Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 21 Mar 2007 22:08:06 +0100
From:      Jon Otterholm <jon.otterholm@ide.resurscentrum.se>
To:        freebsd-net@freebsd.org
Subject:   Re: ICMP-floods
Message-ID:  <46019EB6.6010209@ide.resurscentrum.se>
In-Reply-To: <D0ACB868-E4D7-4438-92B5-F3769F7CD31C@mac.com>
References:  <460060A8.1080109@ide.resurscentrum.se> <65531A6A-7178-48A1-97D0-9DCB4F72E315@mac.com> <4600689C.3080306@ide.resurscentrum.se> <D0ACB868-E4D7-4438-92B5-F3769F7CD31C@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
Chuck Swiger wrote:
> On Mar 20, 2007, at 4:05 PM, Jon Otterholm wrote:
>>>> When setting net.inet.ip.redirect=0 on my routers, the icmp-redirects
>>>> disappear, but instead I get a large amount of ICMP-time-exceed 
>>>> from my
>>>> routers.
>>>
>>> The information you've provided strongly suggests either problems 
>>> with the netmasks being used, or a routing loop, or some combination 
>>> of both.
>> I have checked netmasks and they are all on the same network. There 
>> should not be any routing involved in the communication between these 
>> hosts.
>
> OK.  Care to show a "tcpdump -ntv icmp" illustrating the problem...?  :-)
Nope :-)

I dug a little deeper into this. It seems like my problems are far more 
extensive than I first expected.

I did not mention earlier that all if's are vlan-based sub-intefaces. It 
seems that if I move admin-if's on my routers to a different physical if 
than the one with the default route, all weird time-exeed/redir are gone 
and all traffic on my Nagios-machine are OK.

It seems allmost as if my routers can not hold apart inbound traffic 
destined to different sub-if's on one physical if. Can this be it? I 
have checked my topology from all around now and I can not find any 
routing loops.

For example: Router1 has it's default route connected to em0.10. With 
admin-net on em0.20 I get my icmp-floods. Moving admin-net to em1.20 
makes the icmp-floods go away.

A possible bug in if_vlan?

//Jon

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?46019EB6.6010209>