Internet Control Message Protocol (ICMP)

This is an INFORMATIONAL section on ICMP, it provides background information for the applications PING and TRACEROUTE.

Purpose of ICMP

The Internet Control Message Protocol is a protocol for the exchange of error messages and other vital information between (Physical) Internet entities such as hosts and routers.

ICMP in the TCP/IP protocol suite

ICMP is a network layer protocol, often it is placed next to the IP protocol. Normally, ICMP is used by the IP network layer to exhange e.g. error messages. However, applications may also use ICMP, two such popular applications are PING and TRACEROUTE. These applications allow user-intitiated network diagnostics (as will be exercised in the training).

ICMP in the Internet

ICMP is not 'supported' by all equipment. In particular firewalls are often configured as to block ICMP messages. Hence, hosts residing at the other side of such a firewall cannot be reached by ICMP messages.

Structure and types of ICMP messages

ICMP messages are transmitted as encapsulated IP datagrams, that is, and ICMP message is transmitted as data of an IP packet (see figure below).

Figure 1: Encapsulation of ICMP messages in IP packets.

The ICMP message itself consists of a header and data, the length of the data depends on the message type and code. The figure below shows the structure of an ICMP message.

ICMP message format

Figure 2: ICMP message format.

A number of possible ICMP message types is given in the Table below (for a full list we refer to the sources listed at the end of this page).

type code description Query/Error

0 0 Echo reply (see e.g. PING) Query

3 1 Host unreachable Error

3 3 Port unreachable (see e.g. TRACEROUTE) Error

8 0 Echo request (see e.g. PING) Query

11 0 Time-to-live equals 0 during transit (see e.g. TRACEROUTE) Error

12 0 Bad IP header Error

13 0 Timestamp request Query

14 0 Timestamp reply Query

As can be seen in the table ICMP message can either be an error message or a query message. In general ICMP error messages types are treated differently than ICMP query message types, as a rule of thumb the following rules apply:

When an ICMP request message type is received by a device (an ICMP request), another ICMP message type be be send back (an ICMP reply).
When an ICMP error message type is received by a device, it may not generate a new error message in respons to this message.

This last rule is very important, because if it would not be obeyed situations may occur in which floods of ICMP messages are being generated causing severe congestion problems.

type	code	description	Query/Error
0	0	*Echo reply* (see e.g. PING)	Query
3	1	Host unreachable	Error
3	3	*Port unreachable* (see e.g. TRACEROUTE)	Error
8	0	*Echo request* (see e.g. PING)	Query
11	0	*Time-to-live equals 0 during transit* (see e.g. TRACEROUTE)	Error
12	0	Bad IP header	Error
13	0	Timestamp request	Query
14	0	Timestamp reply	Query

Internet Control Message Protocol (ICMP)

Purpose of ICMP

ICMP in the TCP/IP protocol suite

ICMP in the Internet

Structure and types of ICMP messages

Further readings