At the network layer, ICMP plays an important role. It can be regarded as a reviewer and helps us check some transmission problems in messages. Then we will standardize the definition of this Protocol. Internet Control Message Protocol (ICMP) is used to send Control messages in a TCP/IP network and provide feedback on problems that may occur in the communication environment, with this information, managers can diagnose the problem and take appropriate measures to solve it 。
ICMP relies on IP to complete its tasks. It is the main part of the IP address. It is significantly different from the transmission protocol, such as TCP and UDP: it is generally not used to transmit data between two points. It is usually not directly used by network programs, except for ping and traceroute 。
ICMP of IPv4 is also called ICMPv4. IPv6 also has a similar protocol called ICMPv6 。
ICMP messages are generated at the IP layer from a common IP datagram that generates an ICMP response. The IP address uses a new header for an appropriate ICMP message) encapsulate (to send ICMP messages back to the original sender), and then send the generated data packets back in a conventional way 。
For example, the TTL (time to live) in the IP header must be reduced by 1 for each machine that forwards IP data packets (such as a router on the way). If the TTL is reduced to 0, an ICMP timeout message is sent to the source sender of the datagram 。
Each ICMP message is directly encapsulated in an IP datagram. Therefore, like UDP, ICMP is unreliable 。
Although the ICMP protocol is included in the IP datagram, the ICMP message is usually specially processed, which is different from the general IP datagram, instead of processing it as a sub-Protocol of the IP address. In many cases, you need to view the content of the ICMP message, and then send the appropriate error message to the program that originally generated the IP packet, that is, the program that is prompted for an ICMP message 。
Many common tools are based on ICMP messages. traceroute sends packets containing special TTL, then, we can find out the ICMP protocol timeout messages and the target messages that are not reachable. The ping related to traceroute is implemented by ICMP "Echo request" and "Echo reply" messages 。
Structure of the ICMP part
Header
The ICMP header starts from the 160th-bit IP header (unless an optional part of the IP header is used )。
Type-ICMP Type;
Code-further divide the ICMP type. For example, the ICMP target type can be set to 1 to 15 to indicate different meanings 。
Checksum-this field contains the data that is calculated from the ICMP header and data part and used to check the error data. The value of the data part is regarded as 0 。
ID-this field contains the ID value, which is returned in the echo reply message 。
Sequence-this field contains a Sequence number, which must also be returned in an echo reply message 。
Fill data
The filled data is followed by the ICMP header (with 8 digits as a group ):
In addition to the headers of eight 8-bit tuples, ICMP entered by Linux's "ping" tool also fills in data so that the total size is 64 bytes 。
In addition to the 8-bit UTF-8 header, the ICMP protocol filled with Windows "ping.exe" also fills in data so that the total size is 40 bytes.