1. Introduction
In this tutorial, we’ll discuss the basics of ICMP protocol for IPv4.
2. Internet Control Message Protocol (ICMP)
Internet Control Message Protocol (ICMP) is the network layer protocol in the Open Systems Interconnection (OSI) model. ICMP for IPv4 is defined in RFC 792, and ICMPv6 for IPv6 is defined in RFC 4443. This protocol diagnoses problems with network communications, such as network reachability, performance, error reporting, and congestion control.
ICMP messages support various functions in network communication, such as error reporting, network optimization, and device discovery. ICMP messages allow network devices to communicate more effectively and efficiently, and help administrators diagnose and resolve network problems.
3. ICMP Messages
ICMP messages are encapsulated in IP packets and sent between network devices. They have a predefined format:
The fields of an ICMP message are:
- Type, an integer defining the type of the error message
- Code, which specifies the subtype for the specific error message type
- Checksum, for error checking
- The rest of the header (specific for each ICMP type)
- Data section, which carries the information about the error.
We can categorize ICMP messages as error or query messages. The former report network issues, while ICMP query messages inquire about network components or verify the condition of a network path.
3.1. Error Messages
Network devices send ICMP error messages to notify senders about an error during packet delivery. The common error messages are:
- Destination unreachable
- Time exceeded
- Source quench
- Redirection
- Parameter problem
The “Destination unreachable” error occurs when a packet can’t reach its destination. When it doesn’t reach the destination, the interim router informs the sender that the destination isn’t reachable.
The “Time exceeded” error happens if there are too many routers between the sender and receiver. When a sender sends a packet, it moves through a routing loop. The timeout is based on a time-to-live (TTL) value. Each router decreases the value of the TTL by 1 when the packet passes through the routers. Whenever the TTL value reaches zero, the router eliminates the packet and sends a timeout message to the source.
There are no flow control or congestion control mechanisms at the network layer. Therefore, if the sender resends packets at a higher rate and the router cannot handle the high data rate, it will cause traffic congestion. To overcome this situation, routers send “Source quench” ICMP messages to instruct the sender to send packets at a slower rate.
The “Redirection” messages occur when a router needs to inform a sender to use a different path for a particular destination. Finally, the router and the destination host can send a “Parameter problem” message to signal that some parameters have wrong values.
3.2. Query Messages
Network devices send ICMP query messages to request information from another device. The most common query message is the “Echo request or reply“, which we use in the ping command to test network connectivity. The other messages are “Timestamp request or reply“, “Address mask request or reply“, and “Router Solicitation or advertisement“.
When the sender delivers an “Echo request” message to the receiver, it asks the receiver to send back an “Echo reply” to demonstrate that the two devices can communicate without connection issues.
A “Timestamp request” asks the receiver to reply with its current timestamp. The sender then uses the receiver’s timestamp to calculate the round trip time (RTT) and time offset between the two devices.
If the sender sends an “Address mask request” message, the receiver should respond with its subnet mask. The sender uses the returned subnet mask to determine the network and host of the target device’s IP address.
The “Router solicitation” and “Router advertisement” messages are generally used to configure IPv6 hosts and routers without manual administration. They also help to maintain a consistent and contemporary network topology.
4. Common Uses
The common uses of ICMP protocol include pinging, traceroutes, error notifications, and congestion control.
In pinging, ICMP tests the network connection between two network devices. Pinging a loopback address (localhost or 127.0.0.1) helps to test and troubleshoot loopback connection, networking software, and communication protocols.
Traceroute is a diagnostic tool that uses ICMP to determine the route of packets between two network devices and the RTT of each router along the path to the target host.
Error notifications indicate that there’s a problem with the network connection, e.g., that a packet is lost or a network device can’t be reached.
Finally, a network device that detects congestion can send an ICMP message to the source, requesting it reduces the transmission rate.
5. Conclusion
In this article, we looked at the ICMP messages, their formats, and the common usage of the ICMP protocol for IPV4.
ICMP is an important network protocol for diagnostic and management purposes, such as determining reachability, reporting errors, measuring network performance, and managing congestion.
Diagnosing and troubleshooting network problems and ensuring the smooth flow of network traffic would be difficult without ICMP.
IPv6 is a protocol of the network layer that is dedicated to packet switching on the internet and end-to-end data transmission across multiple networks, following the principles established in the previous version of the protocol, IPv4. ICMP in IPv6 functions similarly to ICMP in IPv4.