1.1.d (i) ICMP Unreachables, and Redirects

The Internet control message protocol (ICMP) has many types of messages and codes (sub types).


The two discussed below are Type 3 – Destination Unreachable, and Type 5 – Redirect as it relates to 1.1.d (i) ICMP unreachable, redirect.

Type 3 – Destination Unreachable:

This type of message is sent back to the source of the packet when their destination or service is not available. Depending on the code, this type is sent from both Routers and destination Hosts.

Type 3 Code 0 – Net Unreachable
A router generates an ICMP unreachable to inform the source host that the destination address is unreachable, meaning there’s no route.

Type 3 Code 1 – Host Unreachable
The router is directly connected to the destination host but the destination host is not responding to ARP requests.

Type 3 Code 2 – Protocol Unreachable
Hosts send these to sources. A rare type of code to see, more likely you will see code 3. Here, protocol unreachable means the host is up but it does not support the transport protocol (like tcp, udp, sctp, layer 4 protocol).

Type 3 Code 3 – Port Unreachable
Hosts send these to sources. A more common ICMP unreachable to see. As long as the firewall permits the traffic, the host will receive the original packet. Then the host transfers the packet up the stack but the host is not actually listening on that port with any service. Thus the host sends a type 3, code 3 , port unreachable.

Type 3 Code 4 – Fragmentation needed and Don’t fragment was set
A router also generates an ICMP unreachable when a packet needs to be fragmented, but the don’t fragment bit is set in the IP header.

Type 3 Code 5 – Source route failed
In this case the router was probably blocking the use of source routing a packet (good to block this because it’s a security flaw)

Type 3 Code 6 – Destination Network Uknown

Type 3 Code 7 – Destination Host Uknown

Type 3 Code 8 – Source host isolated (obsolete)

Type 3 Code 9 – Destination network is administratively prohibited.

Type 3 Code 10 – Destination host is administratively prohibited.

Type 3 Code 11 – Network is unreachable for ToS.

Type 3 Code 12 – Host is unreachable for ToS.

Type 3 Code 13 – Communication administratively prohibited.

Type 3 Code 14 – Host precedence violation.

Type 3 Code 15 – Precedence cutoff in effect.

Type 5 – Redirect:


This type of message is sent back to the host ONLY from Routers. This message informs sources that there is a different path to reach their destination. The message plus 8 bytes of the original message are returned to the source so that they can track the original message down and understand for what host it is for. The messags happen when a host sends a packet to its default gateway to be routed, but the Router notices that the next hop for the network, or the actual host is reachable via the same subnet that the source host is at.

There are four (0 – 3) of these sub-types (codes) available for type 5, however only one of them is often used.

1. Type 5 Code 0 – Redirect for Network
Only used for classful networks, disregard this code, instead Type 5 Code 1 is mostly used. See this discussion for more details:

2. Type 5 Code 1 – Redirect for Host
This is the most common. This is generally a sign of bad design, or a hacked together network. It wastes bandwidth because at least one packet (in some interval) is sent to the router and then the router sends a type 5 code 1 to the host, which then forces the host to update his local route cache so that subsequent packets to that destination are sent out the closer way. This also wastes router CPU cycles because creating ICMP messages is part of the router’s CPU job.

3. Type 5 Code 2 – Redirect for ToS and Net
Same as Type 5 Code 3 but for takes classful networking into account, disregard this dinasour.

4. Type 5 Code 3 – Redirect for ToS and Host
This message is the same as Code 1, but now the router takes the ToS in the IP header into consideration (when utilizing QoS). A certain host might get a different redirect ( load balancing) based on packet ToS. This one is never used.

Source for 1.1.d (i) ICMP Unreachable, Redirect

1. http://www.networksorcery.com/enp/protocol/icmp/msg3.htm
2. http://www.networksorcery.com/enp/protocol/icmp/msg5.htm
3. https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml


Leave a comment

Exit mobile version