Introduction
The Internet Protocol (IP) [1] is used for host-to-host datagram service in a system of interconnected networks called a catenet [2]. The network connecting devices are called gateways. These gateways communicate among themselves for control purposes via a Gateway to Gateway Protocol (GGP) [3,4]. Occasionally a gateway or destination host will communicate with a source host, for example, to report an error in datagram processing. For such purposes this protocol, the Internet Control Message Protocol (ICMP), is used. ICMP, uses the basic support of IP as if it were a higher level protocol, however, ICMP is actually an integral part of IP, and must be implemented by every IP module.
ICMP messages are sent in several situations: for example, when a datagram cannot reach its destination, when the gateway does not have the buffering capacity to forward a datagram, and when the gateway can direct the host to send traffic on a shorter route.
The Internet Protocol is not designed to be absolutely reliable. The purpose of these control messages is to provide feedback about problems in the communication environment, not to make IP reliable. There are still no guarantees that a datagram will be delivered or a control message will be returned. Some datagrams may still be undelivered without any report of their loss. The higher level protocols that use IP must implement their own reliability procedures if reliable communication is required.
ICMP messages typically report errors in the processing of datagrams. To avoid the infinite regress of messages about messages etc., no ICMP messages are sent about ICMP messages. Also ICMP messages are only sent about errors in handling fragment zero of fragmented datagrams. (Fragment zero has fragment offset equal to zero).
Key Design Principles
1. Part of IP Layer
Application Layer
↓
Transport Layer (TCP/UDP)
↓
Network Layer (IP + ICMP) ← ICMP is integral to IP
↓
Data Link Layer
ICMP is not a higher-layer protocol that uses IP; rather, it is an integral part of the IP layer itself.
2. Error Reporting, Not Reliability
What ICMP Does:
- ✅ Reports problems in datagram processing
- ✅ Provides feedback about network conditions
- ✅ Assists in network diagnostics
What ICMP Does NOT Do:
- ❌ Guarantee message delivery
- ❌ Make IP reliable
- ❌ Provide end-to-end reliability
- ❌ Implement flow control
3. No Infinite Recursion
Rule: ICMP messages are never sent about ICMP messages.
Datagram with error
↓
ICMP Error Message sent ✅
↓
ICMP message with error
↓
NO ICMP Error Message sent ❌ (Prevents infinite loop)
Example:
1. TCP packet → IP datagram → Error occurs
→ ICMP Destination Unreachable sent ✅
2. ICMP Destination Unreachable → Error occurs
→ NO ICMP message sent ❌
This prevents error message cascades
4. Fragment Zero Rule
ICMP error messages are only sent for the first fragment (fragment offset = 0) of a fragmented datagram.
Original Datagram (fragmented):
┌─────────────┬─────────────┬─────────────┐
│ Fragment 0 │ Fragment 1 │ Fragment 2 │
│ offset=0 │ offset=500 │ offset=1000 │
└─────────────┴─────────────┴─────────────┘
↓ ↓ ↓
Error Error Error
↓ ↓ ↓
ICMP sent ✅ No ICMP ❌ No ICMP ❌
Rationale:
- Avoids generating multiple error messages for the same original datagram
- Ensures error reporting is manageable
- Only the first fragment contains complete upper-layer protocol information
Common Scenarios for ICMP Messages
Scenario 1: Destination Unreachable
Host A → Router → [Network B is down]
↓
ICMP Type 3: Destination Unreachable
↓
Host A receives error notification
Scenario 2: Redirect
Host A → Gateway 1 → Gateway 2 → Destination
↓
ICMP Type 5: Redirect
"Use Gateway 2 directly for this destination"
↓
Host A updates routing table
Scenario 3: Time Exceeded
Packet with TTL=1
↓
Router decrements TTL to 0
↓
ICMP Type 11: Time Exceeded
↓
Source host receives notification
Scenario 4: Source Quench (Congestion Control)
Gateway buffer full
↓
ICMP Type 4: Source Quench
↓
Source host slows transmission rate
Note: Source Quench is now deprecated (RFC 6633) due to ineffectiveness and potential for abuse.
Relationship with Other Protocols
ICMP and IP
IP Datagram:
┌─────────────┬──────────────────┐
│ IP Header │ IP Payload │
│ Protocol=1 │ ICMP Message │
└─────────────┴──────────────────┘
IP Header:
- Protocol field = 1 (indicates ICMP)
- Source Address = ICMP sender
- Destination Address = ICMP receiver
ICMP and GGP
Gateway to Gateway Protocol (GGP):
- Gateways use GGP for control communication among themselves
- ICMP used for gateway-to-host communication
- Different purposes, complementary protocols
ICMP and Higher-Layer Protocols
Application (e.g., ping utility)
↓ Constructs ICMP message
IP Layer with ICMP module
↓ Sends ICMP in IP datagram
Network Interface
Error Reporting Examples
Example 1: Host Unreachable
Step 1: Host A sends packet to Host B (10.0.2.100)
┌─────────────────────────────┐
│ Src: 10.0.1.10 │
│ Dst: 10.0.2.100 │
│ Data: "Hello" │
└─────────────────────────────┘
Step 2: Router R1 determines Host B is unreachable
Router R1's routing table: No route to 10.0.2.0/24
Step 3: Router R1 sends ICMP Destination Unreachable
┌─────────────────────────────┐
│ ICMP Type: 3 │
│ Code: 1 (Host Unreachable) │
│ Contains: IP header + 64 │
│ bits of original │
│ datagram │
└─────────────────────────────┘
Step 4: Host A receives ICMP and reports error to application
Example 2: Fragmentation Needed but DF Set
Step 1: Host A sends large packet with Don't Fragment (DF) flag
┌─────────────────────────────┐
│ Src: 192.168.1.10 │
│ Dst: 203.0.113.50 │
│ Flags: DF=1 (Don't Fragment)│
│ Length: 1500 bytes │
└─────────────────────────────┘
Step 2: Router R1 receives packet
- Outgoing interface MTU = 1000 bytes
- Packet size = 1500 bytes
- DF flag is set → Cannot fragment
Step 3: Router R1 sends ICMP Destination Unreachable
┌─────────────────────────────┐
│ ICMP Type: 3 │
│ Code: 4 (Fragmentation │
│ needed but DF set) │
│ Next-Hop MTU: 1000 │
└─────────────────────────────┘
Step 4: Host A receives ICMP
- Implements Path MTU Discovery
- Reduces packet size to 1000 bytes
- Resends data
This is a critical mechanism for Path MTU Discovery (PMTUD) [RFC 1191].
Processing Rules
For ICMP Senders
-
Determine if ICMP should be sent:
- Is this an error condition?
- Is this about an ICMP message? (If yes, don't send)
- Is this about fragment zero? (If not fragment zero, don't send)
-
Construct ICMP message:
- Set appropriate Type and Code
- Calculate checksum
- Include original IP header + 64 bits of original data
-
Send via IP:
- Use IP protocol 1 (ICMP)
- Set appropriate IP header fields
For ICMP Receivers
-
Validate message:
- Verify checksum
- Check Type and Code values
-
Process according to Type:
- Error messages: Report to upper-layer protocol
- Query messages: Generate response
- Informational messages: Process accordingly
-
Pass to appropriate handler:
- Demultiplex based on original datagram information
- Notify affected protocol or application
Historical Context: ICMP was defined in RFC 792 (September 1981) as part of the original Internet Protocol suite. It remains a fundamental component of IP networking, though some message types have been deprecated and new ones added over the years.