– is a Transport layer protocol. When encapsulated into IP, the protocol field of the IP header = 1 to mean “ICMP”.
– header fields:
- Message-specific information
– header size is 8 Bytes: the first 4 Bytes are fixed in size (Type, Code and Checksum) and the last 4 Bytes have a variable size.
– performs error reporting and congestion notification (with ICMP Source Quench messages, which are deprecated)
– is used by two popular networking tools: Traceroute and Ping
– ICMP Echo Request is Type 8 Code 0
– ICMP Echo Reply is Type 0 Code 0
– At the receiver side, an ICMP error message (such as Destination Unreachable) contain the IP datagram of the sender, in the payload, plus the first 8 Bytes of data originally sent by the sender. The ICMP error message is then encapsulated in a new IP datagram in order to be sent back to the sender.
The following ICMP error messages are sent by routers:
- ICMP Network Unreachable (first router in the path)
- ICMP Host Unreachable (last router in the path; the router connected to the same network as the destination host)
- ICMP TTL Expired
– Here is an example of a popular ICMP error message (ICMP Port Unreachable) and what it contains: Cloudshark