Adam wrote: > Hi, after upgrading from 122 to 129, I noticed something happening that wasnt > before. > > Obviously my ADSL router is being stupid, but I think that opensolaris should > kinda be smart enough to realise this isnt valid... anyway I have my > opensolaris file server running, and a number of other hosts on my lan. If I > turn off one of the other machines, then ping it from the opensolaris box, > the router responds with this rubbish (note that you dont see this in 122): >> ping activity > ICMP Host redirect from gateway router (192.168.1.254) > to activity (192.168.1.70) for activity (192.168.1.70)
Ouch. Why is the ADSL router seeing this packet at all? What's appearing on the wire? Can you post snoop or wireshark traces showing the actual Ethernet headers? It's possible that something more than just a busted ADSL device is involved in this problem. > Obviously this isnt a valid redirect, but then look what gets added to my > routing table (from netstat -r): > Destination Gateway Flags Ref Use Interface > -------------------- -------------------- ----- ----- ---------- --------- > activity activity UHD 1 0 > > > Ideally, any ICMP redirect for hosts on the same LAN should probably be > ignored, and ICMP redirect which has the same dest and gateway should > probably be ignored. Possibly also before it gets added to the routing table > permanently maybe it should be verified? I don't think same dest/gateway is a useful test because it's too narrow, but, certainly, seeing a redirect where the destination is on one of the subnets configured for the interface over which it was received is a clear indication that the redirect is bogus. > For now I think I'll disable ICMP redirects for my solaris box, it isnt a > router so it doesnt need to know about it, but in future maybe it could be > smarter? Nit picking: actually, it's the other way around. Routers are required to ignore redirects. Redirects are only for "hosts." See RFC 1812. It's part of the host-versus-router conceit. Those implementing what they think are "hosts" believe that they have no need for routing protocols. But they do need routes in some cases, so they invent protocols that allow them to get routes -- which end up actually being routing protocols in all but name. And particularly crummy ones at that. -- James Carlson 42.703N 71.076W <carls...@workingcode.com> _______________________________________________ networking-discuss mailing list networking-discuss@opensolaris.org
