Internet Control Message Protocol
From Wikipedia, the free encyclopedia
The Internet Control Message Protocol (ICMP) is one of the core protocols of the Internet Protocol Suite. It is chiefly used by networked computers' operating systems to send error messages—indicating, for instance, that a requested service is not available or that a host or router could not be reached.
ICMP [1] relies on IP to perform its tasks, and it is an integral part of IP. It differs in purpose from transport protocols such as TCP and UDP in that it is typically not used to send and receive data between end systems. It is usually not used directly by user network applications, with some notable exceptions being the ping tool and traceroute.
ICMP for Internet Protocol version 4 (IPv4) is also known as ICMPv4. IPv6 has a similar protocol, ICMPv6.
| The Internet Protocol Suite | |
| Application Layer | |
|---|---|
| BGP · DHCP · DNS · FTP · GTP · HTTP · IMAP · IRC · Megaco · MGCP · NNTP · NTP · POP · RIP · RPC · RTP · RTSP · SDP · SIP · SMTP · SNMP · SOAP · SSH · Telnet · TLS/SSL · XMPP · (more) | |
| Transport Layer | |
| TCP · UDP · DCCP · SCTP · RSVP · ECN · (more) | |
| Internet Layer | |
| IP (IPv4, IPv6) · ICMP · ICMPv6 · IGMP · IPsec · (more) | |
| Link Layer | |
| ARP · RARP · NDP · OSPF · Tunnels (L2TP) · Media Access Control (Ethernet, MPLS, DSL, ISDN, FDDI) · Device Drivers · (more) | |
Contents |
[edit] Technical details
Internet Control Message Protocol is part of the Internet Protocol Suite as defined in RFC 792. ICMP messages are typically generated in response to errors in IP datagrams (as specified in RFC 1122) or for diagnostic or routing purposes.
ICMP messages are constructed at the IP layer, usually from a normal IP datagram that has generated an ICMP response. IP encapsulates the appropriate ICMP message with a new IP header (to get the ICMP message back to the original sending host) and transmits the resulting datagram in the usual manner.
For example, every machine (such as an intermediate router) that forwards an IP datagram has to decrement the time to live (TTL) field of the IP header by one; if the TTL reaches 0, an ICMP Time to live exceeded in transit message is sent to the source of the datagram.
Each ICMP message is encapsulated directly within a single IP datagram, and thus, like UDP, ICMP is unreliable.
Although ICMP messages are contained within standard IP datagrams, ICMP messages are usually processed as a special case, distinguished from normal IP processing, rather than processed as a normal sub-protocol of IP. In many cases, it is necessary to inspect the contents of the ICMP message and deliver the appropriate error message to the application that generated the original IP packet, the one that prompted the sending of the ICMP message.
Many commonly-used network utilities are based on ICMP messages. The traceroute command is implemented by transmitting UDP datagrams with specially set IP TTL header fields, and looking for ICMP Time to live exceeded in transit (above) and "Destination unreachable" messages generated in response. The related ping utility is implemented using the ICMP "Echo request" and "Echo reply" messages.
[edit] ICMP segment structure
[edit] Header
The ICMP header starts after bit 160 of the IP header (unless IP options are used).
| Bits | 160-167 | 168-175 | 176-183 | 184-191 |
|---|---|---|---|---|
| 160 | Type | Code | Checksum | |
| 192 | ID | Sequence | ||
- Type - ICMP type as specified below.
- Code - further specification of the ICMP type; e.g. : an ICMP Destination Unreachable might have this field set to 1 through 15 each bearing different meaning.
- Checksum - This field contains error checking data calculated from the ICMP header+data, with value 0 for this field.
- ID - This field contains an ID value, should be returned in case of ECHO REPLY.
- Sequence - This field contains a sequence value, should be returned in case of ECHO REPLY.
[edit] Padding data
Padding data follows the ICMP header (in octets):
- The Linux "ping" utility pads ICMP to a total size of 56 in addition to the 8 octet header.
- Windows "ping.exe" pads to a total size of 32 in addition to the 8 octet header.
[edit] List of permitted control messages (incomplete list)
| Type | Code | Description |
|---|---|---|
| 0 - Echo Reply | 0 | Echo reply (used to ping) |
| 1 and 2 | Reserved | |
| 3 - Destination Unreachable | 0 | Destination network unreachable |
| 1 | Destination host unreachable | |
| 2 | Destination protocol unreachable | |
| 3 | Destination port unreachable | |
| 4 | Fragmentation required, and DF flag set | |
| 5 | Source route failed | |
| 6 | Destination network unknown | |
| 7 | Destination host unknown | |
| 8 | Source host isolated | |
| 9 | Network administratively prohibited | |
| 10 | Host administratively prohibited | |
| 11 | Network unreachable for TOS | |
| 12 | Host unreachable for TOS | |
| 13 | Communication administratively prohibited | |
| 4 - Source Quench | 0 | Source quench (congestion control) |
| 5 - Redirect Message | 0 | Redirect Datagram for the Network |
| 1 | Redirect Datagram for the Host | |
| 2 | Redirect Datagram for the TOS & network | |
| 3 | Redirect Datagram for the TOS & host | |
| 6 | Alternate Host Address | |
| 7 | Reserved | |
| 8 - Echo Request | 0 | Echo request |
| 9 - Router Advertisement | 0 | Router Advertisement |
| 10 - Router Solicitation | 0 | Router discovery/selection/solicitation |
| 11 - Time Exceeded | 0 | TTL expired in transit |
| 1 | Fragment reassembly time exceeded | |
| 12 - Parameter Problem: Bad IP header | 0 | Pointer indicates the error |
| 1 | Missing a required option | |
| 2 | Bad length | |
| 13 - Timestamp | 0 | Timestamp |
| 14 - Timestamp Reply | 0 | Timestamp reply |
| 15 - Information Request | 0 | Information Request |
| 16 - Information Reply | 0 | Information Reply |
| 17 - Address Mask Request | 0 | Address Mask Request |
| 18 - Address Mask Reply | 0 | Address Mask Reply |
| 19 | Reserved for security | |
| 20 through 29 | Reserved for robustness experiment | |
| 30 - Traceroute | 0 | Information Request |
| 31 | Datagram Conversion Error | |
| 32 | Mobile Host Redirect | |
| 33 | Where-Are-You (originally meant for IPv6) | |
| 34 | Here-I-Am (originally meant for IPv6) | |
| 35 | Mobile Registration Request | |
| 36 | Mobile Registration Reply | |
| 37 | Domain Name Request | |
| 38 | Domain Name Reply | |
| 39 | SKIP Algorithm Discovery Protocol, Simple Key-Management for Internet Protocol | |
| 40 | Photuris, Security failures | |
| 41 | ICMP for experimental mobility protocols such as Seamoby [RFC4065] | |
| 42 through 255 | Reserved |
(Sources: IANA ICMP Parameters [1] and Computer Networking - A Top-Down Approach by Kurose and Ross)
[edit] See also
[edit] References
- ^ "RFC 792 INTERNET CONTROL MESSAGE PROTOCOL; DARPA INTERNET PROGRAM; PROTOCOL SPECIFICATION; Introduction". J. Postel (Internet RFC/STD/FYI/BCP Archives). 1981-09-01. http://www.faqs.org/rfcs/rfc792.html. Retrieved on 2008-05-16.
[edit] External links
- RFC 792, Internet Control Message Protocol
- ICMP Sequence Diagram
- RFC 1122, Requirements for Internet Hosts -- Communication Layers
- RFC 1716, Towards Requirements for IP Router
- Filtering ICMP on firewalls
- IANA
![[1]](http://freebie.fatpipe.org/~mjb/Drawings/UDP_ICMP_Headers.png){kind=link}