NETWORK ~ ICMP Protocol
ICMP is not a transport protocol that sends data between systems.
Although ICMP is not regularly used in end-user applications, it is used by network administrators to troubleshoot Internet connections in diagnostic utilities, including the ping and traceroute commands.
ICMP messages are transmitted as datagrams and consist of an IP header that encapsulates the ICMP data.
ICMP packets are IP packets with ICMP in the IP data portion. ICMP messages also contain the entire IP header of the original message, so the end system knows which packet failed.
ICMP packet structure:
An ICMP packet structure typically consists of the following fields:
- Type: 8-bit field that identifies the type of ICMP message.
- Code: 8-bit field that provides additional information about the type of message.
- Checksum: 16-bit field that performs error checking on the ICMP header and payload.
- Identifier: 16-bit field used to match Echo Request and Echo Reply messages.
- Sequence Number
ICMP message codes:
The "code" field in the ICMP block contains some very useful information. The code is numeric and here are some of the more interesting values the field can have:
0: echo reply - used for pinging
3: destination unreachable
4: source off - the router is overloaded
5: redirect - uses a different router
8: echo request - used for ping
9: router announcement response
10: router solicitation
11: timeout - used for traceroute
Time to Live (TTL):
One of the most well-known fields in the IP header to cause an ICMP error is the Time to Live (TTL) field. This field determines how long a datagram will exist. With each hop, the TTL field is decremented. When the TTL field reaches zero, the datagram is said to be "expired" and is discarded. This avoids the network congestion that is created when a datagram cannot be transmitted to its destination. Most applications set the field lifetime to 30 or 32 by default.
Comments
Post a Comment