Internet Control Message Protocol (ICMP)

Overview

ICMP is primarily used for signaling error conditions between hosts and routers.
Users typically interact with ICMP through tools like ping and traceroute.
This section covers the basics of ICMP, consisting of two slides.

ICMP is used by hosts and routers to communicate network-level information, particularly for error reporting.
- Examples of errors: Network unreachable, host unreachable, port unreachable, protocol unreachable.
ICMP messages are carried as payloads inside IP datagrams, similar to UDP and TCP segments.
- This positions ICMP as a sibling protocol to UDP and TCP, but it is not considered a transport layer protocol.

Protocol Number: ICMP has a protocol number of 1.
- Used for demultiplexing from IP to ICMP, UDP, or TCP.
ICMP Message Structure:
- 1 byte for Type
- 1 byte for Code
- 2 bytes for Checksum
- Header and up to 8 bytes of the IP datagram that triggered the ICMP message.
- Example: Type 11, Code 0 indicates "TTL expired" message.

Traceroute sends sets of UDP datagrams towards a destination with incrementing TTL values:
- First set: TTL = 1
- Second set: TTL = 2
- Third set: TTL = 3
Routers decrement the TTL field; if it reaches zero, the packet is dropped and an ICMP TTL expired message may be sent back to the source.
- The source can determine which router dropped the packet based on the IP address in the ICMP message.
The time from sending the IP datagram to receiving the ICMP message is recorded to calculate Round Trip Time (RTT).

If a UDP segment reaches the destination, the destination may respond with an ICMP Port Unreachable message (Type 3, Code 3).
This indicates that the source has reached the end of the path.
ICMP serves as a tool for network management, commonly used in tools like ping and traceroute.
More advanced network management techniques will be discussed in the next section.