Computer Network: ICMP Protocol (Internet Control Message Protocol)

Today I will talk to you about the knowledge related to the ICMP protocol. If you are interested, you can learn about it together!

1. Introduction

picture

ICMP (Internet Control Message Protocol) is an important sub-protocol in the TCP/IP protocol suite. It is located at the network layer. It is mainly used to transmit control messages between IP hosts and routers and report various problems in network communications. Although these control messages do not transmit actual user data, they play an important role in the accurate and reliable transmission of data. The main purpose of the ICMP protocol is to improve the successful transmission rate of IP datagrams and ensure the stability and reliability of data communications.

2. Why do we need ICMP protocol?

Because the IP protocol itself does not provide a reliable transmission mechanism, nor does it have error reporting and control functions. Therefore, when a problem occurs during the transmission of a data packet over the network, the IP protocol cannot notify the sender in time. In order to solve this problem, the ICMP protocol came into being. The main functions of the ICMP protocol include:

picture

Error reporting: When a data packet encounters a problem during network transmission, the ICMP protocol can report error information to the sender to help the sender take appropriate measures.

Network diagnosis: provides a variety of query messages for diagnosing network connections and path information. The most commonly used tools are ping and traceroute.

Flow control: Source suppression messages can be used to notify the sender to reduce the data transmission rate to alleviate network congestion.

Route redirection: It can notify the host or router of a better routing path to improve network transmission efficiency.

3. ICMP protocol message format

ICMP messages are encapsulated in IP datagrams, with the IP header at the front of the ICMP message. The basic format of ICMP messages is as follows:

picture

● Type: 1 byte, indicating the type of ICMP message.

● Code: 1 byte, indicating the code of the ICMP message, further describing the type.

● Checksum: 2 bytes, used to verify the integrity of the entire ICMP message.

● Data: variable length, containing specific control information or data.

4. Types of ICMP messages

ICMP messages are mainly divided into two categories: error messages and query messages.

picture

4.1 Error Message

Error messages are used to report errors in network communications. Common error message types include:

● Destination Unreachable (Type 3): When the data packet cannot reach the target device, the sender will receive a Destination Unreachable message. The specific codes are as follows:

● 0: Network unreachable

● 1: Host unreachable

● 2: Protocol unreachable

● 3: Port unreachable

● 4: Fragmentation is required but the no-fragmentation flag is set

● 5: Source routing failed

● 6: Destination network unknown

● 7: Destination host unknown

● 9: Destination network is prohibited

● 10: The destination host is prohibited

● 11: Due to TOS network unreachable

● 12: Because the TOS host is unreachable

● 13: Communication is prohibited due to filtering

● 14: Host exceeds authority

● 15: Priority cutoff takes effect

● Timeout (Type 11): When the TTL value of a data packet is 0, the router will discard the data packet and send a timeout message. The specific codes are as follows:

● 0: The survival time has expired

● 1: Datagram reassembly timeout

● Parameter Problem (Type 12): When the IP header field value of a data packet is incorrect, the receiver will send a parameter problem message. The specific codes are as follows:

● 0: IP header field value is incorrect

● 1: A required option is missing

● 2: Unsupported length

● Source quench (Type 4): When a router or host discards data packets due to network congestion, it sends a source quench message to request the sender to reduce the sending rate.

● Redirect (Type 5): When a router finds a better routing path, it will send a redirect message to notify the sender to use the new route. The specific code is as follows:

● 0: Network redirection

● 1: Host redirection

● 2: TOS and network redirection

● 3: TOS and host redirection

4.2 Query Message

Query messages are used to transmit control information between different network devices. Common query message types include:

● Echo request and response (Type 8 and Type 0): used to test network connectivity. The most common tool is ping. The sender sends an echo request message (Type 8), and the receiver replies with an echo response message (Type 0).

● Timestamp request and response (Type 13 and Type 14): used to measure network delay. The sender sends a timestamp request message (Type 13), and the receiver replies with a timestamp response message (Type 14).

● Address mask request and response (Type 17 and Type 18): used to obtain subnet mask information. The host can use these messages to determine its own subnet mask when it starts.

● Router solicitation and advertisement (Type 9 and Type 10): used to discover and select routers. The host can send a router solicitation message (Type 9), and the router will reply with a router advertisement message (Type 10) after receiving it.

5. Actual Examples of ICMP Messages

5.1 Ping Command

The Ping command is a common network diagnostic tool based on the ICMP protocol, used to test network connectivity. The following is the workflow of the Ping command:

1. Send an echo request message: The sending host constructs an ICMP echo request message (Type 8) and encapsulates it in an IP datagram and sends it to the target host.

2. Receiving the echo reply message: After receiving the echo request message, the target host constructs an ICMP echo reply message (Type 0) and encapsulates it in an IP datagram and sends it back to the sending host.

3. Display results: After the sending host receives the echo reply message, the IP address, data size and round-trip time of the target host are displayed.

Example:

 ping 192.168.2.17

Output:

picture

5.2 Traceroute Command

The Traceroute command is used to display the path information of the data packet from the source host to the destination host, and is often used to diagnose network connection problems. The following is the workflow of the Traceroute command:

1. Sending an ICMP message: The sending host sends an ICMP message with a TTL value of 1 (usually an echo request message). When the message reaches the first router, the TTL value is reduced to 0. The router discards the message and sends a timeout message (Type 11) back to the sender.

2. Record path information: The sender records the IP address of the first router and then sends an ICMP message with a TTL value of 2. The above process is repeated until the data packet reaches the destination host or the maximum TTL value is reached.

3. Display results: The sending host displays information about each step of the path from the source host to the destination host, including the IP address and response time of each router.

Example:

 traceroute 8.8.8.8

Output:

picture

Summarize

The above content is an introduction to the knowledge related to the Internet Control Message Protocol. I hope it can provide some help for everyone to understand the ICMP protocol!