ICMP stands for Internet Control Message Protocol.
It is a network layer protocol (part of the IP suite) mainly used for sending error messages and operational information — for example, when a service is unreachable or a router cannot forward packets properly.
How ICMP works:
- Not for sending data: ICMP isn’t used to exchange application data like a web page or an email. Instead, it’s used by network devices (like routers and hosts) to communicate problems or to diagnose network issues.
- Message types: ICMP messages are structured into different types and codes, such as:
- Echo Request / Echo Reply (Ping): Test if a device is reachable.
- Destination Unreachable: Informs the sender that the packet can’t reach its destination.
- Time Exceeded: Tells the sender that a packet was discarded because it “lived” too long (TTL expired).
- Redirect: Informs a host that it should send packets through a different router.
- How it’s used:
Suppose you use the ping command: - Your computer sends an ICMP Echo Request packet to a remote device.
- If the device is online and reachable, it sends back an ICMP Echo Reply.
- The round-trip time is measured to check network speed and connectivity.
- Packet structure:
ICMP messages are encapsulated inside IP packets. They have a simple structure including:
- Type (what kind of ICMP message)
- Code (further detail about the type)
- Checksum (error checking)
- Additional data (like IP header of the original packet)
Important point:
Although ICMP is crucial for diagnosing networks, some firewalls or routers may block ICMP traffic to prevent misuse (e.g., preventing ICMP-based attacks like ping floods).
Tags:
ICMP
Great article Ram. I feel like it explains ICMP at the perfect level.
ReplyDelete