Date: Wed, 21 Feb 2001 12:15:45 -0800 From: "Jonathan Graehl" <jonathan@graehl.org> To: "freebsd-Arch" <freebsd-arch@FreeBSD.ORG> Subject: Why are ICMP redirects observed by default? Message-ID: <NCBBLOALCKKINBNNEDDLGEEPDLAA.jonathan@graehl.org>
next in thread | raw e-mail | index | archive | help
I thought ICMP redirects had fallen out of favor; is the security risk (an interloper being able to change routing tables) considered insignificant for leaf or edge machines? Do redirects actually help performance in the real world? Of course, there is nothing to complain about, since the behavior can be toggled; I am simply curious as to what the current feeling about them is (aside from the warm fuzzy feeling of RFC-compliance) # sysctl -a | grep redirect net.inet.ip.redirect: 1 net.inet.icmp.drop_redirect: 0 net.inet.icmp.log_redirect: 0 -- Jonathan Graehl email: jonathan@graehl.org web: http://jonathan.graehl.org/ phone: 858-642-7562 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NCBBLOALCKKINBNNEDDLGEEPDLAA.jonathan>