Chapter 9
Internet Control Message
Protocol
Objectives
Upon completion you will be able to:
Be familiar with the ICMP message format
Know the types of error reporting messages
Know the types of query messages
Be able to calculate the ICMP checksum
Know how to use the ping and traceroute commands
Understand the modules and interactions of an ICMP package
TCP/IP Protocol Suite
�Figure 9.1
TCP/IP Protocol Suite
Position of ICMP in the network layer
�Figure 9.2
ICMP encapsulation
Note that ICMP messages are encapsulated within
IP datagrams.
TCP/IP Protocol Suite
�Table 9.1 ICMP messages
ICMP messages are divided into error-reporting
messages and query messages.
The error-reporting messages : report problems that a
router or a host (destination) may encounter.
The query messages: get specific information from a
router or another host.
�Figure 9.4
General format of ICMP messages
All the ICMP messages are different. The only thing that is
common amongst all is the first 4 bytes.
Type field tells what type of message (as we saw on the
previous slide); Code field gives further information on the
type of message.
TCP/IP Protocol Suite
�9.3 ERROR REPORTING
IP, as an unreliable protocol, is not concerned with error checking and
error control. ICMP was designed, in part, to compensate for this
shortcoming.
ICMP does not correct errors, it simply reports them.
ICMP always reports the message back to the source.
The topics discussed in this section include:
Destination Unreachable
Source Quench
Time Exceeded
Parameter Problem
Redirection
TCP/IP Protocol Suite
�Figure 9.5
TCP/IP Protocol Suite
Error-reporting messages
�Note:
The following are important points about ICMP
error messages:
No ICMP error message will be generated in response
to a datagram carrying an ICMP error message.
No ICMP error message will be generated for a
fragmented datagram that is not the first fragment.
No ICMP error message will be generated for a
datagram having a multicast address.
No ICMP error message will be generated for a
datagram having a special address such as [Link] or
[Link].
TCP/IP Protocol Suite
�Figure 9.6
Contents of data field for the error messages
Destination Unreachable
When a router cannot route a datagram or a host cannot
deliver a datagram, the datagram is discarded and the router
or host sends a destination-unreachable ICMP message.
There are 15 different codes:
network unreachable(0); host unreachable(1); protocol
unreachable(2); port unreachable(3); fragmentation required
but DF bit set(4); source routing cannot be accomplished (5);
destination network unknown(6); destination host unknown(7);
source host isolated(8); communication with destination netwo
is prohibited(9); and six more
TCP/IP Protocol Suite
�Figure 9.7
TCP/IP Protocol Suite
Destination-unreachable format
10
�Note:
Destination-unreachable messages
with codes 2 or 3 can be created only
by the destination host. protocol unreachable ;
port unreachable
Other destination-unreachable
messages can be created only by
routers.
TCP/IP Protocol Suite
11
�Figure 9.8
Source-quench format
There is no flow control mechanism in IP, so ICMP
allows a router to tell a source to slow down (we
just discarded one of your datagrams because our
buffers are full). This is source quench.
One source quench message is sent for each datagram
discarded.
TCP/IP Protocol Suite
12
�Figure 9.9
Time-exceeded message format
When a router decrements a Time-to-Live counter to zero,
the datagram is tossed and a time-exceeded message is
returned to the source.
Likewise if a destination does not receive all the fragments
in a set amount of time.
TCP/IP Protocol Suite
13
�Note:
In a time-exceeded message, code 0 is
used only by routers to show that the
value of the time-to-live field is zero.
Code 1 is used only by the destination
host to show that not all of the
fragments have arrived within a set
time.
TCP/IP Protocol Suite
14
�Figure 9.10
Parameter-problem message format
A parameter problem message can be created by a router
or the destination host.
Code 0 - there is an error or ambiguity in one of the header
fields. The value in the pointer field points to the byte with
the problem.
Code 1 - the required part of an option is missing. The pointer
not used.
TCP/IP Protocol Suite
15
�Figure 9.11 Redirection concept
Routers are constantly updating themselves with new
routing information.
Not so with hosts. A host has to know where the next
router is too, but its table is usually static (for efficiency).
Host routing tables start off small, usually with only one
entry - the default router.
When the host sends a datagram to the wrong router
(because its routing table is incomplete), the router that
receives the datagram sends the datagram to the
correct router AND sends a redirection message to the
host.
The host uses this info to update its routing table.
TCP/IP Protocol Suite
16
�Figure 9.11 Redirection concept
TCP/IP Protocol Suite
17
�Figure 9.12
Redirection message format
Redirection for network-specific route (0) specified
type of service (2), Redirection for a host-specific
route (1) specified type of service (3)
TCP/IP Protocol Suite
18
�9.4 QUERY
ICMP can also diagnose some network problems through the query
messages, a group of four different pairs of messages. In this type of
ICMP message, a node sends a message that is answered in a specific
format by the destination node.
The four different types of request and reply are:
Echo Request and Reply
Timestamp Request and Reply
Address-Mask Request and Reply
Router Solicitation and Advertisement
TCP/IP Protocol Suite
19
�Note:
An echo-request message can be sent
by a host or router. An echo-reply
message is sent by the host or router
which receives an echo-request
message.
TCP/IP Protocol Suite
20
�Note:
Echo-request and echo-reply messages
can be used by network managers to
check the operation of the IP protocol.
If a router returns a reply, then it and
IP are working because ICMP
messages are encapsulated in IP
datagrams.
TCP/IP Protocol Suite
21
�Note:
Echo-request and echo-reply messages
can test the reachability of a host. This
is usually done by invoking the ping
command.
TCP/IP Protocol Suite
22
�Figure 9.14
Echo-request and echo-reply messages
Identifier field and Sequence number field are used as a unique
Identifier field is often the same as the process ID.
TCP/IP Protocol Suite
23
�Note:
Timestamp-request and timestampreply messages can be used to
calculate the round-trip time between
a source and a destination machine
even if their clocks are not
synchronized.
TCP/IP Protocol Suite
24
�Note:
The timestamp-request and timestampreply messages can be used to
synchronize two clocks in two
machines if the exact one-way time
duration is known.
TCP/IP Protocol Suite
25
�Figure 9.15
Timestamp-request and timestamp-reply message format
Sending time = receive timestamp - original timestamp
Receiving time = returned time - transmit time
Round-trip time = sending time + receiving time
TCP/IP Protocol Suite
26
�Figure 9.15
Timestamp-request and timestamp-reply message format
Example - An IP and ICMP packet comes back with the
following information:
Original timestamp = 46 ms
Receive timestamp = 59 ms
Transmit timestamp = 60 ms
Return time = 67 ms
What is:
Sending time = 59 46 = 13 ms
Receiving time = 67 60 = 7 ms
Round-trip time = 13 + 7 = 20 ms
TCP/IP Protocol Suite
27
�Figure 9.16
Address-mask-request and address-mask-reply message format
A host may know its IP address, but may not know the
corresponding mask.
Address mask is 0 in request message.
TCP/IP Protocol Suite
28
�Figure 9.17
Router-solicitation message format
How does a host find out what routers are connected to its
own network? Or if those routers are functioning? It can
send out a router-solicitation message.
This can be broadcast on current network.
The router or routers that receive the solicitation message broa
their routing information using the route-advertisement messag
A router can also send periodically send router-advertisement
messages even if no host has solicited.
TCP/IP Protocol Suite
29
�Figure 9.18
Router-advertisement message format
This is the reply that comes back from the previous request.
Lifetime field shows the number of seconds that the entries
are considered to be valid.
If address preference = 0, then this should be the default router.
TCP/IP Protocol Suite
30
�9.5 CHECKSUM
In ICMP the checksum is calculated over the entire message (header
and data).
The topics discussed in this section include:
Checksum Calculation
Checksum Testing
TCP/IP Protocol Suite
31
�Example 1
Figure 9.19 shows an example of checksum calculation for a
simple echo-request message (see Figure 9.14). We randomly
chose the identifier to be 1 and the sequence number to be 9.
The message is divided into 16-bit (2-byte) words. The words
are added together and the sum is complemented. Now the
sender can put this value in the checksum field.
See Next Slide
TCP/IP Protocol Suite
32
�Figure 9.19
TCP/IP Protocol Suite
Example of checksum calculation
33
�9.7 ICMP PACKAGE
To give an idea of how ICMP can handle the sending and receiving
ICMP messages, we present our version of an ICMP package made
two modules: an input module and an output module.
of
of
The topics discussed in this section include:
Input Module
Output Module
TCP/IP Protocol Suite
34
�Figure 9.21
TCP/IP Protocol Suite
ICMP package
35
