Firewall Wizards mailing list archives

Re: ICMP Packets.

From: blast <blast () broder com>
Date: Sun, 7 Jun 1998 13:34:28 -0700 (PDT)

On Sat, 6 Jun 1998, Darren Reed wrote:

In some email I received from tqbf () pobox com, sie wrote:

You could consider adding "source quench" ICMP messages to the "let
through" list.


Why? Source quench is deprecated (generating even more traffic in
diagnostic messages as a result of congestion isn't the best design), and
some operating systems may misbehave in reacting to them.


I didn't know it was deprecated...since when did that happen ?
At least FreeBSD 2.2.5 generates and handles them, so it must
of happened while someone wasn't looking.


I want to chime in on this 'Source quench' topic.

ICMP is IP's janitor and you have to ask yourself whether you can 
run the show with or without a janitor.  (Also, ask yourself
whether the janitor can be asked to do nasty things to your
system.):-)

Some of the more interesting uses of ICMP Source Quench I've 
experienced have been from routing vendors who will use it to 
signal IP (Layer3) with the congestion state of a Layer2 Protocol.
An example of this would be Frame Relay (Layer2) FECN/BECN's being
signaled within Layer2 and the end-point routers signaling each
other with ICMP Source Quench to make IP aware of what is going 
on at Layer2.   Whether this is successful is another story because
of vendors implementation and network eng. configurations.

Keep in mind that not all Layer3 protocols offer a "quenching"
facility so when you have a router that is offering transit for 
Layer3 multiple protocols, consider that the other protocols may
start to hog resources when congestion is experienced.
IP is has an opportunity to be polite.

-Tim Keanini
   %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
   \    Tim Keanini    |         "The limits of my language,            /
   /                   |         are the limits of my world."           \
   \ blast () broder com  |         --Ludwig Wittgenstein                  /
   \                   +================================================/
   |Key fingerprint =  7B 68 88 41 A8 74 AB EC  F0 37 98 4C 37 F7 40 D6 |
   /    PUB KEY: http://www-swiss.ai.mit.edu/~bal/pks-commands.html     \
   %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

Current thread:

Re: ICMP Packets., (continued)
- - Re: ICMP Packets. Perry E. Metzger (Jun 03)
    - Re: ICMP Packets. Bennett Todd (Jun 04)
    - Re: ICMP Packets. Paul D. Robertson (Jun 05)
- Re: ICMP Packets. Don Kendrick (Jun 02)
  - Re: ICMP Packets. Perry E. Metzger (Jun 03)
    - Re: ICMP Packets. matthew green (Jun 04)
    - Re: ICMP Packets. Bennett Todd (Jun 04)
    - Re: ICMP Packets. Darren Reed (Jun 05)
    - Re: ICMP Packets. tqbf (Jun 07)
    - Re: ICMP Packets. Darren Reed (Jun 07)
    - Re: ICMP Packets. blast (Jun 08)
    - Re: ICMP Packets. Aleph One (Jun 09)
    - Re: ICMP Packets. Ge' Weijers (Jun 05)
    - Re: ICMP Packets. Bennett Todd (Jun 05)
    - Re: ICMP Packets. tqbf (Jun 04)
    - Re: ICMP Packets. Paul D. Robertson (Jun 05)
- Re: ICMP Packets. Andrew Yeomans (Jun 03)
- Re: ICMP Packets. john_smith (Jun 05)
  - Re: ICMP Packets.uy tqbf (Jun 07)
  - Re: ICMP Packets. Henry Hertz Hobbit (Jun 07)
- Re: ICMP Packets. john_smith (Jun 05)

(Thread continues...)