Internet Command Message Protocol

(ICMP)

CS-480b
Dick Steflik
ICMP
• Internet Command Message Protocol (ICMP)

• RFC 792

• Used to communicate IP status and error messages

between host and routers
ICMP
• Used to communicate IP status and error messages
between hosts and routers
• Uses IP to route its messages between hosts
• Must be implemented with IP
• remember, IP is just a packet delivery system
• transmits and routes datagrams from sources to destinations through a
series of interconnected networks
• it has a checksum in the IP header to detect lost bits
– no error detection on the datagram payload though
• but has no native mechanism for source host notification
• This is where ICMP comes in
• its used to report IP errors to the source host
• ICMP data is carried as the payload of an IP datagram
• specifies additional message formats within this area
Basic ICMP Header
• Headers are 32 bits in length; all contain same three fields
• type - 8 bit message type code
• thirteen message type are defined
• code - 8 bit; indicating why message is being sent
• checksum - standard internet checksum
• 16 bit 1’s complement sum of the payload and header
– for purpose of calculation the checksum field is set to zero
ICMP Message types
• 0 - Echo Reply
• 3 - Destination Unreachable
• 4 - Source Quench
• 5 - Redirect
• 8 - Echo
• 11 - Time Exceeded
• 12 - Parameter Problem
• 13 - Timestamp
• 14 - Timestamp Reply
• 15 - Information Request
• 16 - Information Reply
• 17 - Address Mask Request
• 18 - Address Mask Reply
 Destination Unreachable (3)
• ICMP header (4 bytes) + unused 32 bits (4 bytes) + IP header (24
bytes) + first 64 bits of data (8 bytes) = 40 bytes
• Codes:
• 0 - net unreachable ; 1 - host unreachable
• 2 - protocol unreachable ; 3 - port unreachable
• sent by destination host IP module
• 4 - fragmentation needed DF set ; 5 source route failed
• 6 - destination network unknown ; 7 destination host unknown
• 8 - source host isolated ; 9 - comm. with destn network prohibited
• 10 - comm. With dest host prohibited ; 11 - network unreachable for service
• 12 - host unreachable for service
• Sent to originating host because destination is unreachable
• may be determined by a router
• destination IP may find the indicated protocol unavailable
• Don’t Fragment (DF) bit in the IP header is set but fragmentation is required
to continue forwarding
Source Quench (4)
• Same message format as type 3
• Code : 0
• Sent to a host when an intermediate router or the
destination host with the source host’s transmission rate
• may be sent to a source when a router is saturated
• may be sent by a receiving host if it receive buffers are filling up
• Upon receipt the source host should throttle back on its
transmission rate until the Source Quench goes away.
• Can then increase its transmission rate
Redirect (5)
• Same format as type 3
• Code:
• 0 - redirect datagrams for the network
• 1 - redirect datagrams for the host
• 2 - redirect datagrams for the type of service and the network
• 3 - redirect datagrams for the type of service and host
• a router sends a message to a host when it determines a
datagram that originated from the host must be forwarded
to router that can be directly reached
• allows the host to sent future datagrams to the optimal first-hop
router increasing network efficiency
• not used for datagrams that have source routing options
Echo (8)/Echo Reply (0)
• ICMP header (4 bytes) + identifier (2 bytes) + sequence
number (2 bytes) + data (4 bytes)
• identifier - used to match Echoes and Echo Replies
• sequence - used to match Echoes with Echo Replies
• Used to determine if a host is reachable
• a host receiving an echo message
• reverses the IP source and destination addresses
• sets the ICMP type field to zero (echo reply)
• recomputes the ICMP checksum
• identifier, sequence and data are sent back unchanged
Time Exceeded (11)
• Same format as type 3
• Code:
• 0 - time to live exceeded in transit
• 1 - fragment reassembly time exceeded
• Time exceeded message is sent if:
• a router finds a datagram with TTL set to zero
• router discards the datagram and sends message with code field set to 0
• a host does not receive all of the fragments of a datagram before its
local reassemble timer expires
• host discards all fragments and return message with code field set to 1
Parameter Problem (12)
• ICMP Header (4 bytes) + pointer (1 byte) + unused (3 bytes)
+ IP header (24 bytes) + first 64 bits of data (8 bytes)
• pointer - identifies octet where error occurred
• Code:
• 0 - misc parameter problem
• 2 - required option missing
• sent to a host when a router or host processing a datagram
finds a problem with the information in the datagram.
• Only sent if the datagram had to be discarded
• pointer field is zero based
– ex: 1 indicates problem with type of service; 20 indicates first option
Timestamp(13)/Timstamp Reply(14)
• ICMP Header (4 bytes) + identifier (2 bytes) + seq num (2
bytes) + Originate Timestamp (4 bytes) + Receive
Timestamp (4 bytes) + Transmit Timestamp (4 bytes)
• Timestamps are number of msec past midnight UTC
• used to determine the latency between the sender and
receiver
• receiver forms a message by
• reversing the originate and destination addr in the IP header
• setting ICMP type code to 14
• updating the timestamp fields
• recomput the ICMP checksum
Info Request (15)/Info Reply(16)
• Same as type 8, but no data
• Code: 0
• used by a host to determine the network number the host
resides on
• receiver
• reverses the source and destination addresses in the IP header
• set the correct network number
• set ICMP type to 16
• recompute the ICMP checksum
• Obsolete; shouldn’t be used replaced by BOOTP and
RARP
Addr Mask Rqst (17)/Addr Mask Reply(18)
• ICMP Header (4 bytes) + identifier (2 bytes) + seq.num. (2
bytes) + addr mask (4 bytes)
• identifier - used to match requests with replies.
• seq.num. - used to match requests with replies.
• Hosts and routers can request the subnet address mask for
the network they reside on at boot time.
• Host or router broadcasts it on the local network
• a receiving router should return it in a reply message
• This message is defined in RFC 950
 ICMPv6
• New version of ICMP to go along with IPv6
• Absorbs many IGMP and ARP functions
• Used for:
• Reporting errors in IP packet processing
• Performing diagnostics
• performing Neighbor Discovery and reporting
IPv6 multicast memberships
• Two types of messages:
• Error messages
• Information messages
 Error Message Categories
• Destination Unreachable
• Packet too big
• Time exceeded
• Parameter problem
 Informational Messages
• Diagnostic messages
• Multicast group management messages
• Neighbor discovery messages
• Every ICMPv6 message is preceeded by an
IPv6 header and 0 or more IPv6 extension
headers.
• A next header field of 58 nidentifies the
ICMPv6 message (different than IPv4)
 Message Format

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|
| Type | Code | Checksum |
|-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|
| |
| Message Body |
| |
| +-------------------------------------------------------------+