By:Syed Muhammad Ahsan

15

Table Of Content:
What is ICMP Basic ICMP Header

ICMP Messages.

What is ICMP:
Internet Command Message Protocol (ICMP). RFC 792. Used to communicate IP status and error messages between host and routers.

Uses IP to route its messages between hosts. Must be implemented with IP:
Remember, IP is just a packet delivery system

Transmits and routes data grams from sources to destinations through a series of interconnected networks it has a checksum in the IP header to detect lost bits

no error detection on the datagram payload though

but has no native mechanism for source host notification

This is where ICMP comes in

its used to report IP errors to the source host ICMP data is carried as the payload of an IP datagram specifies additional message formats within this area

Basic ICMP Header:

Headers are 32 bits in length; all contain same three fields
type - 8 bit message type code

thirteen message type are defined

code - 8 bit; indicating why message is being sent checksum - standard internet checksum

16 bit is complement sum of the payload and header

for purpose of calculation the checksum field is set to zero

0
Code

15

16
Checksum

31

Content Specific

ICMP Message Types:

Type Code 0 3 4 5 8 11 12 13 14 15 16 17 18

- Meaning - Echo Reply - Destination Unreachable - Source Quench - Redirect - Echo - Time Exceeded - Parameter Problem - Timestamp - Timestamp Reply - Information Request - Information Reply - Address Mask Request - Address Mask Reply

ICMP Message Types:

Destination Unreachable (3)

ICMP header (4 bytes) + identifier (2 bytes) + sequence number (2 bytes) + data (4 bytes) identifier - used to match Echoes and Echo Replies sequence - used to match Echoes with Echo Replies Used to determine if a host is reachable a host receiving an echo message reverses the IP source and destination addresses sets the ICMP type field to zero (echo reply) Re computes the ICMP checksum identifier, sequence and data are sent back unchanged

ICMP Message Types:

Destination Unreachable (3)
ICMP header (4 bytes) + unused 32 bits (4 bytes) + IP header (24 bytes) + first 64 bits of data (8 bytes) = 40 bytes Codes: 0 - net unreachable ; 1 - host unreachable 2 - protocol unreachable ; 3 - port unreachable sent by destination host IP module 4 - fragmentation needed DF set ; 5 source route failed 6 - destination network unknown ; 7 destination host unknown 8 - source host isolated ; 9 - comm. with destn network prohibited 10 - comm. With dest host prohibited ; 11 - network unreachable for service 12 - host unreachable for service
Sent to originating host because destination is unreachable
may be determined by a router destination IP may find the indicated protocol unavailable Dont Fragment (DF) bit in the IP header is set but fragmentation is required to continue

forwarding

ICMP Message Types:

Source Quench (4)
Same message format as type 3 Code : 0 Sent to a host when an intermediate router or the destination host with the source hosts transmission rate may be sent to a source when a router is saturated may be sent by a receiving host if it receive buffers are filling up Upon receipt the source host should throttle back on its transmission rate until the Source Quench goes away. Can then increase its transmission rate

ICMP Message Types:

Redirect (5)

Same format as type 3 Code: 0 - redirect data grams for the network 1 - redirect data grams for the host 2 - redirect data grams for the type of service and the network 3 - redirect data grams for the type of service and host a router sends a message to a host when it determines a datagram that originated from the host must be forwarded to router that can be directly reached allows the host to sent future data grams to the optimal first-hop router increasing network efficiency not used for data grams that have source routing options

ICMP Message Types:

Time Exceed (11)

Same format as type 3 Code: 0 - time to live exceeded in transit 1 - fragment reassembly time exceeded

Time exceeded message is sent if: a router finds a datagram with TTL set to zero router discards the datagram and sends message with code field set to 0 a host does not receive all of the fragments of a datagram before its local reassemble timer expires host discards all fragments and return message with code field set to 1

ICMP Message Types:

Parameter Problem (12)
ICMP Header (4 bytes) + pointer (1 byte) + unused (3 bytes) + IP header (24 bytes) + first 64

bits of data (8 bytes)

pointer - identifies octet where error occurred

Code: 0 - misc parameter problem 2 - required option missing sent to a host when a router or host processing a datagram finds a problem with the

information in the datagram.

Only sent if the datagram had to be discarded pointer field is zero based ex: 1 indicates problem with type of service; 20 indicates first option

ICMP Message Types:

Timestamp(13)/Timestamp Reply(14)
ICMP Header (4 bytes) + identifier (2 bytes) + seq num (2 bytes) + Originate Timestamp (4

bytes) + Receive Timestamp (4 bytes) + Transmit Timestamp (4 bytes) Timestamps are number of m sec past midnight UTC used to determine the latency between the sender and receiver

receiver forms a message by reversing the originate and destination adder in the IP header setting ICMP type code to 14 updating the timestamp fields Re compute the ICMP checksum

ICMP Message Types:

Info Request (15)/Info Reply(16)
Same as type 8, but no data Code: 0 used by a host to determine the network number the host resides on receiver reverses the source and destination addresses in the IP header set the correct network number set ICMP type to 16 Re compute the ICMP checksum Obsolete; shouldnt be used replaced by BOOTP and RARP

ICMP Message Types:

Addr Mask Rqst (17)/Addr Mask Reply(18)
ICMP Header (4 bytes) + identifier (2 bytes) + seq.num. (2 bytes) + addr mask (4 bytes) identifier - used to match requests with replies. seq.num. - used to match requests with replies. Hosts and routers can request the subnet address mask for the network they reside on at boot

time.
Host or router broadcasts it on the local network a receiving router should return it in a reply message

This message is defined in RFC 950

Reference:
www.google.com www.answers.com www.wikipedia.com