Scribd
Upload
15 views

Internet Control Message Protocol

ICMP is a protocol used to report delivery errors and other network problems in IP networks. It allows devices to check if other systems are reachable and functioning properly. The ping program uses ICMP echo requests and replies to test network connectivity, while traceroute uses ICMP messages to identify the routers along the path between systems. ICMP messages contain error codes and optional payload data to provide more context about network issues.

Uploaded by

The Visista Enterpreneurs
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
15 views

Internet Control Message Protocol

ICMP is a protocol used to report delivery errors and other network problems in IP networks. It allows devices to check if other systems are reachable and functioning properly. The ping program uses ICMP echo requests and replies to test network connectivity, while traceroute uses ICMP messages to identify the routers along the path between systems. ICMP messages contain error codes and optional payload data to provide more context about network issues.

Uploaded by

The Visista Enterpreneurs
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

Internet Control Message Protocol (ICMP)

The Internet Control Message Protocol (ICMP) [RFC792] protocol is classic example
of a client server application. The ICMP server executes on all IP end system
computers and all IP intermediate systems (i.e routers). The protocol is used to report
problems with delivery of IP datagrams within an IP network. It can be sued to show
when a particular End System (ES) is not responding, when an IP network is not
reachable, when a node is overloaded, when an error occurs in the IP header
information, etc. The protocol is also frequently used by Internet managers to verify
correct operations of End Systems (ES)and to check that routers are correctly routing
packets to the specified destination address.

ICMP messages generated by router R1, in response to message sent by H0 to H1 and


forwarded by R0. This message could, for instance be generated if the MTU of the
link between R0 and R1 was smaller than size of the IP packet, and the packet had the
Don't Fragment (DF) bit set in the IP packet header. The ICMP message is returned to
H0, since this is the source address specified in the IP packet that suffered the
problem. A modern version of Path MTU Discovery provides a mechanism to verify
the Path MTU [RFC4821].

An ICMP message consisting of 4 bytes of PCI and an optional message payload.

The format of an ICMP message is shown above. The 8-bit type code identifies the
types of message. This is followed by at least the first 28 bytes of the packet that
resulted in generation of the error message (i.e. the network-layer header and first 8
bytes of transport header). This payload is, for instance used by a sender that receives
the ICMP message to perform Path MTU Discovery so that it may determine IP
destination address of the packet that resulted in the error. Longer payloads are also
encouraged (which can help better identify the reason why the ICMP message was
generated and which program generated the original packet).

The figure below shows the encapsulation of ICMP over an Ethernet LAN using an IP
network layer header, and a MAC link layer header and trailer containing the 32-bit
checksum:

Encapsulation for a complete ICMP packet (not showing the Ethernet preamble)

It is the responsibility of the network layer (IP) protocol to ensure that the ICMP
message is sent to the correct destination. This is achieved by setting the destination
address of the IP packet carrying the ICMP message. The source address is set to the
address of the computer that generated the IP packet (carried in the IP source address
field) and the IP protocol type is set to "ICMP" to indicate that the packet is to be
handled by the remote end system's ICMP client interface.

RFC792 specifies the Internet Control Message Protocol (ICMP) that is used with the
Internet Protocol version 4 (IPv4). It defines, among other things, a number of error
messages that can be used by an end-system and intermediate systems to report errors
back to the sending system. The host requirements [RFC1122] classifies ICMP these
error messages into those that indicate "soft errors" (advising of problems), and those
that indicate "hard errors" (which need to be responded to).

A version of ICMP has also been defined for IPv6, called ICMPv6 [RFC4443]. This
subsumes all the equivalent functions of ICMP for IPv4 and adds other network-layer
functions. ICMP error messages are up to 1280 bytes in size, and therefore always
carry a substantial number of bytes from the packet that generated the error being
reported.

The Ping Application


The "ping" program contains a client interface to ICMP. It may be used by a user to
verify an end-to-end Internet Path is operational. The ping program also collects
performance statistics (i.e. the measured round trip time and the number of times the
remote server fails to reply. Each time an ICMP echo reply message is received, the
ping program displays a single line of text. The text printed by ping shows the
received sequence number, and the measured round trip time (in milliseconds). Each
ICMP Echo message contains a sequence number (starting at 0) that is incremented
after each transmission, and a timestamp value indicating the transmission time.

Use of the ping program to test whether a particular computer ("sysa") is operational.

The operation of ICMP is illustrated in the frame transition diagram shown above. In
this case there is only one Intermediate System (IS) (i.e. IP router). In this case two
types of message are involved the ECHO request (sent by the client) and the ECHO
reply (the response by the server). Each message may contain some optional data.
When data are sent by a server, the server returns the data in the reply which is
generated. ICMP packets are encapsulated in IP for transmission across an internet.

The Traceroute Application


The "traceroute" program contains a client interface to ICMP. Like the "ping"
program, it may be used by a user to verify an end-to-end Internet Path is operational,
but also provides information on each of the Intermediate Systems (i.e. IP routers) to
be found along the IP Path from the sender to the receiver. Traceroute uses ICMP
echo messages. These are addressed to the target IP address. The sender manipulates
the TTL (hop count) value at the IP layer to force each hop in turn to return an error
message.

 The program starts by sending an ICMP Echo request message with an IP


destination address of the system to be tested and with a Time To Live (TTL)
value set to 1. The first router that receives this packet decrements the TTL and
discards the message, since this now has a value of zero. Before it deletes the
message, the system constructs an ICMP error message (with an ICMP
message type of "TTL exceeded") and returns this back to the sender. Receipt
of this message allows the sender to identify which system is one link away
along the path to the specified destination.
 The sender repeats this two more times, each time reporting the system that
received the packet. If all packets travel along the same path, each ICMP error
message will be received from the same system. Where two or more alternate
paths are being used, the results may vary.
 If the system that responded was not the intended destination, the sender
repeats the process by sending a set of three identical messages, but using a
TTL value that is one larger than the previous attempt. The first system
forwards the packet (decrementing the TTL value in the IP header), but a
subsequent system that reduces the TTL value to zero, generates an ICMP error
message with its own source address. In this way, the sender learns the identity
of another system along the IP path to the destination.
 This process repeats until the sender receives a response from the intended
destination (or the maximum TTL value is reached).

Note: Some Routers are configured to discard ICMP messages, while others process
them but do not return ICMP Error Messages. Such routers hide the "topology" of the
network, but also can impact correct operation of protocols. Some routers will process
the ICMP Messages, providing that they do not impose a significant load on the
routers, such routers do not always respond to ICMP messages. When "traceroute"
encounters a router that does not respond, it prints a "*" character.
An example:
>traceroute bbc.co.uk traceroute to bbc.co.uk (212.58.224.131), 64 hops
max, 40 byte packets
1 10.10.10.1 (10.10.10.1) 51.940 ms 18.491 ms 1.260 ms
2 lo0-plusnet.ptn-ag2.plus.net (195.166.128.53) 49.263 ms 55.061 ms 53.525
ms
3 ge1-0-0-204.ptn-gw2.plus.net (84.92.3.106) 139.647 ms 52.525 ms 127.196
ms
4 gi1-1-22.ptn-gw5.plus.net (212.159.4.6) 76.505 ms 57.524 ms 52.404 ms
5 rt0.thdo.bbc.co.uk (212.58.239.25) 89.200 ms 49.666 ms 144.629 ms
6 212.58.238.133 (212.58.238.133) 48.786 ms 68.650 ms 51.599 ms

You might also like