Internet Control Message Protocol.

ICMP is defined predominantly in RFC-792 (Sept 1981). It had been previously discussed in RFC-760 and RFC-777. ICMP is used to send traffic control information between IP-connected hosts and gateways. ICMP datagrams are created and transmitted in response to IP packets which require some form of status response to the original sender, usually indicating a connectivity failure between hosts.

ICMP is not a connection oriented protocol. Thus, it is also not "reliable" in the sense that datagram delivery is on a best effort basis. Many Internet gateways set ICMP to a low priority such that ICMP data may be lost in event of congestion.

An ICMP datagram is encapsulated directly in an IP packet -- that is to say, ICMP is a "Layer 4" protocol of the OSI Reference Model just like TCP or UDP with which most users are more familiar -- with a protocol "type" field of 1. The first byte of an ICMP datagram is the "type" field. Current ICMP datagram types, as defined in RFC-1700, Assigned Numbers:

Type    Name
----    -------------------------
  0     Echo Reply
  1     Unassigned
  2     Unassigned
  3     Destination Unreachable
  4     Source Quench
  5     Redirect
  6     Alternate Host Address
  7     Unassigned
  8     Echo
  9     Router Advertisement
 10     Router Selection
 11     Time Exceeded
 12     Parameter Problem
 13     Timestamp
 14     Timestamp Reply
 15     Information Request
 16     Information Reply
 17     Address Mask Request
 18     Address Mask Reply
 19     Reserved (for Security)
 20-29  Reserved (for Robustness Experiment)
 30     Traceroute
 31     Datagram Conversion Error
 32     Mobile Host Redirect
 33     IPv6 Where-Are-You
 34     IPv6 I-Am-Here
 35     Mobile Registration Request
 36     Mobile Registration Reply
 37     Domain Name Request
 38     Domain Name Reply
 39     SKIP                            (??)
 40     Security Failures
 41     Probe Request
 42     Probe Reply
 43-255 Reserved
The significance of bytes following the "type" field are determined by the specified type.

The most frequently encountered ICMP datagrams on the Internet are "Destination Unreachable" and "Time Exceeded" messages. Both of these ICMP datagram types follow the "type" field with a one-byte status code, two bytes of checksum, 32 unused bits, and a portion of the original IP packet (header plus 64 bits of payload). The status code indicates the reason that the original packet exceeded the maximum time or was otherwise unable to reach its destination.

Destination Unreachable datagrams with a code of 1 indicate that the remote host was unreachable -- this is typically a result of a downed route between two hosts and is the most common negative response to a ping(1) attempt. Time Exceeded datagrams, on the other hand, are central to the functionality of the traceroute(1) program. IP packets containing UDP (or sometimes ICMP) datagrams are generated by the sender with increasing TTL values; the ICMP Time Exceeded datagrams in response indicate the IP address of each gateway between origin and destination host.

ICMP is also used for route status exchange between gateways in some routing protocol definitions, but is falling out of use in favor of more reliable protocols.

Log in or register to write something here or to contact authors.