The Internet Control Message Protocol (ICMP) | Upgrading and Repairing Networks (5th Edition)

The Internet Control Message Protocol is a required part of any TCP/IP implementation, and the functions it performs are very important to routers and other network devices that communicate through TCP/IP. Like TCP and UPD, this protocol also uses the IP protocol to send its messages through the network. If you have used the ping or traceroute commands, you have used ICMP. ICMP was first defined in RFC 792.

Whereas TCP can usually recover from dropped datagrams simply by requesting that IP retransmit them, ICMP is used as a reporting mechanism that can be used by IP (and thus the protocols that use IP).

There are many kinds of ICMP messages, but all share a similar format. These are the fields of an ICMP message:

Type ” This 1-byte field is used to indicate the kind of ICMP message (see Table 25.10).
Code ” This 1-byte field is used as a subcode to further identify a message. This field is set to zero if the particular message type does not need to be further delineated.
Checksum ” This 2-byte field is used to provide an error-checking code for the entire ICMP message.
Type-Specific Data ” This field can vary in length and is used to provide further data specific to the ICMP message type.

ICMP Message Types

Table 25.10 shows the different types of messages that make up ICMP. The numbers listed in the Message Type field are what will be found in the Type field of the ICMP message.

Table 25.10. ICMP Message Types

Message Type	Description
	Echo Reply
3	Destination Unreachable
4	Source Quench
5	Redirect Message
6	Alternate Host Address
8	Echo Request
9	Router Advertisement
10	Router Solicitation
11	Time Exceeded
12	Parameter Problem
13	Timestamp Request
14	Timestamp Reply
15	Information Request (no longer used)
16	Information Reply (no longer used)
17	Address Mask Request
18	Address Mask Reply
19	Reserved for Security
20 “29	Reserved for Robustness Experiment
30	Traceroute
31	Datagram Conversion Error
32	Mobile Host Redirect
33	IPv6 Where-Are-You
34	IPv6 I-Am-Here
35	Mobile Registration Request
36	Mobile Registration Reply
37	Domain Name Request
38	Domain Name Reply
39	SKIP
40	Photuris
41 “255	Reserved

The ping command uses the echo request and echo reply messages to determine whether a physical connection exists between systems. Another important function on the Internet is traffic control, and the source quench message can be sent to tell a sending host that the destination host cannot keep up with the speed at which it is sending packets. The transmitting computer can keep sending these quench messages until the sender scales back its transmissions to an acceptable rate.

A router uses another valuable function ICMP (the Redirect Message) to tell another router that it knows of a better path to a destination. Routers also can use the time-exceeded messages to report to another device as to why a packet was discarded.

Routers are not the only devices that use ICMP. Host computers can use ICMP. For example, when a computer boots and does not know what the network mask is for the local LAN, it can generate an address mask request message. Another device on the network can reply to assist the computer.

Note

The Information Request and Information Reply message types are shown in Table 25.10 only for completeness. Their functionality was originally developed to allow a host to obtain an IP address. This function is now supplied by the BOOTP protocol and by the Dynamic Host Configuration Protocol (DHCP). For more information about these protocols, see Chapter 29.

The Code field in the ICMP message is used for only some of the ICMP message types. The Destination Unreachable message has the largest number of code types. Table 25.11 lists these codes.

Table 25.11. ICMP Message Codes

Message Type	Code Field	Description
3		Network unreachable
	1	Host unreachable
	2	Protocol unreachable
	3	Port unreachable
	4	Fragmentation needed but the Don't Fragment bit is set
	5	Source route failed
	6	Destination network unknown
	7	Destination host unknown
	8	Source host isolated (no longer used)
	9	Destination network administratively prohibited
	10	Destination host administratively prohibited
	11	Network unreachable for TOS
	12	Host unreachable for TOS
	13	Communication administratively prohibited by filtering
	14	Host precedence violation
	15	Precedence cutoff in effect
5		Redirect for network
	1	Redirect for host
	2	Redirect for type of service and network
	3	Redirect for type of service and host
11		TTL equals zero during transit
	1	TTL equals zero during reassembly
12		IP header bad
	1	Required option missing

As you can see, ICMP can be used to compose quite detailed messages to indicate error conditions, offer advice on routing possibilities, and perform other functions that help make the Internet easier to manage.

Some situations will cause an ICMP message to not be generated. For example, ICMP messages are never created in response to an error in another ICMP message. That doesn't mean that ICMP messages can't be created in response to other ICMP messages, however. For example, the echo request and echo reply messages work together in a query/response format. Other instances that usually don't generate ICMP messages include these:

IP broadcast and multicast messages
Link-layer broadcast messages (that is, Ethernet frame broadcast messages)
Datagrams that have a source address that is not for a unique host, such as the loopback address
Messages that have been fragmented , except for the first fragment

If ICMP messages were allowed to correct problems with multicast or broadcast messages, a large number could be generated, causing the problem to become worse . This is the reason for most of the preceding conditions limiting the use of ICMP.

For the most part, the use of ICMP is described in other sections of this book where their use is employed. For example, Chapter 28 discusses using ICMP to implement the traceroute and ping commands. Some of these messages are not discussed in this book, either because they are no longer used (as indicated in the table) or because their use is trivial or rare.