> Date: Thu, 16 Dec 1999 02:39:28 -0800
> From: "Saxo Saxo" <[EMAIL PROTECTED]>
> Subject: ICMP
>
> Hello,
>
> I am seeing some ICMP type 11 code 0 packets dropped from the external
> interface of my firewall to an internet address. Any ideas, should i
> be worried?
>
>
> Thanks in advance.
>
> Saxo
Dear Saxo,
There is web page which say this:
[snip]
Type Name Reference
---- ------------------------- ---------
11 Time Exceeded [RFC792]
...
Many of these ICMP types have a "code" field. Here we list the types
again with their assigned code fields.
Type Name Reference
---- ------------------------- ---------
11 Time Exceeded [RFC792]
Codes
0 Time to Live exceeded in Transit
1 Fragment Reassembly Time Exceeded
[snap]
This mean that some server which you have tried to contact has
initialized connection but link where too slow. Server sent you reply
that you or something between you is too slow and server closes
connection. This packet should pass through firewall. I would suggest
that some other ICMP packets would pass which are:
0 Echo Reply [RFC792]
3 Destination Unreachable [RFC792]
8 Echo [RFC792]
11 Time Exceeded [RFC792]
12 Parameter Problem [RFC792]
31 Datagram Conversion Error [RFC1475]
You also have to think that which directions you let messages go.
It might be good idea to let your private network ping other network
hosts but not wise versa.
The refrence webpage is:
http://www.isi.edu/in-notes/iana/assignments/icmp-parameters
Best regards,
Sami
===
(__) Sami Kerola
(oo) RTT Ohjelmistopankki Oy
/-------\/ Rantakatu 8 phone +358 8 2104210
/ | || 92100 RAAHE mobile +358 50 3438138
* ||----|| FINLAND fax +358 8 2104201
^^ ^^ http://www.ohjelmistopankki.fi/
My PGP key http://www.pgp.net/wwwkeys.html
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
