Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is ICMP a transport layer protocol?

I was going through a video lecture on networking and there the lecturer mentions ICMP as a transport layer protocol. However, Googling it shows various forums describing it as network layer protocol. This has confused me a lot. Can someone clarify?

like image 962
chinmay Avatar asked Oct 07 '13 06:10

chinmay


People also ask

Why is ICMP a network layer protocol?

It is a network layer protocol. It is used for error handling in the network layer, and it is primarily used on network devices such as routers. As different types of errors can exist in the network layer, so ICMP can be used to report these errors and to debug those errors.

Is ICMP and TCP same?

The Internet Control Message Protocol, or ICMP, has an entirely different function than TCP and UDP. Unlike these types, ICMP is not a traditional data packet protocol.

Why is ICMP considered a network layer protocol?

ICMP really doesn't do this. Its job is to help the routers figure out the shape of the internet and what direction to send packets with different protocols. Consequently, it's considered a network-layer protocol, since its job is to ensure that data is routed to the right place but doesn't actually route the data.

What does ICMP mean?

The Internet Control Message Protocol ( ICMP) is a supporting protocol in the Internet protocol suite.

How does ICMP enable TCP/IP to handle errors?

It is a supporting layer protocol that is used to relay information about connectivity issues or failures in the Internet protocol suite. Therefore, it can be said that the protocol enables TCP/IP to handle errors as all network devices that use TCP/IP have the capability to send, receive or process ICMP messages.

What is the structure of an ICMP packet?

The packet consists of header and data sections. The ICMP header starts after the IPv4 header and is identified by IP protocol number '1'. All ICMP packets have an 8-byte header and variable-sized data section. The first 4 bytes of the header have fixed format, while the last 4 bytes depend on the type/code of that ICMP packet.


2 Answers

Transport layer protocols are concerned with send data from end-to-end and ensuring (or explicitly not ensuring) reliability. TCP is used to send data from one computer to another and includes logic necessary to ensure that the data is transported correctly, while UDP is used to send data from one computer to another while hopefully getting reliability.

ICMP really doesn't do this. Its job is to help the routers figure out the shape of the internet and what direction to send packets with different protocols. Consequently, it's considered a network-layer protocol, since its job is to ensure that data is routed to the right place but doesn't actually route the data.

Hope this helps!

like image 128
templatetypedef Avatar answered Oct 03 '22 18:10

templatetypedef


No doubt it is a network layer protocol. The reasons it is often confused with transport layer is that ICMP works without ANY transport layer. E.g. ping or traceroute do not have well defined ports. Instead each machine's tcp/ip stack is responsible for processing and responding to incoming ICMP messages (rather than looking up a port and passing on to corresponding application, as is the case with all other applications).

Update:

Apparently it sounds confusing to readers, so here is snap shot from TCP/IP Illustrated by Richard Stevens explaining the concept and intent.

Quoting from the book.

"Positioning the protocol boxes labeled ICMP and IGMP is always a challenge. Earlier, we showed them at the same layer as IP, because they really are adjuncts to IP. But here we show them above IP, to reiterate that ICMP messages and IGMP messages are encapsulated in IP datagrams"

TCP/IP Layers from RS - TCP/IP Illustrated

Teaching the concept that "some protocols and applications" work differently from the standard concept of each layer being responsible for a different task (transport being end to end, where as network being hop to hop) is tough and takes time to digest.

The next most critical thing to learn is,

Even if you ping using multiple say consoles from the SAME machine to another, it STILL is able to keep track of all individual, so called connections (just relating the message exchange, otherwise there is no connection like tcp).

How the above is done, is OS specific. The Linux stack puts 8 bytes in data field of ICMP, which contains ports from which the original application layer triggered. This is also explained in the same book under the ping program.

The same applies to lower layer protocols such as ARP/RARP.

like image 31
fkl Avatar answered Oct 03 '22 20:10

fkl