Transcript for:
Understanding ICMP Protocol Functions

[Music] in this section we're going to cover the internet control message protocol icmp icmp is used mostly to signal error conditions between hosts and routers so users don't see it much unless they run programs like ping or traceroute but as networking students it's good for us to know a little bit about icmp they've got great news for you this is a really short section i've only got two slides it's going to be short and sweet since the protocol itself is pretty simple so let's get started the icmp protocol is used by hosts and routers to communicate to signal network level information to each other often this information is in the form of error reporting for example a network or a host or a port or protocol that's unreachable and icmp messages are also used in ping and trace route icmp messages are carried directly as payload inside an ip datagram just like udp and tcp segments are carried as payload inside an ip datagram so in that sense we can think of icmp as a sibling protocol to udp or tcp but we really won't think of it as a transport layer protocol as an upper layer protocol icmp also has a protocol number its protocol number is one it's the very first number and as you as you remember this protocol number is used for demultiplexing up from ip whether it be to icmp to udp or to tcp an icmp message has a one byte type field a one byte code field two byte checksum field and then the header and up to eight bytes of the ip datagram that caused an icmp message to be issued in the first place for example it might contain the first eight bytes of the datagram whose ttl was exceeded you can see the type and the code fields shown here you might note that type 11 code 0 is the icmp ttl expired message which means that a router's received a datagram decremented the ttl field and the ttl field is now zero this message is going to be key to how traceroute works well with this is background you can probably already figure out how the traceroute program works traceroute works by sending a set usually a set of three udp datagrams towards a destination the first set of datagrams is sent with an iptl field value set to one the second set is set with a ttl value of two the third is set with a ttl value of three and so on now remember an ip router when it forwards datagrams always has to decrement the ttl field and when that ttl field is decremented to xero that datagram needs to be dropped at that router that router may also send back an icmp message back to the source indicating that the ttl value has expired and the ip address of the message containing that icmp ttl expired message is the ip address of the router where that packet was dropped and so voila if a sender sends a udp segment with a ttl value of n the reply back from the router is the router that's n hops away on the path towards that destination now i've used the word may a couple of times here rc 792 doesn't require that icmp messages be sent by a router it just says that they may be sent in traceroute the source also records the amount of time from when it sent an ip datagram to the time when the corresponding icmp message is received from the router that's a measurement of the rtt from the host to that router when a udp segment that's sent eventually reaches the destination host that destination host will typically return an icmp port unreachable message type 3 code 3 but it's not required to do so but if a source receives the support unreachable message it knows that it's reached the end of the path well i promise you this section would be short and sweet and so it is promise kept you know we can think of icmp as a tool that can be used for network management tools like ping and traceroute have been used by network managers for decades but there are many more tools and techniques for network management beyond ping and traceroute we're going to cover those in the next [Music] section you