VanLUG Email Archive
David Clark (silenus@telus.net)
Sun, 20 Aug 2000 12:09:41 -0700 (PDT)
Simon A. de Weerdt writes:
> My /var/log/warn has lots of the following messages
>
> Aug 20 00:53:38 namous kernel: 209.53.32.254 sent an invalid ICMP error
> to a broadcast.
>
>snip<
>
> THE QUESTION:
>
> Is BCTel's router really giving an invalid ICMP error to a broadcast?
> Or is my configuration/software working improperly?
>
This message indicates that an upstream router is broken. According to
RFC1122, routers should never send ICMP errors to broadcast, but some
of BCTel's do. Your chances of getting this fixed by talking to them
are nil.
There are three fixes from your end. Choose one:
1) Execute the following, as root:
echo 1 > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses
You'll have to do this each time you boot, so stick it in
/etc/rc.d/rc.local
2) Patch the kernel, and recompile. The offending line is in
/usr/src/linux/net/ipv4/icmp.c:
/*
* Check the other end isnt violating RFC 1122. Some routers send
* bogus responses to broadcast frames. If you see this message
* first check your netmask matches at both ends, if it does then
* get the other vendor to fix their kit.
*/
if (!sysctl_icmp_ignore_bogus_error_responses)
{
if (inet_addr_type(iph->daddr) == RTN_BROADCAST)
{
if (net_ratelimit())
printk(KERN_WARNING "%d.%d.%d.%d sent an invalid ICMP error to a broadcast.\n",
NIPQUAD(skb->nh.iph->saddr));
return;
}
}
3) Upgrade your kernel. My understanding is that this error message is
now sent to debug, as it probably should be.
-- David Clark - silenus@telus.net Microsoft isn't the answer, it's the question. Linux is the answer. Microsoft is never the answer, unless the question is "What isn't the answer?"-- This message came to you via the Vancouver Linux Users Group mailing list. For unsubscription instructions do not email the list, but rather send mail to <vanlug-request@gweep.bc.ca>.
This archive was generated by hypermail 2.0b3 on Sun 20 Aug 2000 - 19:04:49