Re: missing icmp errors for udp packets

From: Chris Wedgwood (
Date: Tue Jul 31 2001 - 15:53:36 EST

On Tue, Jul 31, 2001 at 10:59:39PM +0300, Pekka Savola wrote:

    bad ping responder == bad PR ;-)

    And anyway, who is anyone to judge what the system should be used

    I want a system to respond to ping without limitations; it's good
    for debugging, diagnostics, etc. If I want, I can just filter the
    requests out, or rate-limit the responses.

People who want to do strange stuff can tweak via sysctl.

    However, ICMP error messages cannot be effectively filtered; they
    may happen due to TTL=0 when forwarding, legit or illegit UDP
    connection etc.; only way to effectively limit them is by
    rate-limiting. If rate-limiting with informational and error
    types are the same, we have an inflexible situation here.

Networks are lossy, you can spill the odd packet anyhow.

It was just a suggestion that we merge all ICMP rate-limiting for
simplicity, I don't see it being an issue for the majority of users.

Perhaps I am wrong, in which case DaveM and Alexey will ignore me :)

I really don't see the need to continue to discuss this further on the
list, but by all means flame me in private!

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

This archive was generated by hypermail 2b29 : Tue Jul 31 2001 - 21:00:53 EST