Internet Control Message Protocol
LESSON 11

Outline:
Internet Control Message Protocol (ICMP)

Control and Error Messaging:

• Physical-based networks can report errors via hardware components and signaling.
• Software-based networks (the Internet) cannot and needs a means of error control.
• To allow gateways to send error or control messages to other gateways or hosts, the Internet Control Message Protocol (ICMP) was added.

Internet Control Message Protocol (ICMP):

• ICMP is:
  • A required part of the IP protocol which must always be included.
  • Provides communication between IP software on two different machines (not just source and destination machines).
  • Not restricted to gateways. It provides a single mechanism that is used for ALL control and information messages.
  • Reports errors but does not correct them. The source node must take action to correct problems.
• The source node may not be able to handle all the problems and must trust that remote operators can fix problems of that type:
  • Gateways routing to incorrect locations
  • Gateways using corrupted routing tables.
• ICMP is not considered a high-level protocol.

• Since ICMP messages are encapsulated within IP datagrams, they:
  • Receive no additional reliability or priority.
  • May be lost or discarded.
  • Contribute to congestion.
• ICMP error messages are NOT generated from datagrams carrying ICMP messages and in error.

ICMP Message Format:

• Each has it’s own format, but all begin with the same three fields:
  • TYPE (8-bits):
    • Message type.
  • CODE (8-bits):
    • Further information on the message type.
  • CHECKSUM (16-bits):
    • Same checksum algorithm as used in the IP protocol, but only covers the ICMP datagram.
• If ICMP message is reporting errors, it includes the entire header and first 64-bits of the IP datagram that caused the problem.
• Higher-layer protocols in TCP/IP are designed to encode crucial information in the first 64-bits of a datagram/message for this reason.

Message Types:
Echo Request/Reply

• Echo Request/Reply:
  • Serve as a debugging tool for networks, where echo requests are sent and echo replies are received from destinations who are reachable and responding.
  • Optionally, sample data packets (56K) are sent and received by programs which implement the echo request and reply ICMP messages (PING).
• Echo Requests and Replies ensure that the major pieces of the transport system work, including:
  • IP software on the source host.
  • Intermediate gateways which route over the sending path.
  • The destination host is running, as are it’s IP and ICMP protocol modules.
  • Return path gateways work and their routing tables are correct.

• TYPE (8-bits):
  • Request = 8
  • Reply = 0
• SEQUENCE NUMBER (16-bits):
  • Used by the sender to match replies to requests sent.

Message Types:
Unreachable Destinations

• Unreachable Destinations:
  • Used when a gateway cannot deliver an IP datagram (sent back to original source).
• CODE (8-bits):
  • Integer value that further describes the problem which occurred.

• Network Unreachable errors usually imply
  Routing Failures.
• Host Unreachable errors usually imply
  Delivery Failures.
• Failures may be caused by:
  • The destination being out-of-service.
  • A nonexistent destination address.
  • Gateways that do not have a route to the destination.
• Although gateways send unreachable messages because of non-existent routes or delivery problems, not all such errors can be detected.

Message Types:
Source Quench

• Source-Quenching:
  • Used in the case of congested networks or for flow-control.
• Congestion is a network issue (global to the whole network).
• Flow-Control is an end-to-end issue and/or a point-to-point issue.

• Source-Quench messages can be used with different methods of congestion control:
  • Monitoring of congestion conditions.
  • Source-Quench message for each datagram dropped.
  • Source-Quench sent when queues begin to fill (prior to congestion occurring).

Message Types:
Time Exceeded

• Time Exceeded:
  • Because of routing cycles (in which several gateways constantly loop packets to each other):
    • The TTL field (hop count) will reach zero and the datagram is dropped.
    • Or they are dropped if a time-out occurs while waiting for fragments of the datagram to arrive.
  • A message is sent in either case.

• CODE (8-bits):
  • 0 = TTL count exceeded.
  • 1 = Fragment reassembly time exceeded
    • The timer is started at destination after the first fragment is received.

Message Types:
Parameter Problem

• Parameter Problem:
  • Sent when incorrect datagram header information is received or when other parameter problems occur.
• Used in severe problems.
• POINTER (8-bits):
  • Identifies the octet in the datagram that caused the problem.

Message Types:
Redirect Message

• Redirect Message:
  • Sent to hosts requesting that they change their routes since the one they choose was non-optimal.
• Gateways are assumed to know correct routes. Hosts begin with minimal routing information and update their tables with new routes sent to them by default gateways.
• Redirect:
  • Is a simple tool which permits hosts to boot knowing only one gateway IP address.
  • This does not solve the route propagation problem in a general way.

• GATEWAY IP ADDRESS (32-bits):
• Address of the gateway that the host should use to reach the destination mentioned in the datagram header (INTERNET HEADER field in the next sequence of bits)
• Gateways only send ICMP-Redirect messages to hosts and not to other gateways (Gateway to Gateway Protocol is used for that).

Message Types:
Timestamp Message

• Timestamp Request and Reply:
  • Simple technique for synchronizing clocks by requesting a machine’s current value for the time of day.
• Timestamp values are given in milliseconds since midnight Universal Time.

• TYPE (8-bits):
  • Request = 13
  • Reply = 14
• IDENTIFIER and SEQ. NUMBER (16-bits each):
  • Both are used by the source to associate replies with requests sent.
• Timestamp fields used to compute the time delay estimates:
  • ORIGINAL (32-bits):
    • Filled by the sender just before sending the timestamp request.
  • RECEIVE (32-bits):
    • Filled by the destination exactly when the request is received.
  • TRANSIT (32-bits):
    • Filled when the reply message is sent by the destination.
• Delay estimates are not consistent over the Internet using Timestamp-ICMP messages.
• Statistical analysis is needed for truly accurate measurement.

Message Types:
Address Mask Message

• Address Mask Request and Reply:
  • Used to determine the subnet mask used at the destination.
• Must know the subnet mask to participate in subnet addressing at either end.

• TYPE (8-bits):
  • Request = 17
  • Reply = 18
• ADDRESS MASK (32-bits):
  • Used to contain the 32-bit subnet mask used at the destination.

Debugging and Measurement Tools:
PING

• PING - utilizes the ICMP echo request and reply messages to test the accessibility and functionality of IP equipment.
• When equipment is pinged, a response is expected.
• The round-trip time transmission times are displayed in milliseconds.
• Some implementations give PING access to other IP datagram header features including:
  • Record Route
  • Timestamp
  • Loose and Strict Source Routing.
• PING uses these features to gather statistics about network operations and test the integrity and composition of a path to a remote node.
• PING only tests as far up (in the conceptual layers) as the IP layer in the remote host.
• PING can be used on a loopback address to test local TCP/IP stacks and network hardware equipment.

Debugging and Measurement Tools:
Echo

• Echo is a service normally provided in the application layer that will return characters received from a remote TCP or UDP connection.
• It provides an excellent confidence test that the destination is responding.
• Since the Echo application resides (conceptually) above the IP layer, it can check the transport layer (whereas PING cannot).

Debugging and Measurement Tools:
Netstat

• Netstat command provides information about the network interface and a means of examining various aspects of the protocol stack’s functionality.
• Netstat options:
  • netstat - i
    • Network drivers and interface cards are operational
    • Number of good or erred frames that have been encountered.
  • netstat - r
    • Option for displaying the router table contents.
  • netstat - a
    • Option allows the active server processes to be viewed, showing the server program waiting for incoming connections, connections established, and IP address and port of the remote node.
  • netstat -s
    • Network operation stats. and errors
  • netstat -m
    • Lists buffer memory utilization.

Last Modification: (Sunday, August 25, 1996)

All work was written, produced, and is copyrighted by Daniel Z. Tabor Jr.
Page created by Daniel Z. Tabor Jr. Copyright ©1996 Illusion Industries Inc.