You are currently offline, waiting for your internet to reconnect

Internet Control Message Protocol (ICMP) Basics

This article was previously published under Q170292
Internet Control Message Protocol (ICMP) is an error reporting anddiagnostic utility and is considered a required part of any IPimplementation. Understanding ICMP and knowing what can possibly generatea specific type of ICMP is useful in diagnosing network problems.
ICMPs are used by routers, intermediary devices, or hosts to communicateupdates or error information to other routers, intermediary devices, orhosts.

Each ICMP message contains three fields that define its purpose andprovide a checksum. They are TYPE, CODE, and CHECKSUM fields. The TYPEfield identifies the ICMP message, the CODE field provides furtherinformation about the associated TYPE field, and the CHECKSUM provides amethod for determining the integrity of the message.

The TYPES defined are:
TYPE   Description----   -----------0      Echo Reply3      Destination Unreachable4      Source Quench5      Redirect Message8      Echo Request11     Time Exceeded12     Parameter Problem13     Timestamp Request14     Timestamp Reply15     Information Request (No Longer Used)16     Information Reply (No Longer Used)17     Address Mask Request18     Address Mask Reply				

Echo Request & Echo Reply

This is the ICMP most used to test IP connectivity commonly known as PING.The Echo Request ICMP will have a Type field of 8 and a Code field of 0.Echo Replies have a Type field of 0 and a Code field of 0.

Destination Unreachable

When a packet is undeliverable, a Destination Unreachable, Type 3, ICMP isgenerated. Type 3 ICMPs can have a Code value of 0 to 15:
Type 3CodeValue   Description-----   -----------0       Network Unreachable1       Host Unreachable2       Protocol Unreachable3       Port Unreachable4       Fragmentation needed and DF (Don't Fragment) set5       Source route failed6       Destination Network unknown7       Destination Host unknown8       Source Host isolated9       Communication with Destination Network Administratively Prohibited10      Communication with Destination Host Administratively Prohibited11      Network Unreachable for Type Of Service12      Host Unreachable for Type Of Service13      Communication Administratively Prohibited by Filtering14      Host Precedence Violation15      Precedence Cutoff in Effect				

Source Quench

An ICMP Source Quench message has a Type field of 4 and Code 0. SourceQuench messages are sent when the destination is unable to process trafficas fast as the source is sending it. The Source Quench ICMP tells thesource to cut back the rate at which it is sending data. The destinationwill continue to generate Source Quench ICMPs until the source is sendingat an acceptable speed.

Redirect Message

An intermediary device will generate an ICMP Redirect Message when itdetermines that a route being requested can be reached either locally orthrough a better path. Redirect Message ICMPs are Type 5 and are furtherdefined by the following Code field values:
Type 5CodeValue   Description-----   -----------0       Redirect datagrams for the Network1       Redirect datagrams for the Host2       Redirect datagrams for the Type of Service and Network3       Redirect datagrams for the Type of Service and Host				

Time Exceeded

If a router or host discards a packet due to a time-out, it will generatea Time Exceeded Type 11 ICMP. The Time Exceeded ICMP will have a Codevalue of either 0 or 1. A Code 0 is generated when the hop count of adatagram is exceeded and the packet is discarded. A Code 1 is generatedwhen the reassemble of a fragmented packet exceeds the time-out value.

Parameter Problem

When an intermediary device or host discards a datagram due to inabilityto process, an ICMP 12 is generated. Common causes of this ICMP arecorrupt header information or missing options. If the reason for the ICMPis a required missing option, the ICMP will have a Code value of 1. If theCode value is 0, the Pointer field will contain the octet of the discardeddatagram's header where the error was detected.

Timestamp Request & Timestamp Reply

Timestamp Request and Timestamp Reply is a rudimentary method forsynchronizing the time maintained on different devices. The Request has aType field of 13 and the Reply is Type 14. This method for timesynchronization is crude and unreliable. Therefore, it is not heavilyused.

Information Request & Information Reply

These ICMP types were originally designed to allow a booting host todiscover an IP address. This method is obsolete and is no longer used.Most common methods for IP address discovery are BOOTP (bootstrapprotocol) and DHCP (dynamic host configuration protocol). BOOTP is definedby RFC1542, and DHCP is defined by RFC1541. For information aboutMicrosoft's implementation of DHCP, please see the following MicrosoftKnowledge Base article:
169289 DHCP (Dynamic Host Configuration Protocol) Basics

Address Mask Request & Address Mask Reply

A booting computer to determine the subnet mask in use on the localnetwork uses the Address Mask Request ICMP Type 17. An intermediary deviceor computer acting as an intermediary device will reply with a Type 18ICMP Address Mask Reply ICMP.
For more information about ICMP, see RFC950, RFC792, and RFC1122.

RFCs may be obtained via the Internet as follows:

Paper copies of all RFCs are available from the NIC, either individuallyor on a subscription basis (for more information, contactNIC@NIC.DDN.MIL). Online copies are available via FTP or Kermit fromNIC.DDN.MIL as rfc/rfc####.txt or rfc/rfc####.PS (#### is the RFC numberwithout leading zeros).
HIS 2000

Article ID: 170292 - Last Review: 02/23/2007 21:52:00 - Revision: 3.3

  • Microsoft Host Integration Server 2000 Standard Edition
  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional Edition
  • Microsoft Windows 2000 Datacenter Server
  • Microsoft Windows NT Advanced Server 3.1
  • Microsoft Windows NT Server 3.5
  • Microsoft Windows NT Server 3.51
  • Microsoft Windows NT Server 4.0 Standard Edition
  • Microsoft Windows NT Workstation 3.1
  • Microsoft Windows NT Workstation 3.5
  • Microsoft Windows NT Workstation 3.51
  • Microsoft Windows NT Workstation 4.0 Developer Edition
  • Microsoft Windows NT Advanced Server 3.1
  • Microsoft SNA Server 1.0
  • Microsoft Windows for Workgroups 3.2
  • Microsoft TCP/IP-32 for Windows for Workgroups 1.0
  • Microsoft Windows 95
  • kbnetwork KB170292