shubhendu rearranged electrons thusly:
> i am getting following icmp error message regularly
> "164.100.235.1 sent an invalid ICMP error to broadcast"
This is a FAQ :) You got a misconfigured tcp/ip stack on your network
somewhere which has a broken implementation of RFC 1122 (ICMP) - and that's
the IP of the machine. ICMP errors should never be sent regarding braodcast
frames - it'd just cause this traffic flood here.
See /usr/src/linux/net/ipv4/icmp.c
* RFC1122 (Host Requirements -- Comm. Layer) Status:
/*
* Check the other end isnt violating RFC 1122. Some routers send
* bogus responses to broadcast frames. If you see this message
* first check your netmask matches at both ends, if it does then
* get the other vendor to fix their kit.
*/
if (!sysctl_icmp_ignore_bogus_error_responses)
{
if (inet_addr_type(iph->daddr) == RTN_BROADCAST)
{
if (net_ratelimit())
printk(KERN_WARNING "%u.%u.%u.%u sent an invalid ICMP error to a broadcast.\n",
NIPQUAD(skb->nh.iph->saddr));
return;
}
}
Then try Richard Stevens (tcp/ip illustrated, vol 1) - chapter 6 deals with
ICMP.
Temporary fix on the box which is popping up these errors:
echo 1 > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses
--
Suresh Ramasubramanian <--> mallet <at> efn <dot> org
EMail Sturmbannfuhrer, Lower Middle Class Unix Sysadmin
----------------------------------------------
The mailing list archives are available at
http://lists.linux-india.org/cgi-bin/wilma/linux-india-help