ICMP ttl-exceeded packets not sourced correctly

From: parker
Date: Thu Oct 28 2004 - 20:19:04 EST

Next message: Adrian Bunk: "[2.6 patch] scsi/qla2xxx/qla_rscn.c: remove unused functions"
Previous message: Adrian Bunk: "[2.6 patch] USB stv680.c: remove an unused function"
Next in thread: David Schwartz: "RE: ICMP ttl-exceeded packets not sourced correctly"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I think there's a problem with the ICMP code...

Say you have a router, and it's multihomed to two different isp's,
say cogentco.com and qwest.net as your upstreams.
On your cogent interface, you have the ip address on the /30 assigned by cogent,
with reverse dns being blahblah.demarc.cogentco.com on the qwest interface.
Same story with qwest, with reverse dns being whatever.qwest.net.
Now let's say someone out on the internet with ip address of 1.1.1.1 runs
a traceroute into your network and his incoming path to your network comes over qwest.
Your router's hop should source its ICMP ttl-exceeded code (the traceroute hop) on
its qwest /30 ip address, because thats where the traceroute got triggered.
ICMP ttl-exceeded code's response should not be originated from the interface
holding the route, but should be origianted from the interface that got hit
with the traceroute.

--
Bubba Parker
Systems Administrator
CityNet LLC
http://www.citynetinfo.com/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Adrian Bunk: "[2.6 patch] scsi/qla2xxx/qla_rscn.c: remove unused functions"
Previous message: Adrian Bunk: "[2.6 patch] USB stv680.c: remove an unused function"
Next in thread: David Schwartz: "RE: ICMP ttl-exceeded packets not sourced correctly"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]