ICMP – Internet Control Message Protocol
April 5th, 2014 by Rossy GuideBasic description:
Internet Control Message Protocol (ICMP) is an error reporting and diagnostic utility and is considered a required part of any IP implementation. Understanding ICMP and knowing what can possibly generate a specific type of ICMP is useful in diagnosing network problems.
ICMP Features:
o ICMP: Used by IP to send error and control messages.
o ICMP uses IP to send its messages.
o ICMP does not report errors on ICMP messages.
o ICMP message are not required on datagram checksum errors.
o ICMP reports error only on the first fragment.
ICMP Message Format:
Each ICMP message contains three fields that define its purpose and provide a checksum. The TYPES defined are:
|
IP Header |
|
|
Type of Message |
8b |
|
Error Code |
8b |
|
Checksum |
16b |
|
Parameters, if any |
Var |
|
Information |
Var |
Destination Unreachable:
When a packet is undeliverable, a Destination Unreachable ICMP is generated and it can have a Code value of 0 to 15:
|
TYPE |
Description |
|
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
|
Network UnreachableHost UnreachableProtocol UnreachablePort UnreachableFragmentation needed and DF set
Source route failed Destination Network unknown Destination Host unknown Source Host isolated Communication with Destination Network Administratively Prohibited Communication with Destination Host Administratively Prohibited Network Unreachable for Type Of Service Host Unreachable for Type Of Service Communication Administratively Prohibited by Filtering Host Precedence Violation Precedence Cutoff in Effect |
Source Quench:
An ICMP Source Quench message has a Type field of 4 and Code 0. Source Quench messages are sent when the destination is unable to process traffic as fast as the source is sending it. The Source Quench ICMP tells the source to cut back the rate at which it is sending data. The destination will continue to generate Source Quench ICMPs until the source is sending at an acceptable speed.
Redirect Message:
An intermediary device will generate an ICMP Redirect Message when it determines that a route being requested can be reached either locally or through a better path. The further defined by the following Code field values:
|
TYPE |
Description |
|
0 1 2 3
|
Redirect datagrams for the NetworkRedirect datagrams for the Host
Redirect datagrams for the Type of Service and Network Redirect datagrams for the Type of Service and Host |
Time Exceeded:
If a router or host discards a packet due to a time-out, it will generate a Time Exceeded Type 11 ICMP. The Time Exceeded ICMP will have a Code value of either 0 or 1. A Code 0 is generated when the hop count of a datagram is exceeded and the packet is discarded. A Code 1 is generated when the reassemble of a fragmented packet exceeds the time-out value.
Parameter Problem:
When an intermediary device or host discards a datagram due to inability to process, an ICMP 12 is generated. Common causes of this ICMP are corrupt header information or missing options. If the reason for the ICMP is a required missing option, the ICMP will have a Code value of 1.
Echo Request & Echo Reply:
This is the ICMP most used to test IP connectivity commonly known as PING. The Echo Request ICMP will have a Type field of 8 and a Code field of 0. Echo Replies have a Type field of 0 and a Code field of 0.