ICMP Internet Control Message Protocol

ICMP allows routers to send error or control messages back to source of a datagram that caused a problem
ICMP messages are not usually delivered to application

• ICMP can be think like  as providing communication between an ICMP module on one machine and ICMP module in another

ICMP is used to allow routers to report error or provide information about unexpected circumstances

ERROR reporting and ERROR correction

• ICMP does not interact with the host
• ICMP does not attempt to correct the error

ICMP provide a way for routers that encounter an error to report the error to the original source

• Routers are stateless as possible
• The idea of error reporting rather than error correcting help to improve security
• If an attacker send frequently incorrect message and the router tries to correct the problem it will not respond slowly ,So error correction is not done by router
• If the router detect a problem the IP cannot know the set of intermediate machine that processed the datagram .So it cannot inform them of the problem instead of silently discarding the datagram,the router use ICMP to inform the original source

ICMP message format

All ICMP message begin with same three field

1. TYPE :- identify specific ICMP message to purse remainder of message
2. CODE :- Information about ICMP ...eg :- TIME EXCEEDED message can have a code value(to indicate the hop count (TTC) of datagram reached zero)
3. CHECKSUM :-

MESSAGE BODY :- depend entirely on message type

Testing reachability and status

Ping send an ICMP echo request message to remote computer
ping program receives ICMP Echo reply from the remote Computer
ECHO Request and Reply message format of ICMP

TYPE - request-IPV4→8-IPV6→128
TYPE - reply-   IPV4→0-IPV6→129
CODE-0
An Echo reply contain sequence data on Echo request arbitrary data can also sent