Internet Control Message Protocol (ICMP)

Overview

• ICMP is used primarily for error signaling between hosts and routers.
• Users typically interact with ICMP through programs like ping or traceroute.
• The section is short, consisting of only two slides, since the protocol is relatively simple.

Purpose of ICMP

• Facilitates communication of network-level information between hosts and routers.
• Often used for error reporting (e.g., when a network, host, port, or protocol is unreachable).
• ICMP messages are used in:
  • Ping
  • Traceroute

Technical Details

• ICMP messages are carried in an IP datagram payload, similar to UDP and TCP segments.
• ICMP's protocol number is 1 (first number), used for demultiplexing from IP to ICMP, UDP, or TCP.

ICMP Message Structure

• Contains:
  • 1 byte for type field
  • 1 byte for code field
  • 2 bytes for checksum field
  • Header and up to 8 bytes of the originating IP datagram

Example Message

• Type 11, Code 0: ICMP TTL expired message.
  • Indicates a datagram's TTL reached zero and was dropped by a router.

Traceroute Functionality

• Traceroute sends sets of UDP datagrams with increasing TTL values (1, 2, 3, etc.).
• Routers decrement the TTL; if it reaches zero, the datagram is dropped, and an ICMP TTL expired message is returned to the sender.
• The sender can track the path by the IP address of the router sending the ICMP message back.
• Round-trip time (RTT) can be measured based on the time taken to receive the ICMP message.

Final Notes

• When the UDP segment reaches the destination, the destination host may send an ICMP port unreachable message (Type 3, Code 3) back to the source.
• ICMP is a crucial tool for network management, alongside ping and traceroute.
• Many additional network management tools and techniques will be covered in the next section.