Re: Could an ICMP Redirect have disconnected my server?

On Fri, 31 Aug 2007, in the Usenet newsgroup comp.os.linux.networking, in
article <13deq7ea6louj15@xxxxxxxxxxxxxxxxxx>, ljb wrote:

ibuprofin@xxxxxxxxxxxxxxxxxxxxxx wrote:

Usually, having logical subnets on the same physical wire is a bad idea.

I agree, but we're stuck with it. (I think it started way back when they
decided some boxes couldn't handle different subnet mask sizes.)

Makes for a fun with the routing tables for everyone else.

Logical, sorry. Server is e.g. 10.1.2.3 subnet /24, only systems on
10.1.2.0/24 could talk to it. Other systems on the same physical subnet
(connected to the same Cisco Catalyst switch), but a different subnet
number, could not.

Could systems on "that" subnet talk to other systems on "this" subnet?
Obviously the problem winds down to "both ends need to know how to see
the other side" in order to talk.

Is syslogd configured to log any routing information?

I don't think so. It doesn't act as a router (no forwarding, one network
interface). Unless the kernel logs routing messages, I'm not sure what
else would do that.

I was more hoping that the applications wrote something. Oh well.

Depends on your network layout. Not very likely, but not impossible.

No routing daemon. The other person said he saw a 10 minute timeout,
but only host redirects worked, not network. Which makes sense.

This was a problem recognized long ago. See those RFCs I mentioned.
There isn't supposed to be a timeout. If you've screwed up the routing
setup such that the router or what-ever is correcting you, the idea
is not to stop using the "corrected" routing data just because things
timed out. On the other hand, when something else changes and then
some host/router could send the Redirect to fix things. However this
is SO EASY to abuse, most network setups default to "ignore". The
assumption is that whoever set up the routing should know what they
are doing, and if they've made a mistake, it's better to learn about
it ("it's not working!!! - WHY") than to have some silly helper cover
up the mistake. (Example - ZeroConf when the MCSE so screwed up the
DHCP server that even windoze can't get an IP.)

Either way, I don't think this was the cause. The networking group,
and Active Directory group (this is a Windows shop) also have no idea
and say they didn't do anything. Oh well.

OF COURSE NOT!!! We wouldn't do nothin' ;-)

Old guy
.

Relevant Pages

  • Re: Could an ICMP Redirect have disconnected my server?
    ... yes - but you seem to have a strange network ... does a routing table entry from an ICMP Redirect time out? ... systems with the same subnet number. ...
    (comp.os.linux.networking)
  • Re: Cant figure out simple routing between 2 Windows domains
    ... I'm lost on how to get a very simple routing setup working for 2 ... floor I have domain2.com with a subnet of 192.168.2.0/24. ... network together with the cable running between them. ... You need one router with an interface in each network. ...
    (comp.dcom.sys.cisco)
  • Re: Bridging interfaces
    ... The handbook section on routing is pretty basic and it seems ... A layer 2 bridge connects two physical network segments to create the ... subnet sitting on top of a layer 2 network. ... If you want a single layer 2 network, ...
    (freebsd-questions)
  • [Full-disclosure] Lets make a spy-proof communications infrastructure
    ... cell phone network which will run like a peer to peer network, ... If we devised some private communicator, ... While truly global routing might require some relays to bridge areas ...
    (Full-Disclosure)
  • [Full-disclosure] Lets design a spy-proof communications infrastructure
    ... cell phone network which will run like a peer to peer network, ... If we devised some private communicator, ... While truly global routing might require some relays to bridge areas ...
    (Full-Disclosure)