Internet Command Message Protocol(ICMP)
CS-431
Dick Steflik
ICMP
• Internet Command Message Protocol (ICMP)
• RFC 792
• Used to communicate IP status and error messages between host and routers
ICMP• Used to communicate IP status and error messages
between hosts and routers
• Uses IP to route its messages between hosts
• Must be implemented with IP• remember, IP is just a packet delivery system
• transmits and routes datagrams from sources to destinations through a series of interconnected networks
• it has a checksum in the IP header to detect lost bits– no error detection on the datagram payload though
• but has no native mechanism for source host notification
• This is where ICMP comes in• its used to report IP errors to the source host
• ICMP data is carried as the payload of an IP datagram• specifies additional message formats within this area
Basic ICMP Header
• Headers are 32 bits in length; all contain same three fields• type - 8 bit message type code
• thirteen message type are defined
• code - 8 bit; indicating why message is being sent
• checksum - standard internet checksum• 16 bit 1’s complement sum of the payload and header
– for purpose of calculation the checksum field is set to zero
ICMP Message types
• 0 - Echo Reply
• 3 - Destination Unreachable
• 4 - Source Quench
• 5 - Redirect
• 8 - Echo
• 11 - Time Exceeded
• 12 - Parameter Problem
• 13 - Timestamp
• 14 - Timestamp Reply
• 15 - Information Request
• 16 - Information Reply
• 17 - Address Mask Request
• 18 - Address Mask Reply
Destination Unreachable (3)• ICMP header (4 bytes) + unused 32 bits (4 bytes) + IP header (24
bytes) + first 64 bits of data (8 bytes) = 40 bytes
• Codes:• 0 - net unreachable ; 1 - host unreachable
• 2 - protocol unreachable ; 3 - port unreachable• sent by destination host IP module
• 4 - fragmentation needed DF set ; 5 source route failed
• 6 - destination network unknown ; 7 destination host unknown
• 8 - source host isolated ; 9 - comm. with destn network prohibited
• 10 - comm. With dest host prohibited ; 11 - network unreachable for service
• 12 - host unreachable for service
• Sent to originating host because destination is unreachable• may be determined by a router
• destination IP may find the indicated protocol unavailable
• Don’t Fragment (DF) bit in the IP header is set but fragmentation is required to continue forwarding
Source Quench (4)
• Same message format as type 3
• Code : 0
• Sent to a host when an intermediate router or the destination host with the source host’s transmission rate• may be sent to a source when a router is saturated
• may be sent by a receiving host if it receive buffers are filling up
• Upon receipt the source host should throttle back on its transmission rate until the Source Quench goes away.• Can then increase its transmission rate
Redirect (5) • Same format as type 3
• Code:• 0 - redirect datagrams for the network
• 1 - redirect datagrams for the host
• 2 - redirect datagrams for the type of service and the network
• 3 - redirect datagrams for the type of service and host
• a router sends a message to a host when it determines a datagram that originated from the host must be forwarded to router that can be directly reached• allows the host to sent future datagrams to the optimal first-hop
router increasing network efficiency
• not used for datagrams that have source routing options
Echo (8)/Echo Reply (0)
• ICMP header (4 bytes) + identifier (2 bytes) + sequence number (2 bytes) + data (4 bytes)• identifier - used to match Echoes and Echo Replies
• sequence - used to match Echoes with Echo Replies
• Used to determine if a host is reachable• a host receiving an echo message
• reverses the IP source and destination addresses
• sets the ICMP type field to zero (echo reply)
• recomputes the ICMP checksum
• identifier, sequence and data are sent back unchanged
Time Exceeded (11)
• Same format as type 3
• Code:• 0 - time to live exceeded in transit
• 1 - fragment reassembly time exceeded
• Time exceeded message is sent if:• a router finds a datagram with TTL set to zero
• router discards the datagram and sends message with code field set to 0
• a host does not receive all of the fragments of a datagram before its local reassemble timer expires
• host discards all fragments and return message with code field set to 1
Parameter Problem (12)• ICMP Header (4 bytes) + pointer (1 byte) + unused (3 bytes)
+ IP header (24 bytes) + first 64 bits of data (8 bytes) • pointer - identifies octet where error occurred
• Code:• 0 - misc parameter problem
• 2 - required option missing
• sent to a host when a router or host processing a datagram finds a problem with the information in the datagram.• Only sent if the datagram had to be discarded
• pointer field is zero based– ex: 1 indicates problem with type of service; 20 indicates first option
Timestamp(13)/Timstamp Reply(14)
• ICMP Header (4 bytes) + identifier (2 bytes) + seq num (2 bytes) + Originate Timestamp (4 bytes) + Receive Timestamp (4 bytes) + Transmit Timestamp (4 bytes)
• Timestamps are number of msec past midnight UTC
• used to determine the latency between the sender and receiver• receiver forms a message by
• reversing the originate and destination addr in the IP header
• setting ICMP type code to 14
• updating the timestamp fields
• recomput the ICMP checksum
Info Request (15)/Info Reply(16)
• Same as type 8, but no data
• Code: 0
• used by a host to determine the network number the host resides on
• receiver • reverses the source and destination addresses in the IP header
• set the correct network number
• set ICMP type to 16
• recompute the ICMP checksum
• Obsolete; shouldn’t be used replaced by BOOTP and RARP
Addr Mask Rqst (17)/Addr Mask Reply(18)
• ICMP Header (4 bytes) + identifier (2 bytes) + seq.num. (2 bytes) + addr mask (4 bytes)• identifier - used to match requests with replies.
• seq.num. - used to match requests with replies.
• Hosts and routers can request the subnet address mask for the network they reside on at boot time.• Host or router broadcasts it on the local network
• a receiving router should return it in a reply message
• This message is defined in RFC 950
ICMPv6
• New version of ICMP to go along with IPv6• Absorbs many IGMP and ARP functions
• Used for:• Reporting errors in IP packet processing
• Performing diagnostics
• performing Neighbor Discovery and reporting IPv6 multicast memberships
• Two types of messages: • Error messages
• Information messages
Error Message Categories
• Destination Unreachable
• Packet too big
• Time exceeded
• Parameter problem
Informational Messages
• Diagnostic messages
• Multicast group management messages
• Neighbor discovery messages
• Every ICMPv6 message is preceeded by an IPv6 header and 0 or more IPv6 extension headers.
• A next header field of 58 nidentifies the ICMPv6 message (different than IPv4)
Message Format
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1|-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|| Type | Code | Checksum | |-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|| | | Message Body || | | +-------------------------------------------------------------+