Hi everyone !
In this post I show you about icmp unreachable. Most network engineer maybe familiar with the word icmp(Internet Control Message Protocol). When your client complained, they can not access to their server. You maybe try ping to the server first to know about layer3 connectivity. When ping execute, icmp request packet will send to destination host. And you will see reply message on you computer screen. Sometime you get destination unreachble message but you maybe still have no idea about this message yet right?. So now let's talk about it 😀
ICMP unreachable or ICMP type 3 is generated to inform the source host that the destination unicast address is unreachable. ICMP header starts after the IPv4 header. It have 8bit for ICMP type that express the error message and 8bit for ICMP code to tell you more information for each type. In ICMP type 3 there are 16 difference code, start from 0 – 15. ok I start to explain each code 🙂
Code 0 : Network unreachable
Most of the time you get this message from gateway when destination you want to reach is not in gateway routing table. Example Host2 want to send packet to destination IP 126.96.36.199. Because Host2 know it's not the same subnet, Host2 will send this packet to R1 which it's gateway. R1 check it's routing table. If 188.8.131.52 network does not exist in R1 routing table, R1 will send replay message destination net unreachable.
You see we get ICMP type 3 and code3 which mean destination network unreachable.
Code 1 : Host unreachable
This code tell you the host that packet want to go is not reachable. We usally get this message from remote gateway when destination host is not reachable. Example Host2 send packet to WEB SERVER with destination IP 192.168.100.10. When R2 receive packet, R2 send arp request for Layer 2 address. Let's think if the cable between R2 and WEB SERVER was cut or WEB SERVER down, R2 will not receive arp reply. And R2 will send destination host unreachable message back to HOST1.
Code 2 : Protocol unreachable & Code 3 : Port unreachable
Normaly you get this message from destination host to tell you that protocol module or desination port not known by destination host. Example User on HOST2 telnet to WEB SERVER. When packet arrvice WEB SERVER, it de-encapsulate layer 2 and layer 3 header. Server check transport layer protocol and destination port. If the protocol modul is not active on server, server will send desination protocol unreachable or if port is not run on server, server will send desination port unreachable.
Code 4 : Fragmentation needed and DF set
This code is related to MTU(Maximum Transmission Unit) fragmentation. The normal MTU is 1500bytes, but if it receive MTU larger packet fragmentation is require. Router will return icmp fragmentation needed, if intermediate router receive too large packet and TCP packet have DF flag set. Example Assume link between HOST2 and R1 support MTU 1500bytes and link between R1 and R2 support only 1470bytes. When HOST2 send packet with DF flag set to the Internet, R1 will reply icmp fragmentation needed and DF set because the intermediate link not suport MTU 1500bytes.
Code 5 : Source route failed
You get this message when the users at the source IP packet specify IP source route option in IP packet and rejected by router that configured no ip route command. IP source route option is good for troubleshooting but you should be disable this option because it also good for attacker to collect your network information.
Note: Codes 0,1,4 and 5 may be received from a gateway. Code 2 and 3 may be received from a host
Thanks for reading my post 🙂 If you have any idea please comment below.