ICMP (Internet Control Message Protocol) is an error-reporting protocol that network devices such as routers use to generate error messages to the source IP address when network problems prevent delivery of IP packets. ICMP creates and sends messages to the source IP address indicating that a gateway to the internet, such as a router, service or host, cannot be reached for packet delivery. Any IP network device has the capability to send, receive or process ICMP messages. Show
ICMP is not a transport protocol that sends data between systems. While ICMP is not used regularly in end-user applications, it is used by network administrators to troubleshoot internet connections in diagnostic utilities including ping and traceroute.
What is ICMP used for?ICMP is a network layer protocol used by routers, intermediary devices and hosts to communicate error information or updates to other routers, intermediary devices and hosts. ICMP messages are sent in several scenarios. For example, if one device sends a message that is too large for the recipient to process, the recipient will drop that message and send an ICMP message back to the source. Another example is when the network gateway finds a shorter route for the message to travel on. When this happens, an ICMP message is sent, and the packet is redirected to the shorter route. ICMP is also used for network diagnostics, specifically the ping and traceroute terminal utilities.
The widely used Internet Protocol version 4, or IPv4 address class, and the newer IPv6 use similar versions of the ICMP protocol -- ICMPv4 and ICMPv6, respectively. Host A attempts to send an IP packet to Host B. Host B is unreachable, so the router responds with a Type 3 ICMP message.How does ICMP work?ICMP is one of the main protocols of the IP suite. However, ICMP is not associated with any transport layer protocol, such as Transmission Control Protocol (TCP) or User Datagram Protocol (UDP). It is a connectionless protocol, meaning a device does not need to open a connection with the target device before sending a message. This contrasts with TCP, for example, where a connection must be established before a message can be sent, establishing that both devices are ready through a TCP handshake. ICMP messages are transmitted as datagrams and consist of an IP header that encapsulates the ICMP data. A datagram, much like a packet, is a self-contained independent entity of data. Think of it as a package carrying a piece of a bigger message across the network. ICMP packets are IP packets with ICMP in the IP data portion. ICMP messages also contain the entire IP header from the original message, so the end system knows which packet failed. The ICMP header appears after the IPv4 or IPv6 packet header and is identified as IP protocol number 1. The protocol contains three parameters, explained below. Following the three parameters are the ICMP data and the original IP header identifying which packet failed. ICMP parametersICMP parameters exist in the packet header, and they help identify the errors in the IP packet to which they pertain. The parameters are like a shipping label on a package. They provide identifying information about the packet and the data it contains. That way, the protocols and network tools receiving the ICMP message know how to handle the packet. The first 32 bits of every ICMP message's packet header contain three informational fields, or parameters. Those three parameters are the following:
The next part of the ICMP header is the pointer. It consists of 32 bits of data that points out the problem in the original IP message. Specifically, the pointer identifies the byte location in the original IP message that caused the generation of the problem message. The receiving device looks at this part of the header to pinpoint the problem. The final section of the ICMP packet is the original datagram. It consists of up to 576 bytes in IPv4 and 1,280 bytes in IPv6 and includes a copy of the original error-containing IP message. The ICMP packet header comes after the IPv4 or IPv6 header. It contains three parts: type, code and checksum. The header is followed by the pointer, which identifies the problem in the original message, and then comes the original datagram.ICMP in DDoS attacksIn distributed DoS (DDoS) attacks, attackers overwhelm the target with unwanted traffic so the target cannot provide service to its users. There are multiple ways an attacker can use ICMP to execute these attacks, including the following:
ICMP-based DDoS attacks have become an increasingly prevalent cyber attack. Find out more about DDoS attacks in general and how they have become more tactically diverse in recent years. This was last updated in March 2021 Continue Reading About ICMP (Internet Control Message Protocol)
Dig Deeper on Network Infrastructure
What are three components of message timing?The Rules. Message Timing. Another factor that affects how well a message is received and understood is timing. ... . Access Method. Access method determines when someone is able to send a message. ... . Flow Control. Timing also affects how much information can be sent and the speed that it can be delivered. ... . Response Timeout.. What are the types of rules that are necessary to successfully communicate?Among the protocols that govern successful human communication are these:. An identified sender and receiver.. Agreed-upon method of communicating (face-to-face, telephone, letter, photograph). Common language and grammar.. Speed and timing of delivery.. Confirmation or acknowledgment requirements.. Which delivery method is used to transmit information to one or more end devices but not all devices on the network *?Unicast delivery occurs when one source host sends a message to one destination host. The sending of the same message from a host to a group of destination hosts is multicast delivery.
Which two message timing mechanisms are used in data communication?Flow control and response timeout are two message timing mechanisms that are used in communications to manage the number of messages sent at once and to manage the period to wait for a response.
|