Internet Command Message Protocol
(ICMP)
CS-431
Dick Steflik

ICMP
•
Internet Command Message Protocol (ICMP)
•
RFC 792
•
Used to communicate IP status and error messages
between host and routers

ICMP
•
Used to communicate IP status and error messages
between hosts and routers
•
Uses IP to route its messages between hosts
•
Must be implemented with IP
•
remember, IP is just a packet delivery system
•
transmits and routes datagrams from sources to destinations through a
series of interconnected networks
•
it has a checksum in the IP header to detect lost bits
–

no error detection on the datagram payload though
•
but has no native mechanism for source host notification
•
This is where ICMP comes in
•
its used to report IP errors to the source host
•
ICMP data is carried as the payload of an IP datagram
•
specifies additional message formats within this area

Basic ICMP Header
•
Headers are 32 bits in length; all contain same three fields
•
type - 8 bit message type code
•
thirteen message type are defined
•
code - 8 bit; indicating why message is being sent
•
checksum - standard internet checksum
•
16 bit 1’s complement sum of the payload and header
–
for purpose of calculation the checksum field is set to zero

ICMP Message types
•

0 - Echo Reply
•
3 - Destination Unreachable
•
4 - Source Quench
•
5 - Redirect
•
8 - Echo
•
11 - Time Exceeded
•
12 - Parameter Problem
•
13 - Timestamp
•
14 - Timestamp Reply
•
15 - Information Request
•
16 - Information Reply
•
17 - Address Mask Request
•
18 - Address Mask Reply

Destination Unreachable (3)
•
ICMP header (4 bytes) + unused 32 bits (4 bytes) + IP header (24
bytes) + first 64 bits of data (8 bytes) = 40 bytes

•
Codes:
•
0 - net unreachable ; 1 - host unreachable
•
2 - protocol unreachable ; 3 - port unreachable
•
sent by destination host IP module
•
4 - fragmentation needed DF set ; 5 source route failed
•
6 - destination network unknown ; 7 destination host unknown
•
8 - source host isolated ; 9 - comm. with destn network prohibited
•
10 - comm. With dest host prohibited ; 11 - network unreachable for service
•
12 - host unreachable for service
•
Sent to originating host because destination is unreachable
•
may be determined by a router
•
destination IP may find the indicated protocol unavailable
•
Don’t Fragment (DF) bit in the IP header is set but fragmentation is required
to continue forwarding

Source Quench (4)
•

Same message format as type 3
•
Code : 0
•
Sent to a host when an intermediate router or the
destination host with the source host’s transmission rate
•
may be sent to a source when a router is saturated
•
may be sent by a receiving host if it receive buffers are filling up
•
Upon receipt the source host should throttle back on its
transmission rate until the Source Quench goes away.
•
Can then increase its transmission rate

Redirect (5)
•
Same format as type 3
•
Code:
•
0 - redirect datagrams for the network
•
1 - redirect datagrams for the host
•
2 - redirect datagrams for the type of service and the network
•
3 - redirect datagrams for the type of service and host
•

a router sends a message to a host when it determines a
datagram that originated from the host must be forwarded
to router that can be directly reached
•
allows the host to sent future datagrams to the optimal first-hop
router increasing network efficiency
•
not used for datagrams that have source routing options

Echo (8)/Echo Reply (0)
•
ICMP header (4 bytes) + identifier (2 bytes) + sequence
number (2 bytes) + data (4 bytes)
•
identifier - used to match Echoes and Echo Replies
•
sequence - used to match Echoes with Echo Replies
•
Used to determine if a host is reachable
•
a host receiving an echo message
•
reverses the IP source and destination addresses
•
sets the ICMP type field to zero (echo reply)
•
recomputes the ICMP checksum
•
identifier, sequence and data are sent back unchanged


Time Exceeded (11)
•
Same format as type 3
•
Code:
•
0 - time to live exceeded in transit
•
1 - fragment reassembly time exceeded
•
Time exceeded message is sent if:
•
a router finds a datagram with TTL set to zero
•
router discards the datagram and sends message with code field set to 0
•
a host does not receive all of the fragments of a datagram before its
local reassemble timer expires
•
host discards all fragments and return message with code field set to 1

Parameter Problem (12)
•
ICMP Header (4 bytes) + pointer (1 byte) + unused (3 bytes)
+ IP header (24 bytes) + first 64 bits of data (8 bytes)
•
pointer - identifies octet where error occurred
•
Code:
•

0 - misc parameter problem
•
2 - required option missing
•
sent to a host when a router or host processing a datagram
finds a problem with the information in the datagram.
•
Only sent if the datagram had to be discarded
•
pointer field is zero based
–
ex: 1 indicates problem with type of service; 20 indicates first option

Timestamp(13)/Timstamp Reply(14)
•
ICMP Header (4 bytes) + identifier (2 bytes) + seq num (2
bytes) + Originate Timestamp (4 bytes) + Receive
Timestamp (4 bytes) + Transmit Timestamp (4 bytes)
•
Timestamps are number of msec past midnight UTC
•
used to determine the latency between the sender and
receiver
•
receiver forms a message by
•
reversing the originate and destination addr in the IP header
•
setting ICMP type code to 14
•

updating the timestamp fields
•
recomput the ICMP checksum

Info Request (15)/Info Reply(16)
•
Same as type 8, but no data
•
Code: 0
•
used by a host to determine the network number the host
resides on
•
receiver
•
reverses the source and destination addresses in the IP header
•
set the correct network number
•
set ICMP type to 16
•
recompute the ICMP checksum
•
Obsolete; shouldn’t be used replaced by BOOTP and
RARP

Addr Mask Rqst (17)/Addr Mask Reply(18)
•
ICMP Header (4 bytes) + identifier (2 bytes) + seq.num. (2
bytes) + addr mask (4 bytes)

•
identifier - used to match requests with replies.
•
seq.num. - used to match requests with replies.
•
Hosts and routers can request the subnet address mask for
the network they reside on at boot time.
•
Host or router broadcasts it on the local network
•
a receiving router should return it in a reply message
•
This message is defined in RFC 950

ICMPv6
•
New version of ICMP to go along with IPv6
•
Absorbs many IGMP and ARP functions
•
Used for:
•
Reporting errors in IP packet processing
•
Performing diagnostics
•
performing Neighbor Discovery and reporting
IPv6 multicast memberships
•
Two types of messages:

•
Error messages
•
Information messages

Error Message Categories
•
Destination Unreachable
•
Packet too big
•
Time exceeded
•
Parameter problem

Informational Messages
•
Diagnostic messages
•
Multicast group management messages
•
Neighbor discovery messages

•
Every ICMPv6 message is preceeded by an
IPv6 header and 0 or more IPv6 extension
headers.
•
A next header field of 58 nidentifies the
ICMPv6 message (different than IPv4)


Message Format
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|
| Type | Code | Checksum |
|-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|
| |
| Message Body |
| |
| + +