Internet Control Message protocol

ICMP (Internet Control Message protocol) messages are embedded into IP datagrams. ICMP can also be seen as a protocol that makes use of IP.

The main controls, made by ICMP, are:

• Error management (passive)

  • Destination unreachable

  • Time expired (TTL or fragment reassembly timer)

  • Data inconsistency

  • Flow control

• Active mode Echo + Echo Reply (ping Unix)

In the IP header, the field protocol takes value 1 and indicates that the payload is an ICMP message.

Type	Description
0	Echo reply
3	Destination unreachable
4	Source Quench
5	Redirect (change a route)
8	Echo request
11	Time exceeded
12	Parameter problem
13	Timestamp request
14	Timestamp reply
17	Address mask request
18	Address mask reply

Main rules of ICMP error messages

• No ICMP error message will be generated in response to a datagram carrying an ICMP error message

• No ICMP error message will be generated for a fragmented datagram that is not the first fragment

• No ICMP error message will be generated for a datagram having a multicast address

• No ICMP error message will be generated for a datagram having a special address such as 127.0.0.0 or 0.0.0.0.

NOTE: Some routers don't generate ICMP messages

Types of ICMP messages

Echo

Echo-request and Echo-reply are used to check the reachability of hosts and routers. Upon receiving an Echo-request, the ICMP entity of a device immediately replies with Echo reply.

• Type

  • 8= request

  • 0= reply

• Code= 0

ECHO message

Other important fields of Echo messages are:

• Identifier Each Echo message has an identifier, defined in the Echo request, and replicated in the Echo reply.

• Sequence number Consecutive requests may have the same identifier and change from others for sequence number only. The sequence number is used to measure the RTT and count the number of lost bytes.

• Optional data The sender can add Optional data to the request message. The data will be replicated in the reply message.

The payload of Echo (IP datagram) is used to check the capacity of a link (RTT is bigger if the link has small bitrate).

Destination unreachable

When a packet is dropped, an error message is returned, through ICMP, to the source.

• Type= 3

Code	Description	References
0	Network unreachable error.	RFC 792
1	Host unreachable error.	RFC 792
2	Protocol unreachable error. Sent when the designated transport protocol is not supported.	RFC 792
3	Port unreachable error. Sent when the designated transport protocol is unable to demultiplex the datagram but has no protocol mechanism to inform the sender.	RFC 792
4	The datagram is too big. Packet fragmentation is required but the DF bit in the IP header is set.	RFC 792
5	Source route failed error.	RFC 792
6	Destination network unknown error.	RFC 1122
7	Destination host unknown error.	RFC 1122
8	Source host isolated error. (Obsolete)	RFC 1122
9	The destination network is administratively prohibited.	RFC 1122
10	The destination host is administratively prohibited.	RFC 1122
11	The network is unreachable for Type Of Service.	RFC 1122
12	The host is unreachable for Type Of Service.	RFC 1122
13	Communication Administratively Prohibited. Administrative filtering prevents a packet from being forwarded.	RFC 1812
14	Host precedence violation. The requested precedence is not permitted for the particular combination of host or network and port.	RFC 1812
15	Precedence cutoff in effect. The precedence of datagram is below the level set by the network administrators.	RFC 1812

Time exceeded

It's generated when some packets are missing or don't reach the destination.

• Type= 11

The main problems, that generate this message, are:

Code	Problem
0	Generated by a router when it decreases the TTL to 0 Returned to the source of the IP datagram
1	Generated by the destination, when some fragments are missing, after the fragment reasembly timer expires

Parameter problem

It's generated when there are some wrong formats or unknown options.

• Type= 12

The main problems generated by this message are:

Code	Problem
0	If the header of an IP datagram contains a malformed field (violate format)
1	Used when an option is unknown or a certain operation cannot be carried out

Redirect

It's generated by a router to require the source to use a different router

• Type= 5

• Code= 0 - 3

Timestamp

It's used to exchange clock information between source and destination.

• Type

  • 13 request

  • 14 reply

• Originate timestamp inserted by the source

• Receive timestamp inserted by the destination right after receiving the ICMP message

• Transmit timestamp inserted by the destination just before returning the ICMP message

Address Mask

It's used to ask for the netmask of a router/host.

• Type

  • 17 request

  • 18 reply

• Code= 0

• Address mask In the request message, it's void and it is populated by the device that replies to the request