ICMP Messages
Let’s have a look at some of the messages given out by ICMP…

ICMP echo request and echo reply messages
One of the main purposes of ICMP informational messages is to enable testing and diagnostics, to help identify and correct problems on an network. The most basic test that can be conducted between two devices is simply checking if they are capable of sending datagrams to each other. The usual way that this is done is to have one device send a test message to a second device, which receives the message and replies back to tell the first device it received the message. With the help of these two messages, one can determine whether a particular destination is reachable and responding. A host/router sends the echo request to a destination and the target machine formats a reply and sends it back to the sender. On many systems, the command that users invoke to send an ICMP echo request is ping. These two messages serve as a debugging tool for the networks.

Destination unreachable message
When a router fails to forward the datagram to the next router or deliver a datagram to the destination, it sends a ‘destination unreachable’ message back to the original source. After sending this message, the router drops the corresponding datagram. When a source receives a destination unreachable message, it knows that there was a problem sending a datagram and accordingly can take a corrective measure.

Source quench message
This message is used to report the situation of traffic congestion. A source quench message is a request to the source to reduce the rate at which it is transmitting the packets. When a host receives the source quench message from a target, it understands that it needs to cut down the speed at which it is sending the datagrams, thereby reducing its rate of transmission so that the destination can properly receive all the datagrams.

ICMP time exceeded message
Each datagram contains a time-to-live (TTL) counter, which specifies how long that datagram can remain in the network. Each router reduces the TTL counter whenever it processes the datagram. When a router discards a datagram because its TTL counter is zero, it sends an ‘ICMP time exceeded’ message to the source. On receiving this ICMP message, the source understands that it set the TTL field value too low and may take corrective actions (such as re-sending the datagram with a higher TTL value).

ICMP redirect message
An intermediary device will generate an ICMP redirect message when it determines that a route being requested can be reached either locally or through a better path.
In addition to the above five ICMP messages, we have a few other messages that ICMP provides. The creators of TCP/IP recognised that certain applications might not work properly if there was too much differential between the system clocks of a pair of devices. To support this requirement, they created a pair of ICMP messages that allow devices to exchange system time information. The initiating device creates a timestamp message and sends it to the device with which it wishes to synchronize. That device responds with a timestamp reply message. Timestamp fields in these messages are used to mark the times that these messages are sent and received to allow the devices’ clocks to be synchronised. Another message type that is of importance comprises ICMP router discovery messages. It would be better if there were some method whereby a host could automatically discover the identity of local routers, and learn important information about them. This process is called router discovery. We have two messages – ICMP router advertisement message and the router solicitation message – that will help us in this process.

Thus it is clear that ICMP messages are sent in several situations. You need to understand that the purpose of ICMP messages is to give a feedback on the various problems in the network, and not to make IP reliable.

ICMP is connectionless because it does not require hosts to handshake before establishing a connection. Although ICMP messages are invaluable for troubleshooting the networks, you should be aware that hackers find ICMP messages equally useful. Because hackers can use ICMP messages to gain information about a network or to actually harm a network, many companies restrict devices from transmitting specific ICMP messages across their connection to the internet. If your company’s security policy does not cover ICMP messages, you may want to revise it to include such
a restriction.

ICMP is an example of a client-server application. As we saw earlier, this protocol is used to report problems with delivery of IP datagrams within a network. It can be used to show when a network cannot be reached, when a node is overloaded, when an error occurs in the information the IP header contains, and so on.