Re: Could an ICMP Redirect have disconnected my server?

On Thu, 30 Aug 2007, in the Usenet newsgroup comp.os.linux.networking, in
article <13dc5a2kl2ivud0@xxxxxxxxxxxxxxxxxx>, ljb wrote:

Does Linux (2.4.x) act on ICMP Redirect packets by default?

Under limited conditions, yes - but you seem to have a strange network
layout which might confuse things. 2.4.x? Which 2.4.x? 2.4.31.2 is the
latest (released about two weeks ago).

If so, can an ICMP Redirect override a static default route?
If so, does a routing table entry from an ICMP Redirect time out?

1122 Requirements for Internet Hosts - Communication Layers. R.
Braden, Ed.. October 1989. (Format: TXT=295992 bytes) (Updated by
RFC1349, RFC4379) (Also STD0003) (Status: STANDARD)

1812 Requirements for IP Version 4 Routers. F. Baker, Ed.. June 1995.
(Format: TXT=415740 bytes) (Obsoletes RFC1716, RFC1009) (Updated by
RFC2644) (Status: PROPOSED STANDARD)

A quick scan of those two, I don't see a timeout.

I have this Linux server that went mostly off-line suddenly today,
disconnecting a number of database users and such. The server is on an
intranet, private static IP address and one default route to a internal
router. (The only odd thing is that there are multiple logical subnets on
the same physical subnet.)

Usually, having logical subnets on the same physical wire is a bad idea.

When it dropped all those connections, it was still reachable from, and
could still reach, systems with the same subnet number.

Logical or physical?

Unfortunately, I didn't realize that at the time - I found two systems
that could still reach it, but I didn't make the subnet connection. So I
didn't check the routing table until later.

Is syslogd configured to log any routing information?

About 90 minutes after it dropped off, it came back up; nobody did
anything to it - it just started taking to the network normally again.

Assuming you are not using a routing daemon like routed or gated, a
redirect should stick until networking is restarted (clearing and
reloading the routing table). The only way to change the table would
be an ICMP Redirect (which a distribution-standard kernel should be
ignoring except under very limited conditions).

Trying to figure out what happened, I was wondering if a 'rogue' ICMP
redirect could cause this. Is this possible?

Depends on your network layout. Not very likely, but not impossible.

Old guy

.

Relevant Pages

  • Re: Cant figure out simple routing between 2 Windows domains
    ... I'm lost on how to get a very simple routing setup working for 2 ... floor I have domain2.com with a subnet of 192.168.2.0/24. ... network together with the cable running between them. ... You need one router with an interface in each network. ...
    (comp.dcom.sys.cisco)
  • Re: Bridging interfaces
    ... The handbook section on routing is pretty basic and it seems ... A layer 2 bridge connects two physical network segments to create the ... subnet sitting on top of a layer 2 network. ... If you want a single layer 2 network, ...
    (freebsd-questions)
  • Re: Cannot ping subnet through VPN
    ... where is this subnet and how is it connected? ... can't really advise you if we don't know how your network is configured. ... depends on the routing on the subnet you are trying to reach. ... >> configured as Remote access server with single NIC/IP ...
    (microsoft.public.win2000.ras_routing)
  • Re: FreeBSD 4.9 / VRRP / vlan
    ... >up cause it already has route to that network in routing table. ... There's no problem to add the virtual IP as an alias of ether cards .. ... passive router not to announce the subnet to others one ...
    (freebsd-net)
  • [Full-disclosure] Lets make a spy-proof communications infrastructure
    ... cell phone network which will run like a peer to peer network, ... If we devised some private communicator, ... While truly global routing might require some relays to bridge areas ...
    (Full-Disclosure)