Internet Control Message Protocol (ICMP)

Overview

• ICMP is primarily used for signaling error conditions between hosts and routers.
• Commonly encountered through tools like ping and traceroute.
• Important for network diagnostics and management.
• Simple protocol, often invisible to regular users but vital for network operation.

Characteristics

• ICMP Messages: Contain network-level information, often used for error reporting (e.g., unreachable network/host/port/protocol).
• Payload: ICMP messages are carried as payload inside IP datagrams, similar to UDP and TCP.
• Protocol Number: ICMP has the protocol number 1, the first in the list, important for demultiplexing in IP.

ICMP Message Structure

• Type Field: 1 byte
• Code Field: 1 byte
• Checksum Field: 2 bytes
• Additional Data: Includes header and up to 8 bytes of the IP datagram causing the ICMP message.
• Example: Type 11, Code 0 indicates a TTL expired message.

Traceroute and ICMP

• Functionality: Uses ICMP messages to trace the path of packets in a network.
• Process:
  • Sends sets of UDP datagrams with increasing TTL values.
  • Routers decrement TTL and if TTL hits zero, drop the packet and may send back an ICMP TTL expired message.
  • IP address in the ICMP message indicates the router where the packet was dropped.
• RTT Measurement: Time from sending a datagram to receiving an ICMP message is recorded, providing the round-trip time (RTT).
• Completion: If destination host is reached, it may return an ICMP port-unreachable message (type 3, code 3).

Limitations & Flexibility

• Routers may, but are not required to send ICMP messages (RFC 792).
• Provides essential, but not exhaustive, network management capabilities.

Conclusion

• ICMP is a critical tool in network management, particularly with tools like ping and traceroute being widely used.
• Focus on network management tools will continue in the next section.