The job of the Internet Control Message Protocol (ICMP) is to report errors that may have occurred in processing IP datagrams. ICMP is an integral part of IP and its messages are encapsulated within an IP datagram. Note: there are 6 messaging formats used by ICMP, to be discussed later.
The ICMP messages are indicated by the Type Field (they are shown below):
0 - Echo Reply
3 - Destination unreachable
4 - Source Quench
5 - Redirect
8 - Echo
11 - Time exceeded
12 - Parameter problem
13 - Timestamp
14 - Timestamp reply
15 - Information request (obsolete)
16 - Information reply (obsolete)
17 - Address mask request
18 - Address mask reply
The most well-known uses of ICMP are the ping and traceroute (tracert in Window) commands. The ping command sends out a special ICMP echo request message to a destination. If the destination is alive, it will respond with the ICMP echo replay message. This is a fundamental tool used in network troubleshooting, as described in.
Traceroute uses the Timestamp services of ICMP to perform its task of tracing a route to a destination. The Timestamp message and Timestamp Reply measure the round trip time that is taken to go from the source to the destination. Traceroute lists the path and the round trip time to each router, taken from the source to the destination.
Echo and Echo Reply Message
The Echo and Echo Reply test the communication path from a sender to a destination.
| 0 1 2 3 4 5 6 7 | 8 9 10 11 12 13 14 15 | 16 17 18 19 20 21 22 23 | 24 25 26 27 28 29 30 31 |
| Type (8 bits) | Code (8 bits) | Checksum (16 bits) | |
| Identifier (16 bits) | Sequence number (16 bits) | ||
| DATA |
Type Field
The Type Field indicates the type of ICMP message. An Echo request message will have the number 8 in the Type field and an Echo Reply message will have the number 0.
Code Field
The Code Field is used by the different message formats to indicate specific error conditions. For Echo, the code field is always 0.
Checksum
The Checksum is the 16-bit ones's complement of the one's complement sum of the ICMP message (starting with the ICMP Type).
Identifier and Sequence Number
The Identifier and Sequence Number may be used by the echo sender to aid in matching the replies with the echo requests. For example, the identifier might be used like a port in TCP--or UDP--to identify a session, and the sequence number might be incremented on each echo request sent. The echoer returns these same values in the echo reply.
Data
The data received in the echo message must be returned in the echo reply message.
Destination Unreachable Message
The Destination Unreachable message is sent by a router (gateway) or a host when the destination network or service is not available.
A destination host may reply with a Destination Unreachable message when the service (port or protocol) is not currently active. A router may reply with a Destination Unreachable message when its entry for the destination network is unreachable (set to infinity), or if the IP datagram Don't Fragment flag is set on (and the router must fragment it in order to forward it).
| 0 1 2 3 4 5 6 7 | 8 9 10 11 12 13 14 15 | 16 17 18 19 20 21 22 23 | 24 25 26 27 28 29 30 31 |
| Type (8 bits) | Code (8 bits) | Checksum (16 bits) | |
| Unused | |||
| Internet Header + 64 bits of Original Data Datagram |
Type Field
The Type Field indicates the type of ICMP message. A Destination Unreachable message will have the number 3 in the Type field.
Code Field
The Code Field is used by the different message formats to indicate specific error conditions. For Destination Unreachable, the code field is:
0 = net unreachable
1 = host unreachable
2 = protocol unreachable
3 = port unreachable
;
4 = fragmentation needed and DF set
5 = source route failed
Codes 0, 1, 4, and 5 may be sent from a router. Codes 2 and 3 may be sent from a host
Checksum
The checksum is the 16-bit ones's complement of the one's complement sum of the ICMP message (starting with the ICMP Type).
Unused
The 32 bits are not used, and are ignored.
Internet Header + 64 bits of Data Datagram
This is the IP header, plus the first 64 bits of the original datagram's data. This data is used by the host to match the message to the appropriate process. If a higher level protocol uses port numbers, they are assumed to be in the first 64 data bits of the original datagram's data.
Source Quench Message
If a router does not have enough buffer space--and becomes congested, or is approaching its capacity-- it may send a Source Quench message to the datagram source host. The source quench message is a request to the host to cut back the rate at which it is sending traffic (to the Internet destination).
| 0 1 2 3 4 5 6 7 | 8 9 10 11 12 13 14 15 | 16 17 18 19 20 21 22 23 | 24 25 26 27 28 29 30 31 |
| Type (8 bits) | Code (8 bits) | Checksum (16 bits) | |
| Unused | |||
| Internet Header + 64 bits of Original Data Datagram |
Type Field
The Type Field indicates the type of ICMP message. An Source Quench message will have the number 4 in the Type field .
Code Field
The Code Field is used by the different message formats to indicate specific error conditions. For Source Quench, the code field is always 0.
Checksum
The checksum is the 16-bit ones's complement of the one's complement sum of the ICMP message (starting with the ICMP Type).
Unused
The 32 bits are not used, and are ignored.
Internet Header + 64 bits of Data Datagram
It is the IP header, plus the first 64 bits of the original datagram's data. This data is used by the host to match the message to the appropriate process. If a higher level protocol uses port numbers, they are assumed to be in the first 64 data bits of the original datagram's data.
Time Exceeded Message
If a router find the Time To Live (TTL) field has expired (i.e. set to zero), the router will discard the IP datagram. It may send a Time Exceeded message to the source Host.
| 0 1 2 3 4 5 6 7 | 8 9 10 11 12 13 14 15 | 16 17 18 19 20 21 22 23 | 24 25 26 27 28 29 30 31 |
| Type (8 bits) | Code (8 bits) | Checksum (16 bits) | |
| Unused | |||
| Internet Header + 64 bits of Original Data Datagram |
Type Field
The Type Field indicates the type of ICMP message. A Time Exceeded message will have the number 11 in the Type field.
Code Field
The Code Field is used by the different message formats to indicate specific error conditions. For Echo, the code field is:
0 = time to live exceeded in transi
t
1 = fragment reassembly time exceeded
Checksum
The checksum is the 16-bit ones's complement of the one's complement sum of the ICMP message (starting with the ICMP Type).
Unused
The 32 bits are not used, and are ignored.
Internet Header + 64 bits of Data Datagram
It is the IP header, plus the first 64 bits of the original datagram's data. This data is used by the host to match the message to the appropriate process. If a higher level protocol uses port numbers, they are assumed to be in the first 64 data bits of the original datagram's data.
57e. Parameter Problem Message
If a router or host finds a problem with an IP header, it must discard the datagram. The source host may be notified by being sent a Parameter Problem message. The Parameter Problem message identifies the octet of the original datagram's header where the error was detected.
| 0 1 2 3 4 5 6 7 | 8 9 10 11 12 13 14 15 | 16 17 18 19 20 21 22 23 | 24 25 26 27 28 29 30 31 |
| Type (8 bits) | Code (8 bits) | Checksum (16 bits) | |
| Pointer (8 bits) | Unused | ||
| Internet Header + 64 bits of Original Data Datagram |
Type Field
The Type Field indicates the type of ICMP message. A Parameter Problem message will have the number 12 in the Type field.
Code Field
The Code Field is used by the different message formats to indicate specific error conditions. For Parameter Problem message, the code field is 0 (when the Pointer field indicates the error).
Checksum
The checksum is the 16-bit ones's complement of the one's complement sum of the ICMP message (starting with the ICMP Type).
Pointer
The pointer identifies the octet of the original datagram's header where the error was detected (it may be in the middle of an option).
Unused
The 24 bits are not used, and are ignored.
Internet Header + 64 bits of Data Datagram
This is the IP header, plus the first 64 bits of the original datagram's data. This data is used by the host to match the message to the appropriate process. If a higher level protocol uses port numbers, they are assumed to be in the first 64 data bits of the original datagram's data.
Redirect Message
If a router (Router A) receives a datagram to forward from a host on the same network. The router (Router A) checks its routing table, and finds out that the shortest path is via another router (Router B) on the same network. Router A sends a Redirect message to the host with the IP address of Router B.
| 0 1 2 3 4 5 6 7 | 8 9 10 11 12 13 14 15 | 16 17 18 19 20 21 22 23 | 24 25 26 27 28 29 30 31 |
| Type (8 bits) | Code (8 bits) | Checksum (16 bits) | |
| Gateway Internet Address | |||
| Internet Header + 64 bits of Original Data Datagram |
Type Field
The Type Field indicates the type of ICMP message. A Redirect message will have the number 5 in the Type field.
Code Field
The Code Field is used by the different message formats to indicate specific error conditions. For the Redirect message, the code field is:
0 = Redirect datagrams for the Network
1 = Redirect datagrams for the Host
2 = Redirect datagrams for the Type of Service and Network
3 = Redirect datagrams for the Type of Service and Host
Checksum
The checksum is the 16-bit ones's complement of the one's complement sum of the ICMP message (starting with the ICMP Type).
Gateway Internet Address
This field is used to indicate the router with the shortest path to the destination network
Internet Header + 64 bits of Data Datagram
The IP header plus the first 64 bits of the original datagram's data. This data is used by the host to match the message to the appropriate process. If a higher level protocol uses port numbers, they are assumed to be in the first 64 data bits of the original datagram's data.
57g. Timestamp Messages
The Timestamp messages are best known as part of the traceroute (tracert in Windows) programs. The purpose is to measure the round trip time it takes to go from a source to a destination host. The Timestamp message is a request for measuring round trip time. The Timestamp Reply is the reply to a Timestamp message.
| 0 1 2 3 4 5 6 7 | 8 9 10 11 12 13 14 15 | 16 17 18 19 20 21 22 23 | 24 25 26 27 28 29 30 31 |
| Type (8 bits) | Code (8 bits) | Checksum (16 bits) | |
| Identifier (16 bits) | Sequence number (16 bits) | ||
| Originate Timestamp | |||
| Receive Timestamp | |||
| Transmit Timestamp |
Type Field
The Type Field indicates the type of ICMP message. A Timestamp message will have the number 13 in the Type field and a Timestamp Reply message will have the number 14.
Code Field
The Code Field is used by the different message formats to indicate specific error conditions. For the Timestamp message, the code field is 0.
Checksum
The checksum is the 16-bit ones's complement of the one's complement sum of the ICMP message (starting with the ICMP Type).
Identifier and Sequence Number
The Identifier and Sequence Number may be used by the echo sender to aid in matching the replies with the echo requests. For example, the identifier might be used like a port in TCP--or UDP--to identify a session, and the sequence number might be incremented on each echo request sent. The echoer returns these same values in the echo reply.
Originate Timestamp
The Originate Timestamp is the time (in units) of 32 milliseconds since midnight Universal Time (UT). This is when the datagram was transmitted from the source.
Receive Timestamp
The Receive Timestamp is the time (in units) of 32 milliseconds since midnight Universal Time (UT). This is when the datagram was received at the destination.
Transmit Timestamp
The Transmit Timestamp is the time (in units) of 32 milliseconds since midnight Universal Time (UT). This is when the Timestamp Reply datagram was transmitted from the destination.
If the time is not available in milliseconds (or cannot be provided with respect to midnight UT), then any time can be inserted in a timestamp. The high order bit of the timestamp must also be set to indicate this non-standard value.
57h. Address Mask Messages
The Address Mask Request is used by a host to determine what its address mask is on a network. The Address Mask Reply message is the reply from a router (or a host) to the source host with the correct address mask for the network.
| 0 1 2 3 4 5 6 7 | 8 9 10 11 12 13 14 15 | 16 17 18 19 20 21 22 23 | 24 25 26 27 28 29 30 31 |
| Type (8 bits) | Code (8 bits) | Checksum (16 bits) | |
| Identifier (16 bits) | Sequence number (16 bits) | ||
| Address Mask |
Type Field
The Type Field indicates the type of ICMP message. An Address Mask Request message will have the number 17 in the Type field and an Address Mask Reply message will have the number 18.
Code Field
The Code Field is used by the different message formats to indicate specific error conditions. For Address Mask messages, the code field is always 0.
Checksum
The Checksum is the 16-bit ones's complement of the one's complement sum of the ICMP message (starting with the ICMP Type).
Identifier and Sequence Number
The Identifier and Sequence Number may be used by the echo sender to aid in matching the replies with the echo requests. For example, the identifier might be used like a port in TCP (or UDP) to identify a session, and the sequence number might be incremented on each echo request sent. The echoer returns these same values in the echo reply.
Address Mask
The Address Mask field contains the 32-bit subnet mask for the network (e.g. 255.255.255.0).
No comments:
Post a Comment