What is the ICMP port number? Explained with Ping ECHO and ECHO Reply example.

ICMP belongs to the suit of internet protocols. It is used to diagnose network issues by checking a host’s reachability etc. There is often a question about the port number for the ICMP protocol, as it looks like the ICMP belongs to the application layer as per the OSI Model.

So similar to other application-layer protocols (e.g., ssh, telnet, HTTP, etc.),  does ICMP also have a port number?

But that is not true. To understand why ICMP does not have a port number, we need to understand the position of ICMP protocol compared to other application-layer protocols. The TCP/IP, UDP/IP, or other application-layer protocols are over the transport layer, while in the case of ICMP, the protocol uses the services of the IP layer directly. We can see here the protocol stack for ICMP.

In this tutorial, we will explain why there is no port for ICMP, but still, there can be multiple ping execution from the same host concurrently. An example of the echo and echo reply of ICMP messages will be provided as part of the explanation.

ICMP port and transport layer port.

A transport layer user is associated with a port number. The source and destination applications have port numbers and IP addresses. When an application over the transport layer sends a message to the peer, it sends a message with source and destination port numbers.

On reply or response, the port number becomes the opposite. The transport layer delivers the message to the correct application based on the port number.

So we conclude that because of the port number, multiple applications could be on top of a transport layer. We have also seen in real life that we can browse multiple websites from a web browser, and the response to a web request is displayed in the same tab used for the request.

What does that mean, no port, no multiple applications? Only there could be one ping command at a time from a computer. But that is not true. We know by experience. 

ICMP port explanation with Echo reply and Echo Response messages:

There could be multiple applications for ICMP. Each application will get an answer to its requests. To understand the correlation between request and response without a port, we must first understand the format of ICMP echo and echo reply messages as per RFC 792.

   |     Message Type      |     Code      |          Checksum                                  |
   |           Identifier          |        Sequence Number                         |
   |     Data ...

The first byte in the message is the Message Type. For Echo, the value is 8, and for Echo Reply, it is zero (0). The value of the Code will be zero for echo and echo reply. Here we see that there is an identifier. This is used similarly to port numbers in the transport layer.

This is two bytes value. The IP header knows the identifier and delivers the response to the ping application using the identifier in the IP header response.