmp || icmpv6]

Ethernet II, Src: ca:01:1f:08:00:00 (ca:01:1f:08:00:00), Dst: 0a:00:27:00:00:1c (0a:00:27:00:00:1c)
Destination: 0a:00:27:00:00:1c (0a:00:27:00:00:1c)
Address: 0a:00:27:00:00:1c (0a:00:27:00:00:1c)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Source: ca:01:1f:08:00:00 (ca:01:1f:08:00:00)
Address: ca:01:1f:08:00:00 (ca:01:1f:08:00:00)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: IPv6 (0x86dd)

Internet Protocol Version 6, Src: 2001:4::1, Dst: 2001:1::1
0110 .... = Version: 6
.... 0000 0000 .... .... .... .... .... = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT)
.... 0000 00.. .... .... .... .... .... = Differentiated Services Codepoint: Default (0)
.... .... ..00 .... .... .... .... .... = Explicit Congestion Notification: Not ECN-Capable Transport (0)
.... .... .... 0000 0000 0000 0000 0000 = Flow Label: 0x00000
Payload Length: 64
Next Header: ICMPv6 (58)
Hop Limit: 61
Source: 2001:4::1
Destination: 2001:1::1
Internet Control Message Protocol v6
Type: Echo (ping) request (128)
Code: 0
Checksum: 0xef83 [correct]
[Checksum Status: Good]
Identifier: 0x58e4
Sequence: 1
[Response In: 5]
Data (56 bytes)
Data: 000102030405060708090a0b0c0d0e0f1011121314151617...
[Length: 56]

The detailed packet echo response that is seen by PC-1:

Frame 6: 118 bytes on wire (944 bits), 118 bytes captured (944 bits) on interface 0
Interface id: 0 (-)
Interface name: -
Encapsulation type: Ethernet (1)
Arrival Time: Dec 21, 2018 13:53:44.249913000 Paris, Madrid
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1545396824.249913000 seconds
[Time delta from previous captured frame: 0.010001000 seconds]
[Time delta from previous displayed frame: 0.010001000 seconds]
[Time since reference or first frame: 16.264930000 seconds]
Frame Number: 6
Frame Length: 118 bytes (944 bits)
Capture Length: 118 bytes (944 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ipv6:icmpv6:data]
[Coloring Rule Name: ICMP]
[Coloring Rule String: icmp || icmpv6]

Ethernet II, Src: ca:03:0c:6c:00:00 (ca:03:0c:6c:00:00), Dst: Private_66:68:00 (00:50:79:66:68:00)
Destination: Private_66:68:00 (00:50:79:66:68:00)
Address: Private_66:68:00 (00:50:79:66:68:00)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Source: ca:03:0c:6c:00:00 (ca:03:0c:6c:00:00)
Address: ca:03:0c:6c:00:00 (ca:03:0c:6c:00:00)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: IPv6 (0x86dd)

Internet Protocol Version 6, Src: 2001:1::1, Dst: 2001:4::1
0110 .... = Version: 6
.... 0000 0000 .... .... .... .... .... = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT)
.... 0000 00.. .... .... .... .... .... = Differentiated Services Codepoint: Default (0)
.... .... ..00 .... .... .... .... .... = Explicit Congestion Notification: Not ECN-Capable Transport (0)
.... .... .... 0000 0000 0000 0000 0000 = Flow Label: 0x00000
Payload Length: 64
Next Header: ICMPv6 (58)
Hop Limit: 61
Source: 2001:1::1
Destination: 2001:4::1
Internet Control Message Protocol v6
Type: Echo (ping) reply (129)
Code: 0
Checksum: 0xee85 [correct]
[Checksum Status: Good]
Identifier: 0x58e2
Sequence: 1
[Response To: 3]
[Response Time: 83.005 ms]
Data (56 bytes)
Data: 000102030405060708090a0b0c0d0e0f1011121314151617...
[Length: 56]

The detailed packet echo response that is sent by PC-2:

Frame 5: 118 bytes on wire (944 bits), 118 bytes captured (944 bits) on interface 0
Interface id: 0 (-)
Interface name: -
Encapsulation type: Ethernet (1)
Arrival Time: Dec 21, 2018 14:02:16.780228000 Paris, Madrid
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1545397336.780228000 seconds
[Time delta from previous captured frame: 0.001000000 seconds]
[Time delta from previous displayed frame: 0.001000000 seconds]
[Time since reference or first frame: 7.920453000 seconds]
Frame Number: 5
Frame Length: 118 bytes (944 bits)
Capture Length: 118 bytes (944 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ipv6:icmpv6:data]
[Coloring Rule Name: ICMP]
[Coloring Rule String: icmp || icmpv6]

Ethernet II, Src: 0a:00:27:00:00:1c (0a:00:27:00:00:1c), Dst: ca:01:1f:08:00:00 (ca:01:1f:08:00:00)
Destination: ca:01:1f:08:00:00 (ca:01:1f:08:00:00)
Address: ca:01:1f:08:00:00 (ca:01:1f:08:00:00)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Source: 0a:00:27:00:00:1c (0a:00:27:00:00:1c)
Address: 0a:00:27:00:00:1c (0a:00:27:00:00:1c)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: IPv6 (0x86dd)

Internet Protocol Version 6, Src: 2001:1::1, Dst: 2001:4::1
0110 .... = Version: 6
.... 0000 0000 .... .... .... .... .... = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT)
.... 0000 00.. .... .... .... .... .... = Differentiated Services Codepoint: Default (0)
.... .... ..00 .... .... .... .... .... = Explicit Congestion Notification: Not ECN-Capable Transport (0)
.... .... .... 0000 0000 0000 0000 0000 = Flow Label: 0x00000
Payload Length: 64
Next Header: ICMPv6 (58)
Hop Limit: 64
Source: 2001:1::1
Destination: 2001:4::1
Internet Control Message Protocol v6
Type: Echo (ping) reply (129)
Code: 0
Checksum: 0xee83 [correct]
[Checksum Status: Good]
Identifier: 0x58e4
Sequence: 1
[Response To: 2]
[Response Time: 30.002 ms]
Data (56 bytes)
Data: 000102030405060708090a0b0c0d0e0f1011121314151617...
[Length: 56]

We concentrate on the packets, especially L2 headers information, sent by PC-2 to build our packet in Scapy:

from scapy.all import *

# build L2 headers
L2 = Ether()
L2.src = '0a:00:27:00:00:1c'
L2.dst = 'ca:01:1f:08:00:00'
L2.type = 0x86dd

# build L3 headers
base = IPv6(hlim=128)
base.dst = '2001:4::1'
base.src = '2001:1::1'

# build Protocol and payload part
payload = 'abcdefghijklmnopqrstuvwabcdefghi'
prot = ICMPv6EchoRequest(data=payload, id=0x0001, seq=0x0001)

# build the whole packet
pack = L2 / base / prot
pack.show2()
for i in range(15):
sendp(pack, iface='VirtualBox Host-Only Ethernet Adapter', verbose=conf.verb, count=1)
time.sleep(1)

The processing steps of the script is depicted in Run tab:

The following table compares the packets generated by PC-2 using the ping utility in CMD and Scapy script:

PC-2 ping (echo request)PC-2 script (echo request)
Frame 8: 94 bytes on wire (752 bits), 94 bytes captured (752 bits) on interface 0
Interface id: 0 (-)
Interface name: –
Encapsulation type: Ethernet (1)
Arrival Time: Dec 21, 2018 14:27:27.904659000 Paris, Madrid
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1545398847.904659000 seconds
[Time delta from previous captured frame: 0.001000000 seconds]
[Time delta from previous displayed frame: 0.001000000 seconds]
[Time since reference or first frame: 18.473056000 seconds]
Frame Number: 8
Frame Length: 94 bytes (752 bits)
Capture Length: 94 bytes (752 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ipv6:icmpv6:data]
[Coloring Rule Name: ICMP]
[Coloring Rule String: icmp || icmpv6]Ethernet II, Src: 0a:00:27:00:00:1c (0a:00:27:00:00:1c), Dst: ca:01:1f:08:00:00 (ca:01:1f:08:00:00)
Destination: ca:01:1f:08:00:00 (ca:01:1f:08:00:00)
Address: ca:01:1f:08:00:00 (ca:01:1f:08:00:00)
…. ..1. …. …. …. …. = LG bit: Locally administered address (this is NOT the factory default)
…. …0 …. …. …. …. = IG bit: Individual address (unicast)
Source: 0a:00:27:00:00:1c (0a:00:27:00:00:1c)
Address: 0a:00:27:00:00:1c (0a:00:27:00:00:1c)
…. ..1. …. …. …. …. = LG bit: Locally administered address (this is NOT the factory default)
…. …0 …. …. …. …. = IG bit: Individual address (unicast)
Type: IPv6 (0x86dd)Internet Protocol Version 6, Src: 2001:1::1, Dst: 2001:4::1
0110 …. = Version: 6
…. 0000 0000 …. …. …. …. …. = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT)
…. 0000 00.. …. …. …. …. …. = Differentiated Services Codepoint: Default (0)
…. …. ..00 …. …. …. …. …. = Explicit Congestion Notification: Not ECN-Capable Transport (0)
…. …. …. 0000 0000 0000 0000 0000 = Flow Label: 0x00000
Payload Length: 40
Next Header: ICMPv6 (58)
Hop Limit: 128
Source: 2001:1::1
Destination: 2001:4::1Internet Control Message Protocol v6
Type: Echo (ping) request (128)
Code: 0
Checksum: 0x94ee [correct]
[Checksum Status: Good]
Identifier: 0x0001
Sequence: 1
[Response In: 9]
Data (32 bytes)
Data: 6162636465666768696a6b6c6d6e6f707172737475767761…
[Length: 32]		Frame 166: 94 bytes on wire (752 bits), 94 bytes captured (752 bits) on interface 0
Interface id: 0 (-)
Interface name: –
Encapsulation type: Ethernet (1)
Arrival Time: Dec 21, 2018 14:32:19.846358000 Paris, Madrid
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1545399139.846358000 seconds
[Time delta from previous captured frame: 4.768273000 seconds]
[Time delta from previous displayed frame: 4.768273000 seconds]
[Time since reference or first frame: 310.414755000 seconds]
Frame Number: 166
Frame Length: 94 bytes (752 bits)
Capture Length: 94 bytes (752 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ipv6:icmpv6:data]
[Coloring Rule Name: ICMP]
[Coloring Rule String: icmp || icmpv6]Ethernet II, Src: 0a:00:27:00:00:1c (0a:00:27:00:00:1c), Dst: ca:01:1f:08:00:00 (ca:01:1f:08:00:00)
Destination: ca:01:1f:08:00:00 (ca:01:1f:08:00:00)
Address: ca:01:1f:08:00:00 (ca:01:1f:08:00:00)
…. ..1. …. …. …. …. = LG bit: Locally administered address (this is NOT the factory default)
…. …0 …. …. …. …. = IG bit: Individual address (unicast)
Source: 0a:00:27:00:00:1c (0a:00:27:00:00:1c)
Address: 0a:00:27:00:00:1c (0a:00:27:00:00:1c)
…. ..1. …. …. …. …. = LG bit: Locally administered address (this is NOT the factory default)
…. …0 …. …. …. …. = IG bit: Individual address (unicast)
Type: IPv6 (0x86dd)Internet Protocol Version 6, Src: 2001:1::1, Dst: 2001:4::1
0110 …. = Version: 6
…. 0000 0000 …. …. …. …. …. = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT)
…. 0000 00.. …. …. …. …. …. = Differentiated Services Codepoint: Default (0)
…. …. ..00 …. …. …. …. …. = Explicit Congestion Notification: Not ECN-Capable Transport (0)
…. …. …. 0000 0000 0000 0000 0000 = Flow Label: 0x00000
Payload Length: 40
Next Header: ICMPv6 (58)
Hop Limit: 128
Source: 2001:1::1
Destination: 2001:4::1Internet Control Message Protocol v6
Type: Echo (ping) request (128)
Code: 0
Checksum: 0x94ef [correct]
[Checksum Status: Good]
Identifier: 0x0001
Sequence: 1
[Response In: 167]
Data (32 bytes)
Data: 6162636465666768696a6b6c6d6e6f707172737475767761…
[Length: 32]

The echo reply requests are compared next :

PC-2 ping (echo reply)PC-2 script (echo reply)
Frame 9: 94 bytes on wire (752 bits), 94 bytes captured (752 bits) on interface 0
Interface id: 0 (-)
Interface name: –
Encapsulation type: Ethernet (1)
Arrival Time: Dec 21, 2018 14:27:27.943662000 Paris, Madrid
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1545398847.943662000 seconds
[Time delta from previous captured frame: 0.039003000 seconds]
[Time delta from previous displayed frame: 0.039003000 seconds]
[Time since reference or first frame: 18.512059000 seconds]
Frame Number: 9
Frame Length: 94 bytes (752 bits)
Capture Length: 94 bytes (752 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ipv6:icmpv6:data]
[Coloring Rule Name: ICMP]
[Coloring Rule String: icmp || icmpv6]Ethernet II, Src: ca:01:1f:08:00:00 (ca:01:1f:08:00:00), Dst: 0a:00:27:00:00:1c (0a:00:27:00:00:1c)
Destination: 0a:00:27:00:00:1c (0a:00:27:00:00:1c)
Address: 0a:00:27:00:00:1c (0a:00:27:00:00:1c)
…. ..1. …. …. …. …. = LG bit: Locally administered address (this is NOT the factory default)
…. …0 …. …. …. …. = IG bit: Individual address (unicast)
Source: ca:01:1f:08:00:00 (ca:01:1f:08:00:00)
Address: ca:01:1f:08:00:00 (ca:01:1f:08:00:00)
…. ..1. …. …. …. …. = LG bit: Locally administered address (this is NOT the factory default)
…. …0 …. …. …. …. = IG bit: Individual address (unicast)
Type: IPv6 (0x86dd)Internet Protocol Version 6, Src: 2001:4::1, Dst: 2001:1::1
0110 …. = Version: 6
…. 0000 0000 …. …. …. …. …. = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT)
…. 0000 00.. …. …. …. …. …. = Differentiated Services Codepoint: Default (0)
…. …. ..00 …. …. …. …. …. = Explicit Congestion Notification: Not ECN-Capable Transport (0)
…. …. …. 0000 0000 0000 0000 0000 = Flow Label: 0x00000
Payload Length: 40
Next Header: ICMPv6 (58)
Hop Limit: 122
Source: 2001:4::1
Destination: 2001:1::1Internet Control Message Protocol v6
Type: Echo (ping) reply (129)
Code: 0
Checksum: 0x93ee [correct]
[Checksum Status: Good]
Identifier: 0x0001
Sequence: 1
[Response To: 8]
[Response Time: 39.003 ms]
Data (32 bytes)
Data: 6162636465666768696a6b6c6d6e6f707172737475767761…
[Length: 32]		Frame 167: 94 bytes on wire (752 bits), 94 bytes captured (752 bits) on interface 0
Interface id: 0 (-)
Interface name: –
Encapsulation type: Ethernet (1)
Arrival Time: Dec 21, 2018 14:32:19.899361000 Paris, Madrid
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1545399139.899361000 seconds
[Time delta from previous captured frame: 0.053003000 seconds]
[Time delta from previous displayed frame: 0.053003000 seconds]
[Time since reference or first frame: 310.467758000 seconds]
Frame Number: 167
Frame Length: 94 bytes (752 bits)
Capture Length: 94 bytes (752 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ipv6:icmpv6:data]
[Coloring Rule Name: ICMP]
[Coloring Rule String: icmp || icmpv6]Ethernet II, Src: ca:01:1f:08:00:00 (ca:01:1f:08:00:00), Dst: 0a:00:27:00:00:1c (0a:00:27:00:00:1c)
Destination: 0a:00:27:00:00:1c (0a:00:27:00:00:1c)
Address: 0a:00:27:00:00:1c (0a:00:27:00:00:1c)
…. ..1. …. …. …. …. = LG bit: Locally administered address (this is NOT the factory default)
…. …0 …. …. …. …. = IG bit: Individual address (unicast)
Source: ca:01:1f:08:00:00 (ca:01:1f:08:00:00)
Address: ca:01:1f:08:00:00 (ca:01:1f:08:00:00)
…. ..1. …. …. …. …. = LG bit: Locally administered address (this is NOT the factory default)
…. …0 …. …. …. …. = IG bit: Individual address (unicast)
Type: IPv6 (0x86dd)Internet Protocol Version 6, Src: 2001:4::1, Dst: 2001:1::1
0110 …. = Version: 6
…. 0000 0000 …. …. …. …. …. = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT)
…. 0000 00.. …. …. …. …. …. = Differentiated Services Codepoint: Default (0)
…. …. ..00 …. …. …. …. …. = Explicit Congestion Notification: Not ECN-Capable Transport (0)
…. …. …. 0000 0000 0000 0000 0000 = Flow Label: 0x00000
Payload Length: 40
Next Header: ICMPv6 (58)
Hop Limit: 122
Source: 2001:4::1
Destination: 2001:1::1Internet Control Message Protocol v6
Type: Echo (ping) reply (129)
Code: 0
Checksum: 0x93ef [correct]
[Checksum Status: Good]
Identifier: 0x0001
Sequence: 1
[Response To: 166]
[Response Time: 53.003 ms]
Data (32 bytes)
Data: 6162636465666768696a6b6c6d6e6f707172737475767761…
[Length: 32]

In Windows 10 Professional Version: 1803, Version OS: 17134.472, the ping echo request is slightly different from Windows 7 Professional:

PC-2 ping (echo request) in Windows 7PC-2 ping (echo request) in Windows 10
Frame 8: 94 bytes on wire (752 bits), 94 bytes captured (752 bits) on interface 0
Interface id: 0 (-)
Interface name: –
[…]
[Protocols in frame:
eth:ethertype:ipv6:icmpv6:data]
[Coloring Rule Name: ICMP]
[Coloring Rule String: icmp || icmpv6]Ethernet II, Src: 0a:00:27:00:00:1c (0a:00:27:00:00:1c), Dst: ca:01:1f:08:00:00 (ca:01:1f:08:00:00)
Destination: ca:01:1f:08:00:00 (ca:01:1f:08:00:00)
Address: ca:01:1f:08:00:00 (ca:01:1f:08:00:00)
…. ..1. …. …. …. …. = LG bit: Locally administered address (this is NOT the factory default)
…. …0 …. …. …. …. = IG bit: Individual address (unicast)
Source: 0a:00:27:00:00:1c (0a:00:27:00:00:1c)
Address: 0a:00:27:00:00:1c (0a:00:27:00:00:1c)
…. ..1. …. …. …. …. = LG bit: Locally administered address (this is NOT the factory default)
…. …0 …. …. …. …. = IG bit: Individual address (unicast)
Type: IPv6 (0x86dd)Internet Protocol Version 6, Src: 2001:1::1, Dst: 2001:4::1
0110 …. = Version: 6
…. 0000 0000 …. …. …. …. …. = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT)
…. 0000 00.. …. …. …. …. …. = Differentiated Services Codepoint: Default (0)
…. …. ..00 …. …. …. …. …. = Explicit Congestion Notification: Not ECN-Capable Transport (0)
…. …. …. 0000 0000 0000 0000 0000 = Flow Label: 0x00000
Payload Length: 40Next Header: ICMPv6 (58)
Hop Limit: 128
Source: 2001:1::1
Destination: 2001:4::1 Internet Control Message Protocol v6
Type: Echo (ping) request (128)
Code: 0
Checksum: 0x94ee [correct]
[Checksum Status: Good]
Identifier: 0x0001
Sequence: 1
[Response In: 9]
Data (32 bytes)
Data: 6162636465666768696a6b6c6d6e6f707172737475767761…
[Length: 32]		Frame 231: 102 bytes on wire (816 bits), 102 bytes captured (816 bits) on interface 0
Interface id: 0 (-)
Interface name: –
[…]
[Protocols in frame: eth:ethertype:ipv6:ipv6.hopopts:icmpv6:data]
[Coloring Rule Name: ICMP]
[Coloring Rule String: icmp || icmpv6]Ethernet II, Src: Dell_d9:79:7b (10:65:30:d9:79:7b), Dst: Cisco_90:39:45 (00:14:a9:90:39:45)
Destination: Cisco_90:39:45 (00:14:a9:90:39:45)
Address: Cisco_90:39:45 (00:14:a9:90:39:45)
…. ..0. …. …. …. …. = LG bit: Globally unique address (factory default)
…. …0 …. …. …. …. = IG bit: Individual address (unicast)
Source: Dell_d9:79:7b (10:65:30:d9:79:7b)
Address: Dell_d9:79:7b (10:65:30:d9:79:7b)
…. ..0. …. …. …. …. = LG bit: Globally unique address (factory default)
…. …0 …. …. …. …. = IG bit: Individual address (unicast)
Type: IPv6 (0x86dd)Internet Protocol Version 6, Src: 2001:1::1, Dst: 2001:4::1
0110 …. = Version: 6
…. 0000 0000 …. …. …. …. …. = Traffic Class: 0x00 (DSCP: CS0, ECN: Not-ECT)
…. 0000 00.. …. …. …. …. …. = Differentiated Services Codepoint: Default (0)
…. …. ..00 …. …. …. …. …. = Explicit Congestion Notification: Not ECN-Capable Transport (0)
…. …. …. 0000 0000 0000 0000 0000 = Flow Label: 0x00000
Payload Length: 48
Next Header: IPv6 Hop-by-Hop Option (0)
Hop Limit: 128
Source: 2001:1::1
Destination: 2001:4::1
IPv6 Hop-by-Hop OptionNext Header: ICMPv6 (58)
Length: 0
[Length: 8 bytes]
Router Alert
Type: Router Alert (0x05)
00.. …. = Action: Skip and continue (0)
..0. …. = May Change: No
…0 0101 = Low-Order Bits: 0x05
Length: 2
Router Alert: MLD (0)
PadN
Type: PadN (0x01)
00.. …. = Action: Skip and continue (0)
..0. …. = May Change: No
…0 0001 = Low-Order Bits: 0x01
Length: 0
PadN:Internet Control Message Protocol v6
Type: Echo (ping) request (128)
Code: 0
Checksum: 0xd1c3 [correct]
[Checksum Status: Good]
Identifier: 0x0001
Sequence: 1
[No response seen]
[Expert Info (Warning/Sequence): No response seen to ICMPv6 request in frame 231]
[No response seen to ICMPv6 request in frame 231]
[Severity level: Warning]
[Group: Sequence]
Data (32 bytes)
Data: 6162636465666768696a6b6c6d6e6f707172737475767761…
[Length: 32]

Let’s generate the same packet with Scapy and see how the networks react.

In the previous code these changes need to be made:

from scapy.all import *

# build L2 headers
L2 = Ether()
L2.src = '0a:00:27:00:00:1c'
L2.dst = 'ca:01:1f:08:00:00'
L2.type = 0x86dd

# build L3 headers
base = IPv6(hlim=128)
base.dst = '2001:4::1'
base.src = '2001:1::1'

ext=IPv6ExtHdrHopByHop(nh=58, len=0, options=RouterAlert())

# build Protocol and payload part
payload = 'abcdefghijklmnopqrstuvwabcdefghi'
prot = ICMPv6EchoRequest(data=payload, id=0x0001, seq=0x0001)

# build the whole packet
pack = L2 / base / ext / prot
pack.show2()
for i in range(15):
sendp(pack, iface='VirtualBox Host-Only Ethernet Adapter', verbose=conf.verb, count=1)
time.sleep(1)

The obtained packet is compared with the one generated by Windows 10 Professional ping utility:

PC-2 script (echo request) in Windows 10PC-2 ping (echo request) in Windows 10
Frame 1826: 102 bytes on wire (816 bits), 102 bytes
[…]
[Protocols in frame: eth:ethertype:ipv6:ipv6.hopopts:icmpv6:data]
[Coloring Rule Name: ICMP]
[Coloring Rule String: icmp || icmpv6]Ethernet II, Src: 0a:00:27:00:00:1c (0a:00:27:00:00:1c), Dst: ca:01:1f:08:00:00 (ca:01:1f:08:00:00)
[…]
Type: IPv6 (0x86dd)Internet Protocol Version 6, Src: 2001:1::1, Dst: 2001:4::1
0110 …. = Version: 6
[…]
Payload Length: 48
Next Header: IPv6 Hop-by-Hop Option (0)
Hop Limit: 128
Source: 2001:1::1
Destination: 2001:4::1
IPv6 Hop-by-Hop Option
Next Header: ICMPv6 (58)
Length: 0
[Length: 8 bytes]
Router Alert
Type: Router Alert (0x05)
00.. …. = Action: Skip and continue (0)
..0. …. = May Change: No
…0 0101 = Low-Order Bits: 0x05
Length: 2
Router Alert: MLD (0)
PadN
Type: PadN (0x01)
00.. …. = Action: Skip and continue (0)
..0. …. = May Change: No
…0 0001 = Low-Order Bits: 0x01
Length: 0
PadN:Internet Control Message Protocol v6
Type: Echo (ping) request (128)
Code: 0
Checksum: 0x94ee [correct]
[Checksum Status: Good]
Identifier: 0x0001
Sequence: 1
[No response seen]
[Expert Info (Warning/Sequence): No response seen to ICMPv6 request in frame 1826]
[No response seen to ICMPv6 request in frame
1826]
[Severity level: Warning]
[Group: Sequence]
Data (32 bytes)
Data: 6162636465666768696a6b6c6d6e6f707172737475767761…
[Length: 32]		Frame 231: 102 bytes on wire (816 bits), 102 bytes
[…]
[Protocols in frame: eth:ethertype:ipv6:ipv6.hopopts:icmpv6:data]
[Coloring Rule Name: ICMP]
[Coloring Rule String: icmp || icmpv6]Ethernet II, Src: 0a:00:27:00:00:1c (0a:00:27:00:00:1c), Dst: ca:01:1f:08:00:00 (ca:01:1f:08:00:00)
[…]
Type: IPv6 (0x86dd)Internet Protocol Version 6, Src: 2001:1::1, Dst: 2001:4::1
0110 …. = Version: 6
[…]
Payload Length: 48
Next Header: IPv6 Hop-by-Hop Option (0)
Hop Limit: 128
Source: 2001:1::1
Destination: 2001:4::1
IPv6 Hop-by-Hop Option
Next Header: ICMPv6 (58)
Length: 0
[Length: 8 bytes]
Router Alert
Type: Router Alert (0x05)
00.. …. = Action: Skip and continue (0)
..0. …. = May Change: No
…0 0101 = Low-Order Bits: 0x05
Length: 2
Router Alert: MLD (0)
PadN
Type: PadN (0x01)
00.. …. = Action: Skip and continue (0)
..0. …. = May Change: No
…0 0001 = Low-Order Bits: 0x01
Length: 0
PadN:Internet Control Message Protocol v6
Type: Echo (ping) request (128)
Code: 0
Checksum: 0xd1c3 [correct]
[Checksum Status: Good]
Identifier: 0x0001
Sequence: 1
[No response seen]
[Expert Info (Warning/Sequence): No response seen to ICMPv6 request in frame 231]
[No response seen to ICMPv6 request in frame
231]
[Severity level: Warning]
[Group: Sequence]
Data (32 bytes)
Data: 6162636465666768696a6b6c6d6e6f707172737475767761…
[Length: 32]

The ping does not succeed!

In the next post, we dig much deeper into this issue…

atlink'admin

Related Posts

An IPv6 home network is possible
October 8, 2024

Leave a Reply

  • Transmit Power Control in IEEE 802.11 Cisco WLAN networks
    TPC stands for Transmit Power Control. It’s a one of Cisco RRM, Radio Resources Management, techniques that are aimed at tackling interference, cross and co-channel, in Wlan networks. RRM: TPC, CHD and DCA It works tightly with CHD, Covergate Hole Detection, to optimize transmit power. TPC tends to minimize the transmit power and CHD to eliminate
  • 10 security measures against 10 attacks in a LAN network – Part I
    An Ethernet switch is the central element of a LAN network and operates at data link OSI layer. Every switch port defines a collision domain and can extend a broadcast or broadcast frame domain that is stopped by a router routed interface that operates at network OSI layer. By default switches support one broadcast domain
  • Understand how Aruba ARMizes your WLAN for sure!
    Presenting ARM In this post, that is a part of a serie of post that discuss how Wlan to radio ressources management, we talk of Aruba way of doing it. The figure shows a simple wlan network of 6 AP or access points. This is heatmap showing that radio signal is very strong (in red)
  • Understand RIP Routing Timers All in One Shot!
    This post is part of a series of posts about dynamic routing protocols and especially RIP. We’ll try to get a deep understanding of its operation and function as an introductory to dynamic routing logic in general. You’ll see that what we think easy may hide an incrementing complexity… a little introduction Berfore we start
  • DUAL route FSM Processing of EIGRP Queries
    This blog is a part of series of posts about EIGRP routing protocol. Let’s recall that EIGRP is one of the so called IGP routing protocols. IGP stands for interior routing protocols as opposed to EGP or exterior routing protocols. In addition EIGRP is a hybrid as it borrows some similiarities to distance-vector and link-state
June 2025
M T W T F S S
 1
2345678
9101112131415
16171819202122
23242526272829
30