On Wed, 2002-05-22 at 10:18, Ray Olszewski wrote: > Before we keep asking for more and more info, perhaps we should look a bit > at what we do know and interpret the actual report. As Michael correctly > pointed out yesterday, the important log line is the one that preceded the > "NET" line, and we're finally seeing it. > > It reads: > > > > May 22 02:53:54 NRP-413 kernel: Redirect from D08A145C/eth0 to D08A1401 > > > ignored.Path = D08A1469 -> 42DA4753, tos 00 > > Unpacked, this says that the kernel is reporting that it received and > refused an instruction to redirect from 208.138.20.92 (0xD08A145, which is > the external gateway address in the routing table) to 208.138.20.01 > (0xD08A1401, another host on the external network). It is connected with a > packet going from the router's external address 208.138.20.105 (0xD08A1469) > to the non-local address 66.218.71.83 (0x42DA4753). > > While I have not actually seen a message like this one before, it reads > like a report of a message received fom the external gateway telling the > system to use a different external gateway address ... probably sent via > some standard routing protocol. (Perhaps someone here who knows routing > protocols better than I can recognize it; I have a hazy memory of an "icmp > redirect" packet type that may be involved.) > > Given that 208.138.20.01 is a more typical address for an ISP gateway than > 208.138.20.92, I would guess that this is nothing more than an ISP that is > too lazy to supply its customers with correct, up-to-date routing > information, instead using a quick technofix to update its routing.
Ray, Thanks for jumping in. :-) Would this account for the Martin messages he is receiving also? > If my guess is correct, -AND- if my assumption is correct that there is no > actual service failure associated with these messages, then there are two > courses of action: > > 1. Ignore them. For the on-screeen part, figure out what their > priority is (probably a klogd issue, not a syslogd one, since they come > from the kernel) and revise the klogd setting not to display them. My man > page for klogd says its default behavior is to display only panic messages > to the console, so you need to check how Eigerstein 2 changes that. I think you can stop logging of TOS redirects in network.config by changing the option below to yes. This may open up a possible security hole. ALLIF_ACCEPT_REDIRECTS=NO > 2. Try changing the routing table so the router uses 208.138.20.01 > as its default gateway, and see if everything works. I'd try this first. -- Mike Noyes <[EMAIL PROTECTED]> http://sourceforge.net/users/mhnoyes/ http://leaf-project.org/ _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
