ICMP (Internet Control Message Protocol)
Another "little helper" for IP.
Carried in Data field of IP packet.
Mostly for ping requests/replies and
for error reporting from routers back to original sender of the IP packet.
Type and Code fields together indicate kind of ICMP message. e.g.
8 0 Echo Request, 0 0 is Echo Reply, 11 0 TTL Expired,
3 x Destination Unreachable (3 0: network, 3 1: host, 3 3: port)
Contents of "Data" field depends on Type-Code. e.g. Windows ping has 32B a-za-f (or now? a-va-i);
error messages contain header of IP packet that failed
(so original sender of the failed packet has some info about its packets' failure) .
If some router along the path encounters a problem with an IP packet you sent
it's supposed to send back an ICMP error packet indicating the problem
which resulted in your packet being dropped. It knows you sent it
because your IP is the source address of the packet that was dropped.
The ICMP error packet includes the header of your dropped packet so you
(or your system) can know more about it.
But does IP do anything about the problem: NO.
Does IP inform TCP/UDP about the problem: NO.
IP doesn't care whether its packets reached their intended destinations.
The original source of an IP packet includes a TTL value in each packet it generates.
Each router along the route the packet takes decrements the TTL value.
If a packet's TTL ever reaches zero the router will
drop the packet (i.e. throw it away).
This is to prevent endlessly travelling or circulating packets in the internetwork.
The router is supposed to send an ICMP "Time Exceeded" message back to the sender,
informing the source that its packet was terminated,
an example of ICMP's IP error-reporting function.
Tracert works by taking advantage of the TTL field in IP packets.
Tracert sends IP packets with increasingly larger TTL values starting
with one then incrementing so that each next hop router will be
reached, the TTL will expire there, that router will send back the
TTL Exceeded message and so tracert can determine the router's IP and the
amount of time to reach it.
Source Quench (Type:4, Code:0) can be used by a congested router to tell the source of the packet
to slow down, as a form of flow control. (but is never used? anymore. Now is deprecated.)
netstat -sp icmp show ICMP stats