# ICMP - Internet Control Message Protocol ## What is ICMP ICMP, the Internet Control Message Protocol, is a supporting protocol in the TCP/IP suite that is used by network devices, especially routers, to send error messages and operational information indicating success or failure when communicating with another IP address. ICMP is not used to transmit application data but is used by the network itself for diagnostic and control purposes. ICMP operates at the Network layer and is an integral part of the Internet Protocol suite. Both IPv4 uses ICMPv4 and IPv6 uses ICMPv6. ## ICMP Message Format Every ICMP message begins with a type field that identifies the kind of ICMP message, a code field that provides additional information about the type, and a checksum. Following these common fields, the format varies depending on the type of message. Some ICMP messages also include the header and first 8 bytes of the original packet that caused the error, allowing the source to identify which packet triggered the error. ## ICMP Error Messages Destination unreachable messages are sent when a router or host cannot deliver a packet. Different code values indicate different reasons, such as network unreachable, host unreachable, protocol unreachable, port unreachable, or fragmentation needed but don't fragment bit is set. Time exceeded messages are sent when a packet's TTL reaches zero, indicating the packet exceeded its allowed lifespan. This message is used by traceroute. Redirect messages are sent by a router to inform a host of a better route for a particular destination. Parameter problem messages indicate an error in the IP header of the original packet. ## ICMP Query Messages Echo request and echo reply messages are used by the ping utility to test connectivity between two hosts. A host sends an echo request to the target, and the target responds with an echo reply. The round-trip time is measured to assess network latency. Router solicitation and router advertisement messages are used by hosts to discover routers on the local network. Address mask request and reply are used to discover the subnet mask. ## Ping and Traceroute Ping sends ICMP echo request messages to a target host and listens for echo replies. It measures the round-trip time and reports packet loss. Traceroute discovers the path packets take by sending packets with increasing TTL values starting from 1. The first packet reaches the first router, which decrements the TTL to zero and sends a time exceeded message back to the source. The source records this router's address. The second packet with TTL 2 reaches the second router before being discarded. This continues until the destination is reached, revealing each hop in the path.