Notes on Reading ICMP Error Messages
ICMP error messages can be overwhelming, to say the least. They present a lot of information that has be parsed through, deciphered, and generally made sense of.
The easiest way to read an ICMP error message is to break it into manageable chunks. The first portion of the message always identifies the specific ICMP error message being reported, while the remainder of the message consists of the headers and first eight bytes of data from the IP datagram that’s being bounced.
For example, Figure 5.29 shows an ICMP Destination Unreachable: Host Unreachable Error message that appears to be very complex on the surface, but actually only consists of a few key pieces of data.
By following a few simple steps and answering some simple questions, you can easily decipher the source and cause of the ICMP error message. The questions are:
- What is the Message Type?
The ICMP Message Type for this message is 3, which indicates that it is part of the Destination Unreachable family of error messages.
- What is the Message Code?
The ICMP Message Code for this message is 3, which tells us that this particular Destination Unreachable error message indicates that the destination port was unreachable (this is different from the destination host or network being unreachable).
- What does it mean?
We can tell ...
Get Internet Core Protocols: The Definitive Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
