What is ICMP?

ICMP stands for Internet Control Message Protocol.

It is a network layer protocol (part of the IP suite) mainly used for sending error messages and operational information — for example, when a service is unreachable or a router cannot forward packets properly.

How ICMP works:

  • Not for sending data: ICMP isn’t used to exchange application data like a web page or an email. Instead, it’s used by network devices (like routers and hosts) to communicate problems or to diagnose network issues.
  • Message types: ICMP messages are structured into different types and codes, such as:
    • Echo Request / Echo Reply (Ping): Test if a device is reachable.
    • Destination Unreachable: Informs the sender that the packet can’t reach its destination.
    • Time Exceeded: Tells the sender that a packet was discarded because it “lived” too long (TTL expired).
    • Redirect: Informs a host that it should send packets through a different router.
  • How it’s used:
    Suppose you use the ping command:
    • Your computer sends an ICMP Echo Request packet to a remote device.
    • If the device is online and reachable, it sends back an ICMP Echo Reply.
    • The round-trip time is measured to check network speed and connectivity.
  • Packet structure:
    ICMP messages are encapsulated inside IP packets. They have a simple structure including:
    • Type (what kind of ICMP message)
    • Code (further detail about the type)
    • Checksum (error checking)
    • Additional data (like IP header of the original packet)

Important point:

Although ICMP is crucial for diagnosing networks, some firewalls or routers may block ICMP traffic to prevent misuse (e.g., preventing ICMP-based attacks like ping floods).


1 Comments

If you have any doubt, Questions and query please leave your comments

  1. Great article Ram. I feel like it explains ICMP at the perfect level.

    ReplyDelete
Previous Post Next Post