Hello everyone, nice to meet you again. I am your friend Full Stack Jun, here to discuss the ICMP protocol.
To forward IP datagrams more effectively and increase the chances of successful delivery, the Internet Control Message Protocol (ICMP) [RFC 792] is used at the network layer. It is a sub-protocol of the TCP/IP protocol suite, used to communicate control messages between IP hosts and routers. ICMP messages are sent as the data of IP layer datagrams, along with the datagram header. There are two types of ICMP messages: ICMP error-reporting messages and ICMP query messages.
Let’s first understand some common types of ICMP messages:
Let’s capture the packets nowOpen the DOS window and enter ping mail.sina.com.cn:
Open wireshark and enter ip.addr ==192.168.199.222 (your own IP address) and (icmp or dns) in the filter bar, then press Enter.Let’s see the batch of packets captured by wireshark:
We can see that we captured eight ICMP packets, with four requests sent to the other host and four replies received, totaling eight packets. The DNS packets above them play the role of domain name resolution, allowing us to find the IP address through the domain name, making it easier for us to access the Internet.
Tracert (Trace Route) is a routing tracking utility used to determine the path an IP packet takes to reach its destination. The Tracert command uses the IP Time to Live (TTL) field and ICMP error messages to determine the route from one host to other hosts on the network.
Let’s check through which routers the sent ICMP packets pass by opening the DOS window again and entering tracert mail.sina.com.cn
Enter icmp in the filter bar
There are quite a few captured packets, let’s look at the first and second sequentially, the first ICMP packet’s type is 8, indicating it is a query packet, while the type of the second packet is 11, indicating a timeout.
Another point to note is that the Time to Live (TTL) for packets sent by our host incrementally increases from 1, because the TTL is reduced by 1 each time it passes through a router, and when TTL equals 0, the packet is discarded. Thus, eventually, when we send the last datagram, just as it reaches the destination host, the TTL is 1, and at this point, we no longer reduce it.From the previous DOS window, we can see that when our TTL reaches 13, the packet can be successfully sent to the destination, and we can successfully receive the corresponding reply.
“`(Note: Omitted translation of last part as it mentions to ignore references at the end.)