ICMP

The Internet Control Message Protocol is an integral part of IP designed to facilitate the transmission of notification messages between gateways and source hosts where requests for diagnostic information, support of routing, and as a means of reporting errors in datagram processing are needed. The purpose of these control messages is to provide feedback about problems in the communication environment, and does not guarantee that a datagram will be delivered, or that a control message will be returned.

ICMP (Routing)

• ICMP Redirect messages represent a common scenario where ICMP is used as a means of facilitating routing functions. In the example, a packet is forwarded to the gateway by host A based on the gateway address of host A. The gateway identifies that the packet received is destined to be forwarded to the address of the next gateway which happens to be part of the same network as the host that originated the packet, highlighting a non-optimal forwarding behavior between the host and the gateways.
• In order to resolve this, a redirect message is sent to the host. The redirect message advises the host to send its traffic for the intended destination directly to the gateway to with which the destination network is associated, since this represents a shorter path to the destination. The gateway proceeds however to forward the data of the original packet to its intended destination.

ICMP (Diagnostics)

• Two separate messages are used for the request and reply.
• Commonly associated with the Ping application.

• ICMP echo messages represent a means of diagnosis for determining primarily connectivity between a given source and destination, but also provides additional information such as the round trip time for transmission as a diagnostic for measuring delay. Data that is received in the echo message is returned as a separate echo reply message.

ICMP (Errors)

• ICMP provides various error reporting messages that often determine reachability issues and generate specific error reports that allow a clearer understanding from the perspective of the host as to why transmission to the intended destination failed.
• Typical examples include cases where loops may have occurred in the network, and consequentially caused the time to live parameter in the IP header to expire, resulting in a “ttl exceeded in transit” error message being generated. Other examples include an intended destination being unreachable, which could relate to a more specific issue of the intended network not being known by the receiving gateway, or that the intended host within the destination network not being discovered. In all events an ICMP message is generated with a destination based on the source IP address found in the IP header, to ensure the message notifies the sending host.

ICMP Format

• The format of the ICMP message relies on two fields for message identification in the form of a type/code format, where the type field provides a general description of the message type, and the code and a more specific parameter for the message type.
• A checksum provides a means of validating the integrity of the ICMP message. An additional 32 bits are included to provide variable parameters, often unused and thus set as 0 when the ICMP message is sent,
• As a final means of tracing data to a specific process, the ICMP message may carry the IP header and a portion of the data that contains upper layer information that enables the source to identify the process for which an error occurred

ICMP Type & Code Fields

• The Type value represents the format of a message
• The Code value provides a more specific message description.

• A wide number of ICMP type values exist to define clearly the different applications of the ICMP control protocol. In some cases the code field is not required to provide a more specific entry to the type field, as is found with echo requests that have a type field of 8 and the corresponding reply, which is generated and sent as a separate ICMP message to the source address of the sender, and defined using a type field of 0.

Alternatively, certain type fields define a very general type for which the variance is understood through the code field, as in the case of the type 3 parameter. A type field of 3 specifies that a given destination is unreachable, while the code field reflects the specific absence of either the network, host, protocol, port (TCP/UDP), ability to perform fragmentation (code 4), or source route (code 5) in which a packet, for which a forwarding path through the network is strictly or partially defined, fails to reach its destination