The Internet Control Message Protocol (ICMP) provides error messages and feedback during network operations. These messages provide insight into the current state of the network, making it simpler to troubleshoot network connectivity problems. An ICMP error message is often sent in response to a failed transmission attempt. In addition, ICMP messages allow us to ask the network for information. This chapter will explain ICMP by taking an in-depth look at several of the most common message types and the conditions that cause them. The basic tools used herein include captures from Wireshark, the output from the Windows command (DOS) shell, and output seen from a Cisco router.

RFC 792 defines several different ICMP message types and forms the basis of our discussion. Contemporary networks typically use a handful of these message types to deal with standard issues. Several other RFCs have contributed to ICMP, most of which are designed to handle very particular situations. A list of these RFCs is included at the end of the chapter.

ICMP exists within the Internetwork Layer (Layer 3) of the TCP/IP model and is encapsulated in an IP datagram (shown in Figure 6-1). All IP-based nodes, regardless of operating ...