Date: Mon, 11 Dec 2000 12:03:53 -0800 From: "Crist J. Clark" <cjclark@reflexnet.net> To: Steven <steven@trance.org> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: ICMP redirect packets Message-ID: <20001211120353.C21549@149.211.6.64.reflexcom.com> In-Reply-To: <NEBBLBKNKLDHDLHHPODBIEPFCHAA.steven@trance.org>; from steven@trance.org on Mon, Dec 11, 2000 at 02:13:48PM -0000 References: <20001210211834.S96105@149.211.6.64.reflexcom.com> <NEBBLBKNKLDHDLHHPODBIEPFCHAA.steven@trance.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Dec 11, 2000 at 02:13:48PM -0000, Steven wrote: > > > I have a query to do with icmp redirect packets. I'm not > > entirely sure what > > > they are, but my machine is sending a lot of them over the > > network and I am > > > not sure if it is meant to be doing! :-) > > > > Are you running routed(8)? Turn it off. You don't need it. > > not that i can see (it does not appear in ps -ax and there is no option set > in my kernel config file). I added the following to my kernel config before > the last recompile, as specified in a natd help document i read: [snip] Hmmm. Nothing surprising there. So, there are three places the redirects could be coming from (1) the gateway OS, (2) from a process on the gateway, or (3) a machine behind the gateway. IIRC, you said that the redirects looked like a response to a incoming broadcast. That would seem to imply that (3) is not a likely choice, and you can quickly verify that by looking for redirects on your private net. As for (2), no routed. Any other routing or network daemons besides natd? To fully investigate (1), what do the redirects look like again, what is the ifconfig on the public interface, and what does your routing table look like? However, I think the sysctl knob, net.inet.ip.redirect, should silence this if you just want to stop it, # sysctl -w net.inet.ip.redirect=0 And, # echo "net.inet.ip.redirect=0" >> /etc/sysctl.conf To preserve the setting over reboots. Turning off the redirects should not break anything. Other machines on the network should not be looking to yours for routing hints, should they? -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001211120353.C21549>