ICMP (Internet Control Message Protocol) is one of the most powerful tools for network administrators. Still, hackers frequently misuse it to form attacks and slip connections through firewalls. As a result, many risk-averse network admins turn off ICMP ultimately. An ICMP error message indicates that the destination host device or an intermediary router receives more data than it can process. Each ICMP error message has a specific code that describes the problem.
Timestamp Request/Reply
The Timestamp Request/Reply type of ICMP lets one device query another about its current time. Unlike TCP, which is a connection-oriented protocol that requires a connection to be established before sending data between two devices, ICMP is a connectionless network protocol. This allows the ping command to facilitate testing connectivity between devices without a connection. The format of an ICMP timestamp request message starts with the 8-bit ICMP header, followed by the IP data packet. ICMP headers also contain a checksum computed from the ICMP data and added to the header before transmission. The value of the ICMP checksum is verified against the calculated value at the receiving end. If there is a mismatch, this indicates that the ICMP data was corrupted or lost during transmission. The following 16-bit ICMP field is the Code, which provides additional information about the message. For example, the ICMP Destination Unreachable (Type 3) message contains codes that indicate whether the destination host is unreachable or its network is experiencing congestion. Delving into ICMP types provides a nuanced understanding of the Internet Control Message Protocol, allowing network administrators to fine-tune security measures and optimize network performance based on the specific characteristics of each ICMP message type.
Echo Request/Reply
The first Type of ICMP message is the Echo Request, commonly known as the ping: this paired query and reply test Layer 3 connections between two devices. To send an Echo Request, the sending device generates and transmits a special ICMP message with the Type value set to 8. The receiving device then responds with a special ICMP message with the same Type and Code, indicating it is available. The ICMP Echo Request/Reply message contains information besides the Type, Code, and Checksum values. The Type is an 8-bit integer that indicates what kind of ICMP message it is; the checksum is calculated and inserted into the packet before it is transmitted, and the Timestamp value provides a timestamp of when the original ICMP packet was sent. The Internet Assigned Numbers Authority has a complete ICMP message types and codes list. ICMP is designed to help network administrators troubleshoot problems quickly and keep the rest of their network running smoothly. It doesn’t fix the problem; it simply reports the error and allows upper-layer protocols to take action.
As a result, ICMP doesn’t get special priority on the network; the messages are just treated as other traffic and might be lost or discarded by other devices. This design concept is a good one; otherwise, the errors could be reported over and over again and would cause an even bigger headache for network administrators.
Address Mask Request/Reply
The Internet Control Message Protocol (ICMP) is one of network administrators’ most potent tools to troubleshoot and solve problems. However, because hackers can use ICMP to form attacks, many risk-averse network administrators turn it off, missing out on valuable utilities such as ping and traceroute. ICMP provides feedback and error reporting for IP data packet transmission. When a data packet doesn’t reach its destination, ICMP will tell the source device why it didn’t make it. It also provides information about other problems, such as congestion and routing issues. The ICMP header is separate from the IP packet header and contains a code (8-bit field). The Type and Code describe the particular error or request. For example, a type 3 message with code 0 specifies that the destination host is unreachable. Network administrators use ICMP to test and diagnose network problems. They use ping and traceroute to find out where in the path of a data packet’s journey from its source to its destination and whether or not the path is working. These functions help administrators fix network problems quickly and keep the system running.
Checksum Request/Reply
The Checksum Request/Reply type of ICMP allows devices to verify that the IP header of a data packet has not been modified during transmission. This is done by sending a checksum request to the destination device and comparing the response with the original data packet’s checksum. The network device may report an error to the sender if there is a mismatch. Each ICMP message includes two fields to help determine the cause of the error: the “Type” field, which is an 8-bit value that defines the general category of the message, and the “code” field, which is a 16-bit one’s complement sum of the ICMP header starting with the ICMP type. ICMP also supports several other error messages, such as those that indicate a particular part of the IP header is incorrect or required options are missing. These are called Parameter Problem messages and are reported using ICMP type 12 with code 0 or 1. While the ICMP protocol does not offer flow control or error correction, it provides a valuable tool for network administrators. ICMP reports errors and exceptions to upper-layer protocols and allows those protocols to correct the problems. It does this without a formal connection, so ICMP is considered a connectionless protocol.