The Internet Control Message Protocol (ICMP)

ICMP Headers

ICMP messages are carried as the payload of IP packets (the protocol value reserved for ICMP is 1). An ICMP message is composed of an 8-byte header and a variable-length payload that usually contains the first bytes of the packet that triggered the transmission of the ICMP message.

In the ICMP header (purple in the diagram above):

• The Type and Code fields indicate the type of problem that was detected by the sender of the ICMP message.

• The Checksum protects the entire ICMP message against transmission errors

• The Data field contains additional information for some ICMP messages.

ICMP Messages

The main types of ICMP messages are:

1. Destination unreachable: A destination unreachable ICMP message is sent when a packet can’t be delivered to its destination due to routing problems. Different types of unreachability are distinguished:

   • Network unreachable: This ICMP message is sent by a router that does not have a route for the subnet containing the destination address of the packet.

   • Host unreachable: This ICMP message is sent by a router that is attached to the subnet that contains the destination address of the packet, but this destination address cannot be reached at this time.

   • Protocol unreachable: This ICMP message is sent by a destination host that has received a packet, but doesn’t support the transport protocol indicated in the packet’s Protocol field.

   • Port unreachable: This ICMP message is sent by a destination host that has received a packet destined to a port number, but no server process is bound to this port.

2. Fragmentation needed: This ICMP message is sent by a router that receives a packet with the Don’t Fragment flag set that is larger than the MTU of the outgoing interface.

3. Redirect: This ICMP message can be sent when there are two routers on the same LAN.

   • Example: Consider a LAN with one host and two routers: R1 and R2. Assume that R1 is also connected to subnet 130.104.0.0/16 while R2 is connected to subnet 138.48.0.0/16. If a host on the LAN sends a packet towards 130.104.1.1 to R2, R2 needs to forward the packet again on the LAN to reach R1. This is not optimal, since the packet is sent twice on the same LAN. In this case, R2 could send an ICMP Redirect message to the host to inform it that it should have sent the packet directly to R1. This allows the host to send the other packets to 130.104.1.1 directly via R1.

4. Parameter problem: This ICMP message is sent when a router or a host receives an IP packet containing an error (e.g. an invalid option).

• Source quench: It was envisioned that a router would send this ICMP message when it had to discard packets due to congestion. However, sending ICMP messages in case of congestion was not the best way to reduce congestion. And since the inclusion of a congestion control scheme is in TCP, this ICMP message has been deprecated.

5. Time Exceeded: There are two types of Time Exceeded ICMP messages.

   • TTL exceeded: A TTL exceeded message is sent by a router when it discards an IPv4 packet because its TTL reached 0 to the sender of the packet.

   • Reassembly time exceeded: This ICMP message is sent when a destination has been unable to reassemble all the fragments of a packet before the expiration of its reassembly timer.

6. Echo request & Echo reply: These ICMP messages are used by the ping(8) network debugging software. Let’s have a look at ping next.

Quick Quiz!

---

In the next lesson, we’ll send real ICMP messages with command-line tools like ping and traceroute!