kern/109246: ICMP rejects are not generated with fastforwarding
enabled
Ingo Flaschberger
if at xip.at
Fri Feb 16 21:30:04 UTC 2007
>Number: 109246
>Category: kern
>Synopsis: ICMP rejects are not generated with fastforwarding enabled
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Feb 16 21:30:03 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator: Ingo Flaschberger
>Release: 6.1-RELEASE-p12
>Organization:
>Environment:
i386
>Description:
In the routingtable is a blackhole reject route:
Destination Gateway Flags Refs Use Netif Expire
192.168.0/16 127.0.0.1 UGR1 0 0 lo0
With fastforwarding disabled, a ICMP reject is generated:
traceroute to 192.168.200.1 (192.168.200.1), 30 hops max, 38 byte packets
1 10.0.0.175 (10.0.0.175) 2.752 ms 0.231 ms 0.208 ms
2 10.0.0.175 (10.0.0.175) 0.224 ms !H 0.187 ms !H 0.193 ms !H
With fastforwarding enabled, not:
traceroute to 192.168.200.1 (192.168.200.1), 30 hops max, 38 byte packets
1 10.0.0.175 (10.0.0.175) 0.620 ms 0.214 ms 0.142 ms
2 * * *
3 * * *
4 * * *
>How-To-Repeat:
No problem:
At the router:
sysctl -w net.inet.ip.forwarding=1
route add -net 192.168.0.0/8 lo0 -reject -nostatic -proto1
At another machine:
route add -net 192.168.100.0/24 gateway <ipoftherouter>
traceroute 192.168.101.1
Problem:
At the router:
sysctl -w net.inet.ip.fastforwarding=1
At another machine:
traceroute 192.168.101.1
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list