The Internet Control Message Protocol is an integral part of IP designed to facilitate the transmission of notification messages between gateways and source hosts where requests for diagnostic information, support of routing, and as a means of reporting errors in datagram processing are needed. The purpose of these control messages is to provide feedback about problems in the communication environment, and does not guarantee that a datagram will be delivered, or that a control message will be returned.
ICMP Redirect messages represent a common scenario where ICMP is used as a means of facilitating routing functions. In the example, a packet is forwarded to the gateway by host A based on the gateway address of host A. The gateway identifies that the packet received is destined to be forwarded to the address of the next gateway which happens to be part of the same network as the host that originated the packet, highlighting a non-optimal forwarding behavior between the host and the gateways.
In order to resolve this, a redirect message is sent to the host. The redirect message advises the host to send its traffic for the intended destination directly to the gateway to with which the destination network is associated, since this represents a shorter path to the destination. The gateway proceeds however to forward the data of the original packet to its intended destination.
ICMP echo messages represent a means of diagnosis for determining primarily connectivity between a given source and destination, but also provides additional information such as the round trip time for transmission as a diagnostic for measuring delay. Data that is received in the echo message is returned as a separate echo reply message.
ICMP provides various error reporting messages that often determine reachability issues and generate specific error reports that allow a clearer understanding from the perspective of the host as to why transmission to the intended destination failed.
Typical examples include cases where loops may have occurred in the network, and consequentially caused the time to live parameter in the IP header to expire, resulting in a “ttl exceeded in transit” error message being generated. Other examples include an intended destination being unreachable, which could relate to a more specific issue of the intended network not being known by the receiving gateway, or that the intended host within the destination network not being discovered. In all events an ICMP message is generated with a destination based on the source IP address found in the IP header, to ensure the message notifies the sending host.
ICMP messages are sent using the basic IP header, which functions together as an integral part of the ICMP message, such is the case with the TTL parameter that is used to provide support for determining whether a destination is reachable. The format of the ICMP message relies on two fields for message identification in the form of a type/code format, where the type field provides a general description of the message type, and the code and a more specific parameter for the message type.
A checksum provides a means of validating the integrity of the ICMP message. An additional 32 bits are included to provide variable parameters, often unused and thus set as 0 when the ICMP message is sent, however in cases such as an ICMP redirect, the field contains the gateway IP address to which a host should redirect packets. The parameter field in the case of echo requests will contain an identifier and a sequence number, used to help the source associate sent echo requests with received echo replies, especially in the event multiple requests are forwarded to a given destination.
As a final means of tracing data to a specific process, the ICMP message may carry the IP header and a portion of the data that contains upper layer information that enables the source to identify the process for which an error occurred, such as cases where the ICMP TTL expires in transit.
A wide number of ICMP type values exist to define clearly the different applications of the ICMP control protocol. In some cases the code field is not required to provide a more specific entry to the type field, as is found with echo requests that have a type field of 8 and the corresponding reply, which is generated and sent as a separate ICMP message to the source address of the sender, and defined using a type field of 0.
Alternatively, certain type fields define a very general type for which the variance is understood through the code field, as in the case of the type 3 parameter. A type field of 3 specifies that a given destination is unreachable, while the code field reflects the specific absence of either the network, host, protocol, port (TCP/UDP), ability to perform fragmentation (code 4), or source route (code 5) in which a packet, for which a forwarding path through the network is strictly or partially defined, fails to reach its destination.
The application of ICMP can be understood through the use of tools such as Ping. The Ping application may be used as a tool in order to determine whether a destination is reachable as well as collect other related information. The parameters of the Ping application allow an end user to specify the behavior of the end system in generating ICMP messages, with consideration of the size of the ICMP datagram, the number of ICMP messages generated by the host, and also the duration in which it is expected a reply is received before a timeout occurs. This is important where a large delay occurs since a timeout may be reported by the Ping application before the ICMP message has had the opportunity to return to the source.
The general output of an ICMP response to a Ping generated ICMP request details the destination to which the datagram was sent and the size of the datagram generated. In addition the sequence number of the sequence field that is carried as part of the echo reply (type 0) is displayed along with the TTL value that is taken from the IP header, as well as the round trip time which again is carried as part of the IP options field in the IP header.
Another common application to ICMP is traceroute, which provides a means of measuring the forwarding path and delay on a hop-by-hop basis between multiple networks, through association with the TTL value within the IP header.
For a given destination, the reachability to each hop along the path is measured by initially defining a TTL value in the IP header of 1, causing the TTL value to expire before the receiving gateway is able to propagate the ICMP message any further, thus generating a TTL expired in transit message together with timestamp information, allowing for a hop-by-hop assessment of the path taken through the network by the datagram to the destination, and a measurement of the round trip time. This provides an effective means of identifying the point of any packet loss or delay that may be incurred in the network and also aids in the discovery of routing loops.
The implementation of traceroute in Huawei ARG3 series routers adopts the use of the UDP transport layer protocol to define a service port as the destination. Each hop sends three probe packets, for which the TTL value is initially set to a value of 1 and incremented after every three packets. In addition, a UDP destination port of 33434 is specified for the first packet and incremented for every successive probe packet sent. A hop-by-hop result is generated, allowing for the path to be determined, as well as for any general delay that may occur to be discovered.
This is achieved by measuring the duration between when the ICMP message was sent and when the corresponding TTL expired in transit ICMP error is received. When receiving a packet, the ultimate destination is unable to discover the port specified in the packet, and thus returns an ICMP Type 3, Code 3 (Port Unreachable) packet, and after three attempts the traceroute test ends. The test result of each probe is displayed by the source, in accordance with the path taken from the source to the destination. If a fault occurs when the trace route command is used, the following information may be displayed:
!H: The host is unreachable.
!N: The network is unreachable.
!: The port is unreachable.
!P: The protocol type is incorrect.
!F: The packet is incorrectly fragmented.
!S: The source route is incorrect.
Summary
The Ping application uses the echo request message of type 8 to attempt to discover the destination. A separate echo reply message, defined by a type field of 0, is returned to the original source based on the source IP address in the IP header field.
In the event that the TTL value of an IP datagram reaches 0 before the datagram is able to reach the intended destination, the gateway device receiving the datagram will proceed to discard it and return an ICMP message to the source to notify that the datagram in question was unable to reach the intended destination. The specific reason will be defined by the code value to reflect for example whether the failure was due to a failure to discover the host, a port on the host or whether the service for a given protocol was not supported etc.
Ref : Huawei