Networker Interview

Prepare for CCNA, CCNP, CCIE Interview !

header photo

ICMP Interview Questions and Answers

January 19, 2016

What is the Internet Control Message Protocol?
ICMP is basically a management protocol and messaging service provider for IP. It can provide Hosts with information about network problems.

ICMP works at which layer?
It works at Network Layer.

Which two fields in the ICMP header is used to identify the intent of ICMP message?
Type and Code.

What are various ICMP messages?
1. Destination Unreachable.
2.Buffer Full.
3.Hops/Time Exceeded.
4.Ping.
5.Traceroute.

How Traceroute works?
1. Firstly, Traceroute creates a UDP packet from the source to destination with a TTL value of 1.
2. Packet reaches the first router where the router decrements the value of TTL by 1, making packet’s TTL value 0 because of which the packet gets dropped.
3. As the packet gets dropped, it sends an ICMP message [Hop/Time exceeded] back to the source.
4. This is how Traceroute comes to know the first router’s address and the time taken for the round-trip.
5. It sends two more packets in the same way to get  average round-trip time. First round-trip takes longer than the other two due to the delay in ARP finding the physical address, the address stays in the ARP cache during the second and the third time and hence the process speeds up.
6. These steps Takes place again and again until the destination has been reached. The only change that happens is that the TTL is incremented by 1 when the UDP packet is to be sent to next router/host.
7. Once the destination is reached, Time exceeded ICMP message is NOT sent back this time because the destination has already been reached.
8. But, the UDP packet used by Traceroute specifies the destination port number that is not usually used for UDP. So, when the destination verifies the headers of the UDP packet, the packet gets dropped because of improper port being used and an ICMP message [Destination Unreachable] is sent back to the source.
9. When Traceroute encounters this message, it understands that the destination is reached. Also, The destination is reached 3 times to get the average round-trip time.

Why there are three columns in traceroute results?
Three probes (change with -q flag) are sent at each ttl setting and a line ***is printed showing the ttl, address of the gateway and round trip time of each probe( so three * ).

Which ICMP message confirms the traceroute is completed?
Destination Unreachable Message

Go Back

Comment