From owner-freebsd-net@FreeBSD.ORG Fri Apr 11 14:21:28 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 73D1C37B405; Fri, 11 Apr 2003 14:21:28 -0700 (PDT) Received: from heron.mail.pas.earthlink.net (heron.mail.pas.earthlink.net [207.217.120.189]) by mx1.FreeBSD.org (Postfix) with ESMTP id 43D2443F93; Fri, 11 Apr 2003 14:21:27 -0700 (PDT) (envelope-from tlambert2@mindspring.com) Received: from pool0012.cvx22-bradley.dialup.earthlink.net ([209.179.198.12] helo=mindspring.com) by heron.mail.pas.earthlink.net with asmtp (SSLv3:RC4-MD5:128) (Exim 3.33 #1) id 1945xc-0006dJ-00; Fri, 11 Apr 2003 14:21:25 -0700 Message-ID: <3E973187.239563@mindspring.com> Date: Fri, 11 Apr 2003 14:20:07 -0700 From: Terry Lambert X-Mailer: Mozilla 4.79 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: BelletJr@aol.com References: <1dc.74b8b15.2bc851e7@aol.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-ELNK-Trace: b1a02af9316fbb217a47c185c03b154d40683398e744b8a4023478172c249d3e3a0fe231b5cb0e903ca473d225a0f487350badd9bab72f9c350badd9bab72f9c cc: current@freebsd.org cc: net@freebsd.org Subject: Re: connect(2) behavior with unreacheable hosts X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Apr 2003 21:21:29 -0000 BelletJr@aol.com wrote: > >Because it can't detect an infinite routing loop. > > Then why can't it detect an infinite routing loop? :) It does not implement > the classic three-way handshake of a TCP connection establishment?? It sends SYN and waits for SYN/ACK before sending an ACK. The wait is indenfinite, unless the machine receives an ICMP "host unreachable" or similar connection reject packet. Most likely, ICMP is disabled somewhere between you and the other end. Probably at your firewall. You should look at a tcpdump of the traffic between the two endpoints which occurs during the connection request, to find out for sure. If you don't like raw tcpdump (or can't read it easily), then use "ethereal" from ports. As to why it can't detect it without the ICMP, it's because it's not possible to compute transitive closure over the graph of your local routing table, and all the routing tables between you and the other end, because the memory isn't local. 8-) 8-). > If this is the case, I think the man page is not precise enough. It states > "If the socket is of type SOCK_STREAM, this call attempts to make a > connection to another socket" and later on "The connect() function returns > the value 0 if successful". You're mixing up two different usages of connect(). > BTW we can imagine that the majority of programs aren't crafted to handle > this case. Probably not... the majority of programs probably assume that your network is set up correctly. 8-). > Have a look for example to the simple "daytime.c" program from the > developper handbook. It just doesn't do anything if time.nist.gov is > unreachable because of an infinite routing loop. I still don't know what you mean by "infinite routing loop"; there's really no such thing. If you try to insert one on a single host, the insertion attempt that would cause the loop will be rejected by the "route add". It's a radix tree; being hierarchical, it can't loop, since the idea of a loop is not supported by the data structure. The only purpose of the routing code is selection of "next hop", and that dictates "interface to use". And that's all it does. It's up to intermediate hosts to indicate route failures via ICMP messages (Internet Control Message Protocol). If you disable ICMP, be ready to have your foot shot off. -- Terry