Ping and ICMP

Ping is a simple utility found across hosts (Windows, Linux, Mac…) and network devices (such as routers).

Ping uses the Internet Control Message Protocol to send an ‘echo request’ to another device. Typically the address of the other device may be given directly as an IP address or as a hostname which the ‘pinger’ tries to resolve to an IP address using DNS.

If a device is configured to respond to pings (echo requests), then it sends an ‘echo reply’ in response.

The ping program then displays information about the responses received such as

• Size of data received

• IP Address

• ICMP Sequence Number

• Time To Live (TTL) value

• Round trip time

Ping is a simple but effective tool for testing network connectivity and troubleshooting issues.

ICMP: The Internet Control Message Protocol

ICMP can do a lot more than basic pings. For example, it may be used to share information about a network and attempted connections. RFC 792 defines ICMP.

ICMP is encapsulated directly inside an IP packet and consists of a header and payload. The header consists of:

• Type (1 byte)

• Code (1 byte)

• Checksum (2 bytes)

• 4 bytes of type-specific header content (or just unused space)

The payload varies depending on the message type.

In theory, there could be up to 255 different types of message, but most of these are deprecated or currently unassigned.

Common ICMP Message Types

Type 0: Echo Request (ping)

Type 3: Destination Unreachable

Type 5: Redirect Message

Type 8: Echo Request (ping reply)