Chuck Swiger wrote:
On Mar 20, 2007, at 4:05 PM, Jon Otterholm wrote:
When setting net.inet.ip.redirect=0 on my routers, the icmp-redirects
disappear, but instead I get a large amount of ICMP-time-exceed
from my
routers.
The information you've provided strongly suggests either problems
with the netmasks being used, or a routing loop, or some combination
of both.
I have checked netmasks and they are all on the same network. There
should not be any routing involved in the communication between these
hosts.
OK. Care to show a "tcpdump -ntv icmp" illustrating the problem...? :-)
Nope :-)
I dug a little deeper into this. It seems like my problems are far more
extensive than I first expected.
I did not mention earlier that all if's are vlan-based sub-intefaces. It
seems that if I move admin-if's on my routers to a different physical if
than the one with the default route, all weird time-exeed/redir are gone
and all traffic on my Nagios-machine are OK.
It seems allmost as if my routers can not hold apart inbound traffic
destined to different sub-if's on one physical if. Can this be it? I
have checked my topology from all around now and I can not find any
routing loops.
For example: Router1 has it's default route connected to em0.10. With
admin-net on em0.20 I get my icmp-floods. Moving admin-net to em1.20
makes the icmp-floods go away.
A possible bug in if_vlan?
//Jon
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
