[c-nsp] how to get ICMP host unreachables?
lee.e.rian at census.gov
lee.e.rian at census.gov
Fri Apr 8 10:07:05 EDT 2005
Thanks Oli. That makes my job a lot easier; now I get to tell the users
"nope, nothing I can do for you" <grin>
Just out of curiosity tho... it does seem like the router saves at least
one packet while waiting for the arp reply.
If I do a 'clear arp' on the router only some of the arp entries disappear.
Picking one of the hosts that does have it's arp entry cleared out, pinging
it gets a 100% response rate. Is there something else going on under the
hood that keeps the first ping packet around while the router sends the arp
request & waits for the reply? If it makes a difference, the router in
question is a cat6500/SUP720 running IOS 12.2(17d)SXB6 and, at least as far
as I can tell, CEF is enabled.
Thanks again,
Lee
"Oliver Boehmer \(oboehmer\)" <oboehmer at cisco.com> wrote on 04/08/2005
08:40:39 AM:
> lee.e.rian at census.gov <> wrote on Friday, April 08, 2005 1:57 PM:
>
> > Will a cisco router ever send a host unreachable because a host
> > doesn't answer ARP requests?
>
> It won't.
>
> RFC1812 states in 3.3.2:
>
> The link layer MUST NOT report a Destination Unreachable error to IP
> solely because there is no ARP cache entry for a destination; it
> SHOULD queue up to a small number of datagrams breifly while
> performing the ARP request/reply sequence, and reply that the
> destination is unreachable to one of the queued datagrams only when
> this proves fruitless
>
> IOS does not implement the "SHOULD" clause, i.e. it does not queue the
> datagrams (assuming CEF) and it also doesn't send unreachables.. This
> has been day-one behaviour, and I'm not sure why this is needed.
>
> Further down in the RFC it says:
>
> 4.3.3.1 Destination Unreachable
>
> If a packet is to be forwarded to a host on a network that is
> directly connected to the router (i.e., the router is the last-hop
> router) and the router has ascertained that there is no path to the
> destination host then the router MUST generate a Destination
> Unreachable, Code 1 (Host Unreachable) ICMP message.
>
> Can we ascertain that there is no path if we don't receive an ARP reply?
> I think this is debatable, unfortunately this hasn't been defined more
> precisely.
>
> oli
More information about the cisco-nsp
mailing list