Join Greg Sowell for an in-depth discussion in this video ICMP, part of Networking Foundations: Protocols and CLI Tools.
- Internet control messaging protocol is the mother of all troubleshooting protocols. It's also heavily relied upon for message delivery in instances where a router needs to inform a host of dropped traffic, or service adjustments that need to be made. It's assigned protocol number one, which should be some indication of its importance. It's part of the IP suite like TCP and UDP, but ICMP isn't designated to carry end-user information. The ICMP packet header has a few interesting fields, namely the type and code.
The type portion will designate what the ICMP packets purpose is, be it destination unreachable, redirect, echo request, echo reply, and so on. The code then acts as a sub-selection that gives a more finite description of the cause. Say for example, a type three means destination unreachable, with the addition of a code of six, the error becomes destination network unknown. ICMP can also send redirects. If a packet arrives on a routers interface and it has a preferred alternate gateway on that same subnet, it can send a redirect ICMP message back to the sender informing them of the alternate gateway.
Due to security concerns most routers have the ability to ignore redirect messages. This can be used by a malicious user to initiate a man in the middle attack. A time exceeded message is sent when a packets time to live goes to zero. It's best known for its use in troubleshooting with applications like trace route. ICMP is used in much the same way in IPv6, but also supplants ARP for layer two address resolution. It also provides other IPv6 specific functions.
The majority of systems monitoring packages will use echo request to verify equipment connectivity. This is generally done via the ping application. While ICMP can be filtered from your devices, it has become the de facto troubleshooting tool for admins everywhere, so I implore you to keep it active and use it regularly.
Protocols are the lifeblood of modern communication. By the end of this course, you'll know what you need to troubleshoot any network connection and keep the communication flowing.
Note: This course maps to domain 3 of the MTA Networking Fundamentals exam.
- Identify reasons why connectionless transmissions are faster.
- Determine what type of attack a gratuitous ARP announcing itself as a legitimate host indicates.
- State what IGMP snooping is useful for.
- Describe the best approach to use FTP to view and rename files on a server when your client is behind a firewall.
- Assess whether SSH is natively supported on Windows or not.
- List good uses for the arp command.