Internet Control Message Protocol (ICMP)

ICMP is yet another protocol at the Internet layer. Internet Control Message Protocol is used as an error reporting protocol in the TCP/IP suite. It is important to begin by noting that ICMP does nothing to make IP reliable. Instead, it simply reports on error situations that exist or occur. ICMP only sends error messages back to the originating host, and not intermediary devices. A good example of a type of error message sent by ICMP is a Source Quench message. These are used when a router receives more data than it can handle. Once its buffers finally fill, the router will send the source host a Source Quench message, effectively letting the source know that it should send data at reduced rate. Note that the message doesn’t include any information on packets that may have been lost. Instead, it simply makes the sender aware that a situation exists. It is still the responsibility of upper-layer protocols to ensure that data arrives at its destination.

You are probably more familiar with ICMP than you realize. Have you ever used the ping utility? If so, what you’ve actually done is sent out ICMP echo messages, and if the address that you attempted to ping was reachable, you received back ICMP echo replies. Ping is an example of a simple ICMP utility that provides information on whether or not hosts can be reached. If the host you’re attempting to ping can’t be reached, you’ll receive an ICMP Destination Unreachable message. ICMP is also used to send messages that notify the sender that the Time to Live (TTL) on a packet has expired.

Consider the example below, which shows a capture of an ICMP echo reply. Note that only the ICMP portion of the frame is expanded.


Ethernet II
Internet Protocol, Src Addr: 192.168.1.200 (192.168.1.200), Dst Addr: 192.168.1.21 (192.168.1.21)
Internet Control Message Protocol
Type: 0 (Echo (ping) reply)
Code: 0
Checksum: 0x3b5c (correct)
Identifier: 0x0200
Sequence number: 18:00
Data (32 bytes)

Remember that ICMP is simply a reporting protocol – it does nothing to actually remedy any errors that occur.

Tip: For more information on Internet Control Message Protocol, see RFC 792

Author: Dan DiNicolo

Dan DiNicolo is a freelance author, consultant, trainer, and the managing editor of 2000Trainers.com. He is the author of the CCNA Study Guide found on this site, as well as many books including the PC Magazine titles Windows XP Security Solutions and Windows Vista Security Solutions. Click here to contact Dan.