RE: ICMP ttl-exceeded packets not sourced correctly

[David Schwartz]

> Say you have a router, and it's multihomed to two different isp's,
> say cogentco.com and qwest.net as your upstreams.
> On your cogent interface, you have the ip address on the /30
> assigned by cogent,
> with reverse dns being blahblah.demarc.cogentco.com on the qwest
> interface.
> Same story with qwest, with reverse dns being whatever.qwest.net.
> Now let's say someone out on the internet with ip address of 1.1.1.1 runs
> a traceroute into your network and his incoming path to your
> network comes over qwest.
> Your router's hop should source its ICMP ttl-exceeded code (the
> traceroute hop) on
> its qwest /30 ip address, because thats where the traceroute got
> triggered.
> ICMP ttl-exceeded code's response should not be originated from
> the interface
> holding the route, but should be origianted from the interface
> that got hit
> with the traceroute.

	Why? If the same machine has two IP addresses, reaching one is the same as
reaching the other.

	DS


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/