ICMP messages are used for a basic kind of error reporting between host to host,
or host to gateway. Between gateway to gateway, a protocol called Gateway to
Gateway protocol (GGP) should normally be used for error reporting. As we have
already discussed, the IP protocol is not designed for perfect error handling,
but ICMP messages solves some parts of these problems. The big problem from one
standpoint is that the headers of the ICMP messages are rather complicated, and
differ a little bit from message to message. However, this will not be a big
problem from a filtering standpoint most of the time.
The basic form is that the message contains the standard IP header, type,
code and a checksum. All ICMP messages contains these fields. The type specifies
what kind of error or reply message this packet is, such as for example
destination unreachable, echo, echo reply, or redirect message. The code field
specifies more information, if necessary. If the packet is of type destination
unreachable, there are several possible values on this code field such as
network unreachable, host unreachable, or port unreachable. The checksum is
simply a checksum for the whole packet.
As you may have noticed, I mentioned the IP header explicitly for the ICMP
packet. This was done since the actual IP header is an integral part of the ICMP
packet, and the ICMP protocol lives on the same level as the IP protocol in a
sense. ICMP does use the IP protocol as if it where a higher level protocol, but
at the same time not. ICMP is an integral part of IP, and ICMP must be
implemented in every IP implementation.