ICMP control messaging protocol

General characteristics of the ICMP protocol

The Internet Control Message Protocol (ICMP) exchange of control messages allows the router to inform the end node of errors that the router encountered when sending any IP packet from this end node.

ICMP control messages cannot be forwarded to an intermediate router that participated in the transmission of a packet with which problems arose, since for such a message there is no address information — the packet contains only the source address and the destination address without fixing the addresses of intermediate routers.

ICMP is an error reporting protocol, not an error correction protocol. The end node may take some actions to ensure that the error no longer occurs, but these actions are not regulated by the ICMP protocol.

Each ICMP message is transmitted over the network within an IP packet. IP packets with ICMP messages are routed just like any other packet, with no priorities, so they can also be lost. In addition, in a busy network, they may cause additional load on routers. In order not to cause an avalanche of error messages, IP packet loss carrying ICMP error messages cannot generate new ICMP messages.

ICMP message format

There are several types of ICMP messages. Each message type has its own format, all of which begin with a common three fields: an 8-bit integer indicating the type of message (TYPE), an 8-bit code field (CODE) that specifies the purpose of the message, and a 16-bit control field. amounts (CHECKSUM). In addition, the ICMP message always contains the header and the first 64 bits of the data of the IP packet that caused the error. This is done so that the sending node can more accurately analyze the cause of the error, since all the application layer protocols of the TCP / IP stack contain the most important information for analysis in the first 64 bits of their messages.

The type field can have the following values:

As can be seen from the types of messages used, the ICMP protocol is a combination of protocols that solve their narrow problems.

Echo protocol

ICMP provides network administrators with tools to test network reachability. These tools are a very simple echo protocol, including the exchange of two types of messages: echo request and echo reply . A computer or router sends an echo request over the Internet, which indicates the IP address of the node whose reachability is to be checked. The node that receives the ping request generates and sends the echo reply and returns the message to the node that sent the request. The request may contain some data that should be returned in the response. Since the ping and ping are transmitted over the network within IP packets, their successful delivery means the normal operation of the entire transport system of the intranet.

Many operating systems use the ping utility , which is designed to test node reachability. This utility usually sends a series of echo requests to the node to be tested and provides the user with statistics about the lost echo responses and the average network response time to requests.

Destination node unreachable messages

When the router cannot transmit or deliver an IP packet, it sends the message "Destination node unreachable" to the node that sent the packet (message type - 3). This message contains a value in the code field, specifying the reason for which the package was not delivered. The reason is encoded as follows:

A router that has discovered for any reason that it cannot transmit an IP packet further over the network should send an ICMP message to the source host, and then discard the packet. In addition to the cause of the error, the ICMP message also includes the header of the undelivered packet and its first 64 bits of the data field.

A destination node or network may be unreachable due to temporary hardware malfunction, due to the fact that the sender has entered an invalid destination address, and also because the router does not have data on the route to the destination network.

Inaccessibility of the protocol and port means the lack of implementation of any application layer protocol in the destination node or the absence of an open port of the UDP or TCP protocols in the destination node.

Fragmentation error occurs when the sender has sent a packet with a DF flag, which prohibits fragmentation, to the network, and the router is faced with the need to send this packet to the network with an MTU value smaller than the packet size.

Route redirection

Routing tables for computers are usually static, as they are configured by the network administrator, and for routers - dynamic, automatically generated using routing information exchange protocols. Therefore, over time when the network topology changes, the routing tables of computers may become obsolete. In addition, these tables usually contain a minimum of information, for example, only the addresses of several routers.

To adjust the behavior of computers, the router can use an ICMP message called "Redirect Route" (Redirect).

This message is sent when the router sees that the computer sends a packet to some destination network in an irrational way, that is, to the wrong router on the local network from which the shorter route to the destination network starts.

The ICMP redirection mechanism allows computers to contain in the configuration file only the IP addresses of its local routers. With the help of redirection messages, routers will tell the computer all the information it needs about which router to send packets to for a particular destination network. That is, routers will transfer to the computer the part of their routing tables they need.

In the Route Redirection message, the router places the IP address of the router that needs to be used later, and the header of the source packet with the first 64 bits of its data field. From the packet header, the host will know for which network it is necessary to use the specified router.