netdev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: missing icmp errors for udp packets

from [Pekka Savola] [Permanent Link][Original]
To: clemens <therapy@xxxxxxxxxxxxx>
Subject: Re: missing icmp errors for udp packets
From: Pekka Savola <pekkas@xxxxxxxxxx>
Date: Sun, 29 Jul 2001 07:57:48 +0300 (EEST)
Cc: Alexey Kuznetsov <kuznet@xxxxxxxxxxxxx>, <netdev@xxxxxxxxxxx>, <linux-kernel@xxxxxxxxxxxxxxxx>
In-reply-to: <20010728231330.A2941@ghanima.endorphin.org>
Sender: owner-netdev@xxxxxxxxxxx 
On Sat, 28 Jul 2001, clemens wrote:
> to anyone who is not convinced, try out yourself:
> udp scan host A from host B with 'nmap -sU -p 1-10' and 'tcpdump -i eth0' on
> host A before you do this.

I did a little bit of investigation, and I think the reason for this can
seen.  Not from the dump though:

[problem; generated by nmap but no response sent]:
07:34:52.126018 193.94.160.1.5000 > 193.166.3.23.1025:  [udp sum ok] udp 0 (ttl 
37, id 49936, len 28)
0x0000   4500 001c c310 0000 2511 aca3 c15e a001        E.......%....^..
0x0010   c1a6 0317 1388 0401 0008 c237 0000 0000        ...........7....
0x0020   0000 0000 0000 0000 0000 0000 0000             ..............

[no problem; generated by nmap]:
07:34:36.426851 193.94.160.1.5000 > 193.166.3.23.1025:  [udp sum ok] udp 0 (ttl 
35, id 13201, len 28)
0x0000   4500 001c 3391 0000 2311 3e23 c15e a001        E...3...#.>#.^..
0x0010   c1a6 0317 1388 0401 0008 c237 0000 0000        ...........7....
0x0020   0000 0000 0000 0000 0000 0000 0000             ..............

I've also tried different kinds of payload lengths, DF bits etc.  No
effect.

HOWEVER, I noticed that 'nmap -P0' (ie. don't ping first) always works
without problems!

Problems occur (if you ping first) if you have
net.ipv4.icmp_echoreply_rate=0 (the default).

Setting:

# sysctl -w net.ipv4.icmp_echoreply_rate=100

(other rates also being 100)

will work around the problem.


So in conclusion:

with net.ipv4.icmp_echoreply_rate=0:

07:46:13.619681 193.94.160.1.5000 > 193.166.3.23.1025:  udp 0
07:46:13.619681 193.166.3.23 > 193.94.160.1: icmp: 193.166.3.23 udp port
1025 unreachable [tos 0xc0]

07:46:32.828636 193.94.160.1 > 193.166.3.23: icmp: echo request
07:46:32.828636 193.166.3.23 > 193.94.160.1: icmp: echo reply
07:46:33.138619 193.94.160.1.5000 > 193.166.3.23.1025:  udp 0
07:46:33.438603 193.94.160.1.5000 > 193.166.3.23.1025:  udp 0


with net.ipv4.icmp_echoreply_rate=100:

07:54:23.543076 193.94.160.1.5000 > 193.166.3.23.1025:  udp 0
07:54:23.543076 193.166.3.23 > 193.94.160.1: icmp: 193.166.3.23 udp port
1025 unreachable [tos 0xc0]

07:54:28.832790 193.94.160.1 > 193.166.3.23: icmp: echo request
07:54:28.832790 193.166.3.23 > 193.94.160.1: icmp: echo reply
07:54:29.292765 193.94.160.1.5000 > 193.166.3.23.1025:  udp 0
07:54:29.292765 193.166.3.23 > 193.94.160.1: icmp: 193.166.3.23 udp port
1025 unreachable [tos 0xc0]


So there does appear to be a rather elusive bug here.  Same behaviour with
2.2 series.

-- 
Pekka Savola                 "Tell me of difficulties surmounted,
Netcore Oy                   not those you stumble over and fall"
Systems. Networks. Security.  -- Robert Jordan: A Crown of Swords
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: missing icmp errors for udp packets, clemens
Next by Date:  Re: missing icmp errors for udp packets, clemens
Previous by Thread:  Re: missing icmp errors for udp packets, clemens
Next by Thread:  Re: missing icmp errors for udp packets, clemens
Indexes:  [Date] [Thread] [Top] [All Lists]