1.4 Explain common networking ports, protocols, services, and traffic types
IP Protocol Types
📘CompTIA Network+ (N10-009)
Internet Control Message Protocol (ICMP)
Definition:
ICMP is a network layer protocol used to send error messages and operational information about network communication. It is part of the IP protocol suite, meaning it works with IP (both IPv4 and IPv6) to help manage and troubleshoot network connectivity.
Key Points for the Exam:
- ICMP does not transport application data like HTTP or FTP.
- It is used only for control and error messages about the delivery of IP packets.
- It is connectionless, meaning it does not establish a session between devices before sending messages.
Purpose of ICMP
ICMP is mainly used for:
- Error Reporting – Alerts the source device if something goes wrong while sending packets:
- Example: If a router cannot deliver a packet to its destination, ICMP sends a “destination unreachable” message back to the sender.
- Network Diagnostics – Helps IT professionals troubleshoot network issues:
- Example: Tools like ping and traceroute rely on ICMP to test connectivity and trace the route of packets through a network.
ICMP Message Types
ICMP messages are categorized into two main types:
- Error Messages – Tell the sender something went wrong:
- Destination Unreachable: The destination host or network cannot be reached.
- Time Exceeded: The packet took too long to reach its destination (TTL expired).
- Redirect: Tells a host to send traffic through a different router.
- Informational Messages – Used to test network connectivity or report status:
- Echo Request: Sent by a device to check if another device is reachable (used by
pingcommand). - Echo Reply: Sent back by the target device in response to an echo request.
- Echo Request: Sent by a device to check if another device is reachable (used by
Common ICMP Tools in IT
- Ping:
- Uses ICMP Echo Request and Echo Reply messages.
- Confirms whether a host is reachable and measures response time.
- Example in IT: An admin pings a server to ensure it’s online.
- Traceroute (tracert):
- Uses ICMP Time Exceeded messages.
- Shows the path a packet takes from source to destination, identifying each router along the way.
- Example in IT: Used to find where a network slowdown occurs between two servers.
- Path MTU Discovery:
- Uses ICMP Fragmentation Needed messages.
- Determines the maximum packet size that can travel to a destination without being fragmented.
- Important for performance tuning in networks.
ICMP in Network Security
- ICMP can be exploited in attacks, so many firewalls and routers filter ICMP traffic.
- Common ICMP attacks:
- Ping flood: Overwhelms a system with echo requests.
- Smurf attack: Uses ICMP echo requests to amplify traffic and cause denial of service.
Exam Tip: Know that while ICMP is useful for troubleshooting, it can be blocked or restricted for security reasons.
ICMP in IPv4 vs IPv6
- ICMPv4: Used in IPv4 networks.
- ICMPv6: Used in IPv6 networks.
- ICMPv6 is more essential in IPv6 because it handles error reporting, diagnostics, and neighbor discovery (finding other devices on the network).
Key Exam Takeaways
- ICMP is used for reporting errors and diagnostics, not for data delivery.
- It is connectionless and works alongside IP.
- Common ICMP messages: Echo Request, Echo Reply, Destination Unreachable, Time Exceeded.
- Tools that use ICMP: ping, traceroute.
- ICMP traffic can be filtered for security purposes.
- IPv6 uses ICMPv6, which includes additional functionalities like neighbor discovery.
✅ Memory Tip for the Exam:
Think of ICMP as the network’s way of sending status updates and warnings. When something goes wrong, ICMP tells you. When you want to check if a device is online, ICMP helps with that too.
