From owner-freebsd-questions Mon Dec 11 12: 4: 8 2000 From owner-freebsd-questions@FreeBSD.ORG Mon Dec 11 12:04:06 2000 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mailhost01.reflexnet.net (mailhost01.reflexnet.net [64.6.192.82]) by hub.freebsd.org (Postfix) with ESMTP id 8C9D537B400 for ; Mon, 11 Dec 2000 12:04:05 -0800 (PST) Received: from 149.211.6.64.reflexcom.com ([64.6.211.149]) by mailhost01.reflexnet.net with Microsoft SMTPSVC(5.5.1877.197.19); Mon, 11 Dec 2000 12:02:29 -0800 Received: (from cjc@localhost) by 149.211.6.64.reflexcom.com (8.11.0/8.11.0) id eBBK3rs22112; Mon, 11 Dec 2000 12:03:53 -0800 (PST) (envelope-from cjc) Date: Mon, 11 Dec 2000 12:03:53 -0800 From: "Crist J. Clark" To: Steven Cc: freebsd-questions@FreeBSD.ORG Subject: Re: ICMP redirect packets Message-ID: <20001211120353.C21549@149.211.6.64.reflexcom.com> Reply-To: cjclark@alum.mit.edu References: <20001210211834.S96105@149.211.6.64.reflexcom.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: ; from steven@trance.org on Mon, Dec 11, 2000 at 02:13:48PM -0000 Sender: cjc@149.211.6.64.reflexcom.com Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, Dec 11, 2000 at 02:13:48PM -0000, Steven wrote: > > > I have a query to do with icmp redirect packets. I'm not > > entirely sure what > > > they are, but my machine is sending a lot of them over the > > network and I am > > > not sure if it is meant to be doing! :-) > > > > Are you running routed(8)? Turn it off. You don't need it. > > not that i can see (it does not appear in ps -ax and there is no option set > in my kernel config file). I added the following to my kernel config before > the last recompile, as specified in a natd help document i read: [snip] Hmmm. Nothing surprising there. So, there are three places the redirects could be coming from (1) the gateway OS, (2) from a process on the gateway, or (3) a machine behind the gateway. IIRC, you said that the redirects looked like a response to a incoming broadcast. That would seem to imply that (3) is not a likely choice, and you can quickly verify that by looking for redirects on your private net. As for (2), no routed. Any other routing or network daemons besides natd? To fully investigate (1), what do the redirects look like again, what is the ifconfig on the public interface, and what does your routing table look like? However, I think the sysctl knob, net.inet.ip.redirect, should silence this if you just want to stop it, # sysctl -w net.inet.ip.redirect=0 And, # echo "net.inet.ip.redirect=0" >> /etc/sysctl.conf To preserve the setting over reboots. Turning off the redirects should not break anything. Other machines on the network should not be looking to yours for routing hints, should they? -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message