What’s the difference between ICMP prohibited ICMP unreachable

A UNIX socket, AKA Unix Domain Socket, is an inter-process communication mechanism that allows bidirectional data exchange between processes running on the same machine.

IP sockets (especially TCP/IP sockets) are a mechanism allowing communication between processes over the network. In some cases, you can use TCP/IP sockets to talk with processes running on the same computer (by using the loopback interface).

UNIX domain sockets know that they’re executing on the same system, so they can avoid some checks and operations (like routing); which makes them faster and lighter than IP sockets. So if you plan to communicate with processes on the same host, this is a better option than IP sockets.

Edit: As per Nils Toedtmann's comment: UNIX domain sockets are subject to file system permissions, while TCP sockets can be controlled only on the packet filter level.

ICMP Unreachable packets are a special breed; they'll only be thrown back at your systems when a router cannot route for that destination, if the router's behaving correctly; you'll also need to make sure they aren't getting discarded by an overzealous firewall.

In the case of 10.0.0.1, the ISP is probably not filtering the RFC 1918 ranges out until hop 3 - but if the discard is due to an ACL filter, it'll just throw the packets away without sending an Unreachable response.

To get your linux router to drop the packets and throw unreachables, add a reject route:

route add -net 10.0.0.0 netmask 255.0.0.0 reject

You'll want to make this persistent - where you need to do this depends on your router's flavor of linux.