Re: ping DOS avoidance?
I was just asked about something not too different, involving IIRC tnsping. It got me to looking at ip_sysctl.txt which has: icmp_ratelimit - INTEGER Limit the maximal rates for sending ICMP packets whose type matches icmp_ratemask (see below) to specific targets. 0 to disable any limiting, otherwise the maximal rate in jiffies(1) Default: 100 icmp_ratemask - INTEGER Mask made of ICMP types for which rates are being limited. Significant bits: IHGFEDCBA9876543210 Default mask: 00110011000 (6168) Bit definitions (see include/linux/icmp.h): 0 Echo Reply 3 Destination Unreachable * 4 Source Quench * 5 Redirect 8 Echo Request B Time Exceeded * C Parameter Problem * D Timestamp Request E Timestamp Reply F Info Request G Info Reply H Address Mask Request I Address Mask Reply * These are rate limited by default (see default mask above) (I've always been used to masks being specified as hex values) rick jones - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
ping DOS avoidance?
Hi, I'm stress testing some network devices by doing some cross flood pings among them. It occurs sometimes that one of the hosts (host foo) will stop answering to pings from other hosts. foo can ping all the other hosts, and I can use ssh back and forth, but it doesn't answer ping requests. More info: - tcpdump at foo actually shows the ping requests (but no replies) - other network interfaces connected at foo also stop answering pings - icmp_echo_ignore_all is 0 - foo cannot even ping itself. I would swear it was able to ping itself, but just went to confirm it for this mail and found out it isn't. I took a look at icmp.c to see where the packet could get dropped but found nothing. I assume it's some kind of DOS prevention, but I don't know where it is taking place nor how to revert it. Any hint would be appreciated. Thanks in advance! -- Luis Carlos Cobo Rus GnuPG ID: 44019B60 cozybit Inc. - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
