[nsp] RPF problem with ICMP unreachables

Stephen J. Wilcox steve@telecomplete.co.uk
Sun, 24 Nov 2002 15:40:43 +0000 (GMT)


On Sun, 24 Nov 2002, Rajesh Talpade wrote:

> > 
> > How does one force a router to not use *highest* IP address to return ICMP 
> > unreachables and instead use the interface from where the ICMP came?
> 
> Wouldn't this be rather hard to do since ICMP messages are processed
> inside the router's processing engine, and such ability requires keeping
> state about what interface an IP packet arrived on?
> 
> Also, the path back to the ICMP originator may not be over the interface
> that the ICMP arrived into the router, so what IP address would one
> assign as the source of the ICMP unreachable?

I would assume that to take the source address of the exiting interface would be
the most sensible approach.. as this interface is participating in the switching
path towards the destination (of the icmp) you would assume it has a valid ip
address and is better than a random address which may come from a private net
running on the same router. No need to keep state either. 

I thought this was the current behaviour?

Steve

 > 
> Just a thought.
> 
> Rajesh.
> 
> 
> > 
> > -Hank
> _______________________________________________
> cisco-nsp mailing list  real_name)s@puck.nether.net
> http://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>