Internet Control Message Protocol (ICMP) plays a crucial role in the communication between devices within an IP network. It primarily facilitates the reporting of errors and provides diagnostic functions. ICMP operates in both IPv4 and IPv6 networks, enabling network devices to exchange control messages. Let’s delve into the significant ICMP message types and their functionalities. In this topic, you will learn about the different types of Internet Control Message Protocols (ICMPs), and the tools that are used to send them.
Although IP is only a best-effort protocol, the TCP/IP suite does provide for error messages and informational messages when communicating with another IP device. ICMP utilizes these messages for transmission. The purpose of these messages is to provide feedback about issues related to the processing of IP packets under certain conditions, not to make IP reliable. Networks frequently disallow ICMP messages due to security reasons, making them unnecessary.
ICMP is available for both IPv4 and IPv6. ICMPv4 is the messaging protocol for IPv4. ICMPv6 provides these same services for IPv6 but includes additional functionality. Throughout this course, we will use the term ICMP to refer to both ICMPv4 and ICMPv6.
In IPv4, ICMP messages are fundamental in handling various network situations. They include:
Host Reachability
People commonly refer to ICMP echo requests and echo replies as “pings.” These messages confirm if a destination is reachable and responsive. For instance, initiating a ping from a local machine to another device validates their connectivity.
$ ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=1.20 ms
Destination or Service Unreachable
When a router encounters an unreachable destination or a service, it generates ICMP messages to notify the sender. Also, this feedback assists in troubleshooting connectivity issues.
$ ping 10.10.10.10
From 192.168.1.1 icmp_seq=1 Destination Host Unreachable
The message contains a code that shows why the packet couldn’t reach its destination.
Some of the Destination Unreachable codes for ICMPv4 are as follows:
- 0 – Net unreachable
- 1 – Host unreachable
- 2 – Protocol unreachable
- 3 – Port unreachable
Some of the Destination Unreachable codes for ICMPv6 are as follows:
- 0 – No route to destination
- 1 – Communication with the destination is administratively prohibited (e.g., firewall)
- 2 – Beyond scope of the source address
- 3 – Address unreachable
- 4 – Port unreachable
Time Exceeded
ICMP time exceeded messages indicate when the Time-to-Live (TTL) value reaches zero or when a packet exceeds its maximum hop count. This occurs in scenarios where a packet traverses a loop or encounters excessive routing delays.
$ ping 8.8.8.8
From 192.168.1.1 icmp_seq=1 Time to live exceeded
In IPv6, ICMPv6 carries out similar functionalities with enhancements for the IPv6 protocol suite. However, ICMPv6 has new features and improved functionality not found in ICMPv4. IPv6 encapsulates ICMPv6 messages.
ICMPv6 includes four new protocols as part of the Neighbor Discovery Protocol (ND or NDP).
Messaging between an IPv6 router and an IPv6 device, including dynamic address allocation are as follows:
- Router Solicitation (RS) message – An IPv6-enabled router will also send out an RA message in response to an RS message.
- Router Advertisement (RA) message – RA messages are sent by IPv6-enabled routers every 200 seconds to provide addressing information to IPv6-enabled hosts. The RA message can include addressing information for the host such as the prefix, prefix length, DNS address, and domain name. A host using Stateless Address Autoconfiguration (SLAAC) will set its default gateway to the link-local address of the router that sent the RA.
Messaging between IPv6 devices, including duplicate address detection and address resolution are as follows:
- Neighbor Solicitation (NS) message – When a device is assigned a global IPv6 unicast or link-local unicast address, it may perform duplicate address detection (DAD) to ensure that the IPv6 address is unique. To check the uniqueness of an address, the device will send an NS message with its own IPv6 address as the targeted IPv6 address.
- Neighbor Advertisement (NA) message – Address resolution is used when a device on the LAN knows the IPv6 unicast address of a destination but does not know its Ethernet MAC address. To determine the MAC address for the destination, the device will send an NS message to the solicited node address. The message will include the known (targeted) IPv6 address. The device that has the targeted IPv6 address will respond with an NA message containing its Ethernet MAC address.
Conducting Ping Tests
Pinging the Loopback
The loopback address, often represented as 127.0.0.1 in IPv4 and ::1 in IPv6, allows a device to test its own network interface. A response from 127.0.0.1 for IPv4, or ::1 for IPv6, indicates that the host has properly installed IP. This response comes from the network layer. However, this response fails to confirm whether the addresses, masks, or gateways have received proper configuration. Nor does it indicate anything about the status of the lower layer of the network stack. So, this simply tests IP down through the network layer of IP. An error message indicates that TCP/IP is not operational on the host.
$ ping 127.0.0.1
PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.030 ms
Pinging the Default Gateway
This confirms if the local device can reach the router that serves as the gateway to other networks.
In this test, users most often utilize the default gateway address because the router typically remains operational at all times. If the default gateway address fails to respond, users can send a ping to the IP address of another operational host within the local network.
So either the default gateway or another host responds, then the local host can successfully communicate over the local network. If the default gateway does not respond but another host does, this could indicate a problem with the router interface serving as the default gateway.
$ ping <gateway_IPv4_or_IPv6>
PING <gateway_IPv4_or_IPv6> (<gateway_IPv4_or_IPv6>) 56(84) bytes of data.
64 bytes from <gateway_IPv4_or_IPv6>: icmp_seq=1 ttl=64 time=0.520 ms
Pinging a Remote Host
It helps assess the connectivity between your device and another host on the network or the internet.
If this ping is successful, the operation of a large piece of the internetwork can be verified. A successful ping across the internetwork confirms communication on the local network, the operation of the router serving as the default gateway, and the operation of all other routers that might be in the path between the local network and the network of the remote host.
Additionally, the functionality of the remote host can be verified. So, if the remote host could not communicate outside of its local network, it would not have responded.
$ ping <remote_host_IPv4_or_IPv6>
PING <remote_host_IPv4_or_IPv6> (<remote_host_IPv4_or_IPv6>) 56(84) bytes of data.
64 bytes from <remote_host_IPv4_or_IPv6>: icmp_seq=1 ttl=55 time=20.1 ms
Using Traceroute to Test the Path
Traceroute is a diagnostic tool that displays the route (path) and measures transit delays of packets across an IP network.
$ traceroute <destination_IPv4_or_IPv6>
Traceroute illustrates the path taken by packets to reach the specified destination, showcasing the intermediate hops and their response times.
Round Trip Time (RTT)
Using traceroute provides round-trip time for each hop along the path and indicates if a hop fails to respond. The round-trip time is the time a packet takes to reach the remote host and for the response from the host to return.
IPv4 TTL and IPv6 Hop Limit
Traceroute makes use of a function of the TTL field in IPv4 and the Hop Limit field in IPv6 in the Layer 3 headers, along with the ICMP Time Exceeded message.
In conclusion, understanding ICMP messages and utilizing tools like ping and traceroute aids in diagnosing network issues, ensuring robust connectivity and effective troubleshooting within IPv4 and IPv6 environments.