A theoretical problem involving ping

Hello,

What happens if a router receives and ICMP Echo request, but the source
address in the IP packet it is contained in doesn't match any entries in
its routing table, and the default gateway isn't set?

Thanks,
Nikola

Hello,

Nikola Novak a écrit :
>
> What happens if a router receives and ICMP Echo request, but the source
> address in the IP packet it is contained in doesn't match any entries in
> its routing table, and the default gateway isn't set?

As this is a Linux networking group, I'll assume that your question is
about a Linux-based router.

If source address filtering by reverse path (rp_filter) is enabled on
the incoming interface, then the packet is discarded. The packet is also
discarded if the output interface for the source address in the routing
table does not match the incoming interface of the packet. Otherwise,
the packet is forwarded.

On Thu, 14 Jan 2010 21:17:59 +0100, Pascal Hambourg wrote:

> Hello,
>
> Nikola Novak a écrit :
>>
>> What happens if a router receives and ICMP Echo request, but the source
>> address in the IP packet it is contained in doesn't match any entries in
>> its routing table, and the default gateway isn't set?
>
> As this is a Linux networking group, I'll assume that your question is
> about a Linux-based router.
>
> If source address filtering by reverse path (rp_filter) is enabled on
> the incoming interface, then the packet is discarded. The packet is also
> discarded if the output interface for the source address in the routing
> table does not match the incoming interface of the packet. Otherwise,
> the packet is forwarded.

Sorry, I thought I made it clear that the ICMP Echo request was sent to the
address of the router in question (the one that received it), and wasn't
meant to be forwarded. Therefore, the router needs to send back the ICMP
Echo Reply packet (assuming this is enabled), but the source address from
the IP packet it received doesn't match any of the entries in its routing
tables, and it doesn't use the default gateway. What happens?

Assume that rp_filter is disabled and the packet arrived on the proper
interface according to the routing table.

Thanks,
Nikola

Nikola Novak a écrit :
> On Thu, 14 Jan 2010 21:17:59 +0100, Pascal Hambourg wrote:
>
>> Nikola Novak a écrit :
>>> What happens if a router receives and ICMP Echo request, but the source
>>> address in the IP packet it is contained in doesn't match any entries in
>>> its routing table, and the default gateway isn't set?
>>
>> As this is a Linux networking group, I'll assume that your question is
>> about a Linux-based router.
>>
>> If source address filtering by reverse path (rp_filter) is enabled on
>> the incoming interface, then the packet is discarded. The packet is also
>> discarded if the output interface for the source address in the routing
>> table does not match the incoming interface of the packet. Otherwise,
>> the packet is forwarded.
>
> Sorry, I thought I made it clear that the ICMP Echo request was sent to the
> address of the router in question (the one that received it), and wasn't
> meant to be forwarded.

Then just replace "forwarded" by "locally delivered" in my previous
reply. Sorry but it was not clear to me. Why a router and not a host ?

> Therefore, the router needs to send back the ICMP
> Echo Reply packet (assuming this is enabled), but the source address from
> the IP packet it received doesn't match any of the entries in its routing
> tables, and it doesn't use the default gateway. What happens?

Nothing. As Moe wrote, there is no route so the ICMP echo reply cannot
be sent, end of the story. Maybe the kernel sends a "network
unreachable" error to itself, but this is rather pointless IMHO.

> Assume that rp_filter is disabled and the packet arrived on the proper
> interface according to the routing table.

If there is no route for the source address, then there is no proper
interface either. Anyway when rp_filter is disabled, it does not matter
whether there is a route or not.

Pascal Hambourg <boite-a-(E-Mail Removed)> wrote:
> Nothing. As Moe wrote, there is no route so the ICMP echo reply cannot
> be sent, end of the story. Maybe the kernel sends a "network
> unreachable" error to itself, but this is rather pointless IMHO.

Hopefully it will at least increment a statistic somewhere. But
indeed, there is not anything else for it to do really.

rick jones
--
The glass is neither half-empty nor half-full. The glass has a leak.
The real question is "Can it be patched?"
these opinions are mine, all mine; HP might not want them anyway...
feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH...

"Moe Trin" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> On Thu, 14 Jan 2010, in the Usenet newsgroup comp.os.linux.networking, in
> article <1lp850idw5sg.15tb7yx3ssl8u$.(E-Mail Removed)>, Nikola Novak wrote:
>
> >What happens if a router receives and ICMP Echo request, but the
> >source address in the IP packet it is contained in doesn't match any
> >entries in its routing table, and the default gateway isn't set?
>
> It forwards the packet to the destination host. If that destination
> is itself and the ping function is not disabled, it can't reply - so
> drop the packet. Originally, it would not try to send an ICMP
> error (requirement - no ICMP error to ICMP), but that's now been
> re-written as "no ICMP error to an ICMP _error_ packet" and a ping
> isn't an error. None the less, who would it try to send the error
> to? You can't get there from here.

Obviously wrong. It can't send an echo reply to the ping originator
because there's no route to the host. The packet is dropped as ICMP
reply-type packets don't generate ICMP error packets.

On Fri, 15 Jan 2010 12:22:02 +0100, Pascal Hambourg wrote:

> Nikola Novak a écrit :
>> On Thu, 14 Jan 2010 21:17:59 +0100, Pascal Hambourg wrote:
>>
>>> Nikola Novak a écrit :
>>>> What happens if a router receives and ICMP Echo request, but the source
>>>> address in the IP packet it is contained in doesn't match any entries in
>>>> its routing table, and the default gateway isn't set?
>>>
>>> As this is a Linux networking group, I'll assume that your question is
>>> about a Linux-based router.
>>>
>>> If source address filtering by reverse path (rp_filter) is enabled on
>>> the incoming interface, then the packet is discarded. The packet is also
>>> discarded if the output interface for the source address in the routing
>>> table does not match the incoming interface of the packet. Otherwise,
>>> the packet is forwarded.
>>
>> Sorry, I thought I made it clear that the ICMP Echo request was sent to the
>> address of the router in question (the one that received it), and wasn't
>> meant to be forwarded.
>
> Then just replace "forwarded" by "locally delivered" in my previous
> reply. Sorry but it was not clear to me. Why a router and not a host ?

No reason, really. The reason I'm even asking is because I've arrived at
the situation while solving a problem while practicing for an exam
(although, in the problem hosts are used, not routers). And besides, it's
an interesting situation in practice as one of the posters noted.

>> Therefore, the router needs to send back the ICMP
>> Echo Reply packet (assuming this is enabled), but the source address from
>> the IP packet it received doesn't match any of the entries in its routing
>> tables, and it doesn't use the default gateway. What happens?
>
> Nothing. As Moe wrote, there is no route so the ICMP echo reply cannot
> be sent, end of the story. Maybe the kernel sends a "network
> unreachable" error to itself, but this is rather pointless IMHO.

I assumed the packet would be dropped, I was just confused whether any
error messages would be sent back over the network (the problem is to
display traffic on the network). The MAC address is stripped off the packet
in the Data Link Layer, so the Network Layer which examines the IP packet
doesn't have it, so it can't send anything anywhere meaningful, right?

>> Assume that rp_filter is disabled and the packet arrived on the proper
>> interface according to the routing table.
>
> If there is no route for the source address, then there is no proper
> interface either. Anyway when rp_filter is disabled, it does not matter
> whether there is a route or not.

OK, just wanted to establish a set-up that wouldn't cause us to digress
from the answer I needed.

Anyway, thanks for all your answers.

Nikola

Nikola Novak a écrit :
>
> I assumed the packet would be dropped, I was just confused whether any
> error messages would be sent back over the network (the problem is to
> display traffic on the network). The MAC address is stripped off the packet
> in the Data Link Layer, so the Network Layer which examines the IP packet
> doesn't have it, so it can't send anything anywhere meaningful, right?

Even though, so what ? This remark makes no sense.
The source MAC address of the echo request packet is the MAC address of
the last router which forwarded it to its final destination. There is no
point in sending an error message to that router saying "hey, I cannot
send a reply to the source of that packet". If an error is to be sent,
it is to the source of the echo reply that cannot be sent, aka the
destination of the echo request aka the local host itself, and nowhere else.

Keep in mind that the packet that creates the error is the echo reply,
not the echo request.

On Mon, 18 Jan 2010 00:47:29 +0100, Pascal Hambourg wrote:

> Nikola Novak a écrit :
>>
>> I assumed the packet would be dropped, I was just confused whether any
>> error messages would be sent back over the network (the problem is to
>> display traffic on the network). The MAC address is stripped off the packet
>> in the Data Link Layer, so the Network Layer which examines the IP packet
>> doesn't have it, so it can't send anything anywhere meaningful, right?
>
> Even though, so what ?

Huh?

> This remark makes no sense.
> The source MAC address of the echo request packet is the MAC address of
> the last router which forwarded it to its final destination. There is no
> point in sending an error message to that router saying "hey, I cannot
> send a reply to the source of that packet". If an error is to be sent,
> it is to the source of the echo reply that cannot be sent, aka the
> destination of the echo request aka the local host itself, and nowhere else.
>
> Keep in mind that the packet that creates the error is the echo reply,
> not the echo request.

Right, I understand that now.

Thanks again,
Nikola