What is the ICMP port number? Explained with Ping ECHO and ECHO Reply example.
ICMP belongs to the suit of internet protocols. It is used to diagnose network issues or status e.g reachability etc. Many times there is a question about the port number for ICMP protocol. As it looks like the ICMP application, belongs to the application layer as per the OSI Model. So similar to other application-layer protocols (e.g ssh, telnet, HTTP, etc.), ICMP is also has a port number.
But that is not true. To understand why ICMP does not have a port number, we need to understand the position of ICMP protocol as compared to other application-layer protocols. In TCP/IP or UDP/IP, other application-layer protocols are over the transport layer while in the case of ICMP, the protocol is over the IP layer. We can see here the protocol stack for ICMP.
In this tutorial, we will explain why there is no port for ICMP, but still, there can be multiple ping execution over the same IP layer concurrently. There will be an example of echo and echo reply protocol messages.
ICMP port and transport layer port:
When an application uses, the transport layer, it is addressed by a port number. The source and destination both have a port number along with the IP addresses. When an application over the transport layer sends a request to the peer, it sends a message with source and destination port numbers. On reply or response, the port number becomes the opposite. Based on the port number the transport layer delivers the message to the correct application.
So we conclude that because of port number there could be multiple applications on top of a transport layer. That we have also seen in real life, that we can browse multiple websites from a web browser, and the response of a web request is displayed in the same tab used for the request.
What does that mean, no port, no multiple applications? Only there could be one ping command at a time from a computer? But that is not true we know by experience.
ICMP port explanation with Echo reply and Echo Response messages:
There could be multiple applications for ICMP. Each application will get a reply to its own requests. To understand the correlation between request and response without a port we need to first understand the ICMP echo and echo reply message as per RFC 792.
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Message Type | Code | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identifier | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Data ... +-+-+-+-+-
The first byte is the Message type for Echo this will be 8 and for echo, a reply will be zero (0). The value of the Code will be zero for echo and echo reply. Here we see that there is an identifier. This is used similarly to port numbers in the transport layer.
This is two bytes filed, the IP header knows the identifier and delivers the response to the ping application that is using the identifier in the IP header response.