ICMP Blocking Woes
Crist Clark
crist.clark at globalstar.com
Wed Oct 1 00:22:25 UTC 2003
bdragon at gweep.net wrote:
>
> > AFAIK, it's been that way since Win95. I recall a certain
> > vendor's dodgy ISDN router * * * on Windows traceroute, but
> > working fine under *ix... for whatever reason, said router didn't
> > like the ICMP traceroute, but returned unreachables in response
> > to UDP when TTL expired.
> >
> >
> > Eddy
>
> Wasn't this based upon the premise that gear should not return ICMP
> errors as a result of ICMP packet input as a precaution against error
> loops? ie said dodgy router did the _right_ thing?
That would be disingenious. RFC1122 clearly lists which ICMP are error
messages,
3.2.2 Internet Control Message Protocol -- ICMP
ICMP messages are grouped into two classes.
*
ICMP error messages:
Destination Unreachable (see Section 3.2.2.1)
Redirect (see Section 3.2.2.2)
Source Quench (see Section 3.2.2.3)
Time Exceeded (see Section 3.2.2.4)
Parameter Problem (see Section 3.2.2.5)
*
ICMP query messages:
Echo (see Section 3.2.2.6)
Information (see Section 3.2.2.7)
Timestamp (see Section 3.2.2.8)
Address Mask (see Section 3.2.2.9)
But it would not surprise me one bit if some lazy coder actually didn't
do what you describe just to make the code simpler and try to use that
as a justification.
--
Crist J. Clark crist.clark at globalstar.com
Globalstar Communications (408) 933-4387
More information about the NANOG
mailing list