ICMP Error messages and format explained

This tutorial explains ICMP error messages and their formats in detail. Learn what the ICMP error messages are, how they are formatted, and how they work.

For error reporting and controlling, IP protocol uses ICMP. ICMP is a collection of predefined messages that an IP enabled device can use to inform another device about a specific condition. For example, whenever a router fails to forward or deliver an IP packet, it sends an ICMP message back to the source that explains why it can't forward or deliver the packet.

ICMP messages are divided into two categories: ICMP error messages and ICMP query or information messages. In this tutorial, we will discuss ICMP error messages.

ICMP error message format

Every ICMP error message describes a separate error message and requires an individual solution. However, all ICMP error messages use the same error message format to report the error.

The following image shows the basic structure and fields in the ICMP error message format.

icmp error message format

The following table lists fields of ICMP error messages and provides a brief description of each field.

Field Size (in bytes) Description
Message type 1 Indicate the specific ICMP error message or the group of messages.
Message code 1 Indicate the particular message in the group if the message type represents the group.
Checksum 2 Validate the ICMP message.
Original Headers 20 - 60 Contain the full header of the failed IP packet.
Original Data 8 Contain the first 64 bits of the failed IP packet.

Without including the header and data of the failed IP packet, the length of an ICMP error message is eight bytes. After including these fields, the total length of an ICMP packet can be anywhere from 36 to 72 bytes.

The type and code fields

ICMP messages are organized in types and codes. Types and codes are numeric values. Every message type represents a single message or a group of messages. If a type represents a group of messages, then code values are used. Every code value represents a message in the group.

Both the type and code fields are used to specify the exact ICMP error message being sent. Both fields are 8 bits in length.

The checksum field

The checksum field is used to validate ICMP messages. The sending system sets the value of the checksum field to 0 and performs a simple checksum operation. After running the checksum operation, the sending system puts the calculated checksum value in the checksum field.

The receiving system reverses this procedure before processing the message. It sets the value checksum field to 0 and performs the same checksum operation. After running the checksum operation, it compares the result with the value stored in the checksum field. If both values are the same, the message is considered valid. All valid messages are processed while are invalid messages are discarded.

Message body

Every IP packet consists of two fields: header and data. IP protocol includes all necessary information in every IP packet making it capable to reach its destination by taking whatever path is available. This information is included in the header field of IP packets. The first 64 bits of the data field contain the header of the upper layer. It contains the source and destination port number field used by the TCP layer.

ICMP uses this information to inform the sender which IP packet failed. The message body field of an ICMP error message contains two fields: the original message header and the original message data. These fields are used to include the header and the first 64 bits of the data field of the failed message. When a source receives an ICMP error message, by examining the message body field it can determine which IP packet was failed.

ICMP Error messages

ICMP error messages are used to report non-transient delivery problems. ICMP provides two sets of error messages: one for IPv4 and another for IPv6. The following table lists all ICMP error messages.

ICMP message type Description Codes IP Version
3 Destination Unreachable 0 - 15 IPv4
5 Redirect 0 - 3 IPv4
11 Time Exceeded 0 - 1 IPv4
12 Parameter Problem 0 -2 IPv4
4 Source Quench (Deprecated) NA IPv4
1 Destination Unreachable 0 - 8 IPv6
2 Packet Too Big 0 IPv6
3 Time Exceeded 0 - 1 IPv6
4 Parameter Problem 0 - 10 IPv6

Let's discuss ICMP error messages in detail.

Destination unreachable

This error message indicates that the destination host, network, or port number that is specified in the IP packet is unreachable. This could happen due to a lot of reasons such as the destination host device is down, an intermediate router is unable to find a path to forward the packet, and a firewall is configured to block connections from the source of the packet.

As mentioned earlier, if there are multiple reasons for a particular error, ICMP defines them in the subclass or category of that error message. Messages in the sub-category are called codes. ICMP defines 16 possible codes for IPv4 for this error message. From these, three are obsolete or inappropriate for normal usages.

The following table lists all codes for the IPv4 destination unreachable error message.

Code Description
0 Net Unreachable
1 Host Unreachable
2 Protocol Unreachable
3 Port Unreachable
4 Fragmentation Needed and Don't Fragment was Set
5 Source Route Failed
6 Destination Network Unknown
7 Destination Host Unknown
8 Source Host Isolated (obsolete)
9 Communication with Destination Network is Administratively Prohibited (obsolete)
10 Communication with Destination Host is Administratively Prohibited (obsolete)
11 Destination Network Unreachable for Type of Service
12 Destination Host Unreachable for Type of Service
13 Communication Administratively Prohibited
14 Host Precedence Violation
15 Precedence cutoff in effect

For IPv6, IPCMP defines nine codes. These codes are listed in the following table.

Code Description
0 no route to the destination
1 communication with destination administratively prohibited
2 beyond scope of source address
3 address unreachable
4 port unreachable
5 source address failed ingress/egress policy
6 reject route to the destination
7 Error in Source Routing Header
8 Headers too long

Source Quench

This message indicates that either the destination host or an intermediary router (or device) is receiving more data than it can process. If a source receives this error message, it can reduce the rate of transfer to solve this issue.

This error mostly occurs when a router connects a high bandwidth network (such as LAN) to a low-bandwidth network (such as dial-up). In such a situation, a sender device may transmit more data than a device working in the low-bandwidth network can feed.

This error message type has been depreciated.


This error message is used when a router needs to tell a sender that it should use a different path for a particular destination. Usually, it happens when the router knows a shorter path to the destination.

This error message has four sub-types. From them, two have been depreciated. The following lists all sub-types and their meanings.

Code Meaning
0 Redirect for Destination Network (deprecated)
1 Redirect for Destination Host
2 Redirect for Destination Network Based on Type-of-Service (deprecated)
3 Redirect for Destination Host Based on Type-of-Service

Time Exceeded

This message indicates that the Time-To-Live value of the datagram has reached zero but the datagram has not yet been reached the final destination. A destination system can also send this error when it does not receive all fragments on an IP datagram within the allotted time.

There are two sub-types of this error message. Both are listed in the following table.

Code Meaning
0 Time-to-Live Exceeded in Transit
1 Fragment Reassembly Time Exceeded

Parameter Problem

If a device finds a problem that is not covered in any ICMP message type, it sends a parameter problem message to the sender. In IPv4 network, usually it occurs when arguments to an option are incorrect. In IPv6, this error occurs when the value in the header field is out of the range, or one of the options is not recognized, or the value in the type or code field is invalid.

Most of the time this problem belongs to problems with IP or TCP Options. The following table lists ICMP code messages that belong to this error.

Code Description IP version
0 Pointer indicates the error IPv4
1 Missing a Required Option IPv4
2 Bad Length IPv4
0 erroneous header field encountered IPv6
1 unrecognized Next Header type encountered IPv6
2 unrecognized IPv6 option encountered IPv6
3 IPv6 First Fragment has incomplete IPv6 Header Chain IPv6
4 SR Upper-layer Header Error IPv6
5 Unrecognized Next Header type encountered by an intermediate node IPv6
6 Extension header too big IPv6
7 Extension header chain too long IPv6
8 Too many extension headers IPv6
9 Too many options in the extension header IPv6
10 Option too big IPv6

Packet too big

This error occurs when a datagram is too big for a network over which it must travel. To report this problem, ICMP uses different message types and codes in both versions of IP. In IPv4, it uses a destination unreachable message with the code field set to 4. In IPv6, it uses a packet too big message which has a type field of 2.

The maximum size of a datagram that can be transmitted over a network is measured in MTU. To transmit data successfully, a source must discover MTU. MTU discovery involves receiving information about the MTU of remote networks.

This message contains a field that allows routers to inform the source about the MTU of the network that caused the problem. Once the source knows the MTU that failed its datagram, it can adjust MTU accordingly.

That's all for this tutorial. In this tutorial, we discussed the ICMP error messages and their format. If you like this tutorial, please don't forget to share it with friends through your favorite social channel.

ComputerNetworkingNotes Networking Tutorials ICMP Error messages and format explained