In the previous section, we have a picture of the important protocols in the entire network architecture. Among them, in the network layer, there is an ICMP protocol at the top right of the IP protocol. According to the principle that the lower layer protocol serves the upper layer protocol, the ICMP protocol is based on the IP protocol to complete the transfer of control information between the host and the router. The control information includes: whether the network is connected, whether the host is reachable, whether the route is available, etc. Although this information is not the data itself that users need to transmit, it is very important to ensure that the data can be transmitted normally.
1. ICMP message structure
1. Type: ICMP messages are divided into two types: error report messages and query messages, which correspond to different type values.
2. Code: accurately describe the corresponding type of the ICMP message
3. Checksum: check whether an error occurred during the transmission of the ICMP message
The ICMP message is based on the ICMP protocol and runs on the IP protocol, so its content can be placed in the data part of the IP datagram and transmitted through the IP protocol.
2. ICMP error report message
The ICMP error report message will report various network errors:
1) End point unreachable: When the router or host cannot deliver the datagram, it sends an end point unreachable message to the source.
2) Time exceeded: The message TTL is reduced to 0, and the message still does not reach the destination address, the router discards the message and sends an error report message to the source host.
3) Parameter problem: When the datagram header of the router or host is checked for errors, the datagram is discarded and a parameter problem message is sent to the source.
4) Change route: The router sends the change route message to the host, letting the host know that it should send the datagram to another router next time
To avoid flooding or cyclic transmission of ICMP error report messages, ICMP error report messages are no longer sent in the following situations:
1) No longer send ICMP error report message to ICMP error report message
2) No ICMP error report message is sent for subsequent datagram fragments of the first fragmented datagram fragment
3) Do not send ICMP error report messages for datagrams with multicast addresses
4) Do not send ICMP error report messages for datagrams with special addresses (such as 127.0.0.0 or 0.0.0.0)
3. ICMP inquiry message
There are two main types of ICMP query messages:
1) Answer request and reply message: The host or router sends an inquiry to a specific destination host. The host receiving this message must send an ICMP echo reply message to the source host or router. Test whether the destination station is reachable and understand its related status.
2) Timestamp request and reply message: Ask a host or router to answer the current date and time. Used for clock synchronization and time measurement.
Four, ICMP application
1.ping
Ping uses ICMP to send back request and reply messages.
Can be typed in cmd
ping IP address
To test whether a certain IP address is reachable.
ping IP address -t
Can send ping requests to an IP address continuously, and stop sending via ctrl+c
ping IP address -l bytes
The size of sending ICMP probe packets can be specified by -l bytes (0~65500, the default value is 32 bytes)
2.tracert
Tracert is a command under windows, which is also called tracerout in linux.
tracert IP address
The default value is 32 bytes)
2.tracert
Tracert is a command under windows, which is also called tracerout in linux.
tracert IP address
This command can use the ICMP time exceeded error message to find out all the routers through which the destination IP address is reached.