Article ID: 170292 - View products that this article applies to.
This article was previously published under Q170292
Internet Control Message Protocol (ICMP) is an error reporting and diagnostic utility and is considered a required part of any IP implementation. Understanding ICMP and knowing what can possibly generate a specific type of ICMP is useful in diagnosing network problems.
ICMPs are used by routers, intermediary devices, or hosts to communicate updates or error information to other routers, intermediary devices, or hosts.
Each ICMP message contains three fields that define its purpose and provide a checksum. They are TYPE, CODE, and CHECKSUM fields. The TYPE field identifies the ICMP message, the CODE field provides further information about the associated TYPE field, and the CHECKSUM provides a method for determining the integrity of the message.
The TYPES defined are:
TYPE Description ---- ----------- 0 Echo Reply 3 Destination Unreachable 4 Source Quench 5 Redirect Message 8 Echo Request 11 Time Exceeded 12 Parameter Problem 13 Timestamp Request 14 Timestamp Reply 15 Information Request (No Longer Used) 16 Information Reply (No Longer Used) 17 Address Mask Request 18 Address Mask Reply
Echo Request & Echo ReplyThis is the ICMP most used to test IP connectivity commonly known as PING. The Echo Request ICMP will have a Type field of 8 and a Code field of 0. Echo Replies have a Type field of 0 and a Code field of 0.
Destination UnreachableWhen a packet is undeliverable, a Destination Unreachable, Type 3, ICMP is generated. Type 3 ICMPs can have a Code value of 0 to 15:
Type 3 Code Value Description ----- ----------- 0 Network Unreachable 1 Host Unreachable 2 Protocol Unreachable 3 Port Unreachable 4 Fragmentation needed and DF (Don't Fragment) set 5 Source route failed 6 Destination Network unknown 7 Destination Host unknown 8 Source Host isolated 9 Communication with Destination Network Administratively Prohibited 10 Communication with Destination Host Administratively Prohibited 11 Network Unreachable for Type Of Service 12 Host Unreachable for Type Of Service 13 Communication Administratively Prohibited by Filtering 14 Host Precedence Violation 15 Precedence Cutoff in Effect
Source QuenchAn ICMP Source Quench message has a Type field of 4 and Code 0. Source Quench messages are sent when the destination is unable to process traffic as fast as the source is sending it. The Source Quench ICMP tells the source to cut back the rate at which it is sending data. The destination will continue to generate Source Quench ICMPs until the source is sending at an acceptable speed.
Redirect MessageAn intermediary device will generate an ICMP Redirect Message when it determines that a route being requested can be reached either locally or through a better path. Redirect Message ICMPs are Type 5 and are further defined by the following Code field values:
Type 5 Code Value Description ----- ----------- 0 Redirect datagrams for the Network 1 Redirect datagrams for the Host 2 Redirect datagrams for the Type of Service and Network 3 Redirect datagrams for the Type of Service and Host
Time ExceededIf a router or host discards a packet due to a time-out, it will generate a Time Exceeded Type 11 ICMP. The Time Exceeded ICMP will have a Code value of either 0 or 1. A Code 0 is generated when the hop count of a datagram is exceeded and the packet is discarded. A Code 1 is generated when the reassemble of a fragmented packet exceeds the time-out value.
Parameter ProblemWhen an intermediary device or host discards a datagram due to inability to process, an ICMP 12 is generated. Common causes of this ICMP are corrupt header information or missing options. If the reason for the ICMP is a required missing option, the ICMP will have a Code value of 1. If the Code value is 0, the Pointer field will contain the octet of the discarded datagram's header where the error was detected.
Timestamp Request & Timestamp ReplyTimestamp Request and Timestamp Reply is a rudimentary method for synchronizing the time maintained on different devices. The Request has a Type field of 13 and the Reply is Type 14. This method for time synchronization is crude and unreliable. Therefore, it is not heavily used.
Information Request & Information ReplyThese ICMP types were originally designed to allow a booting host to discover an IP address. This method is obsolete and is no longer used. Most common methods for IP address discovery are BOOTP (bootstrap protocol) and DHCP (dynamic host configuration protocol). BOOTP is defined by RFC1542, and DHCP is defined by RFC1541. For information about Microsoft's implementation of DHCP, please see the following Microsoft Knowledge Base article:
(https://support.microsoft.com/kb/169289/EN-US/ )DHCP (Dynamic Host Configuration Protocol) Basics
Address Mask Request & Address Mask ReplyA booting computer to determine the subnet mask in use on the local network uses the Address Mask Request ICMP Type 17. An intermediary device or computer acting as an intermediary device will reply with a Type 18 ICMP Address Mask Reply ICMP.
For more information about ICMP, see RFC950, RFC792, and RFC1122.
RFCs may be obtained via the Internet as follows:
Paper copies of all RFCs are available from the NIC, either individually or on a subscription basis (for more information, contact NIC@NIC.DDN.MIL
(mailto:NIC@NIC.DDN.MIL)). Online copies are available via FTP or Kermit from NIC.DDN.MIL as rfc/rfc####.txt or rfc/rfc####.PS (#### is the RFC number without leading zeros).
Article ID: 170292 - Last Review: February 23, 2007 - Revision: 3.3