92 Byte ICMP Blocking Problem
Richard J.Sears
rsears at adnc.com
Fri Sep 12 18:41:19 UTC 2003
Hi Chris,
We were having the same exact problem with 4 TNTs that we have. In the
end, we shut off ip-route-cache on the TNTs and that fixed the problem
with them.
Richard
On Fri, 12 Sep 2003 12:52:58 -0500
Chris Adams <cmadams at hiwaay.net> wrote:
>
> Once upon a time, Richard J.Sears <rsears at adnc.com> said:
> > Since then, we have been hammered with customer complaints concerning
> > the inability to talk to mail servers and ssh to their servers, as well
> > as other weird network issues, all centering around the time we started
> > blocking 92 Byte ICMP packets.
> >
> > Has anyone else seen this, and if so, is the only resolution to stop the
> > blockage of 92 Byte ICMP Packets..?
>
> Yes. As soon as we put the policy route map in place, we had some
> people unable to talk via SSH, SMTP, or POP3. It was random: one person
> here in the office couldn't SSH to a particular server. He could SSH to
> other servers, and the rest of us could SSH to the server he could not.
> We had similar experiences with SMTP and POP3. When we took the policy
> route map back out, the problems went away.
>
> This is with IOS 12.0(25)S1 on a 7513 doing dCEF. We put the policy
> route map on the FE interface linking this router to the POP core
> router; this router has MC-T3 interfaces and ethernets to Ascend TNTs
> and such. The intent was to stop the 92 byte ICMP echos from reaching
> the Ascend TNTs, since several of them were rebooting constantly.
>
> --
> Chris Adams <cmadams at hiwaay.net>
> Systems and Network Administrator - HiWAAY Internet Services
> I don't speak for anybody but myself - that's enough trouble.
More information about the NANOG
mailing list