Re: ICMP Blocking Woes

[Crist Clark <crist.clark () globalstar com>]

John Kristoff wrote:
> On Tue, Sep 30, 2003 at 05:22:25PM -0700, Crist Clark wrote:
> > > Wasn't this based upon the premise that gear should not return ICMP
> > > errors as a result of ICMP packet input as a precaution against error
> > > loops? ie said dodgy router did the _right_ thing?
>
> > That would be disingenious. RFC1122 clearly lists which ICMP are error
> > messages,
>
> The following from W. Richard Stevens' archive presents some additional
> insight:
>
>   <http://www.kohala.com/start/papers.others/vanj.99feb08.txt>

But if you take that quote from RFC792 absolutely literally,

   ...no ICMP messages are sent about ICMP messages.

You shouldn't ever respond to a echo request with an echo reply, or 
timestamp requests/responses, or netmask request/responses, etc.
-- 
Crist J. Clark                               crist.clark () globalstar com
Globalstar Communications                                (408) 933-4387

The information contained in this e-mail message is confidential,
intended only for the use of the individual or entity named above.
If the reader of this e-mail is not the intended recipient, or the
employee or agent responsible to deliver it to the intended recipient,
you are hereby notified that any review, dissemination, distribution or
copying of this communication is strictly prohibited.  If you have
received this e-mail in error, please contact postmaster () globalstar com