🌐

Understanding ICMP Protocol Functions

Apr 29, 2025

Internet Control Message Protocol (ICMP)

Overview

  • ICMP is used primarily for error signaling between hosts and routers.
  • Users typically interact with ICMP through programs like ping or traceroute.
  • The section is short, consisting of only two slides, since the protocol is relatively simple.

Purpose of ICMP

  • Facilitates communication of network-level information between hosts and routers.
  • Often used for error reporting (e.g., when a network, host, port, or protocol is unreachable).
  • ICMP messages are used in:
    • Ping
    • Traceroute

Technical Details

  • ICMP messages are carried in an IP datagram payload, similar to UDP and TCP segments.
  • ICMP's protocol number is 1 (first number), used for demultiplexing from IP to ICMP, UDP, or TCP.

ICMP Message Structure

  • Contains:
    • 1 byte for type field
    • 1 byte for code field
    • 2 bytes for checksum field
    • Header and up to 8 bytes of the originating IP datagram

Example Message

  • Type 11, Code 0: ICMP TTL expired message.
    • Indicates a datagram's TTL reached zero and was dropped by a router.

Traceroute Functionality

  • Traceroute sends sets of UDP datagrams with increasing TTL values (1, 2, 3, etc.).
  • Routers decrement the TTL; if it reaches zero, the datagram is dropped, and an ICMP TTL expired message is returned to the sender.
  • The sender can track the path by the IP address of the router sending the ICMP message back.
  • Round-trip time (RTT) can be measured based on the time taken to receive the ICMP message.

Final Notes

  • When the UDP segment reaches the destination, the destination host may send an ICMP port unreachable message (Type 3, Code 3) back to the source.
  • ICMP is a crucial tool for network management, alongside ping and traceroute.
  • Many additional network management tools and techniques will be covered in the next section.