[189492] in North American Network Operators' Group
Re: rfc 1812 third party address on traceroute
daemon@ATHENA.MIT.EDU (Owen DeLong)
Tue May 31 10:37:40 2016
X-Original-To: nanog@nanog.org
From: Owen DeLong <owen@delong.com>
In-Reply-To: <20160531082733.GA1862@57.rev.meerval.net>
Date: Tue, 31 May 2016 07:35:30 -0700
To: Job Snijders <job@instituut.net>
Cc: North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
It seems to me that a plain text reading of RFC-1812 is as Randy describes u=
ndesirable. It also seems that the violation of this text is commonplace in a=
ctual implementations because of yet another time where operators have made i=
t clear to developers that the IETF is silly.=20
I like the Linux solution... Comply with the RFC by default and provide a kn=
ob to do the "right thing" if desired.=20
Best of all would be to put forth an errata against RFC1813 to change the te=
xt to specify the inbound interface of the packet triggering the ICMP messag=
e when applicable. The behavior currently described should be preserved for I=
CMP packets which are not triggered by inbound packets.=20
Owen
> On May 31, 2016, at 01:27, Job Snijders <job@instituut.net> wrote:
>=20
>> On Mon, May 30, 2016 at 10:03:33PM -0700, Randy Bush wrote:
>> .-----------------.
>> | |
>> | B |--------- D
>> S ---------| A R |
>> | C |--------- (toward S)
>> | |
>> `-----------------'
>>=20
>> if the source of a traceroute from S toward D with TTL to expire on R,
>> and R's FIB wants to exit via C to get back to S (yes, virginia, the
>> internet is highly asymmetric), the source address of the time exceeded
>> message should be C.
>>=20
>> of course, simpletons such as i would desire the source of the time
>> exceeded message to be A. after all, this is the interface to which i
>> sent the icmp with the TTL to expire.
>>=20
>> is anyone seeing the dreaded rfc1812 behavior in a citable fashion? how
>> common is it?
>=20
> On most Linux the default behaviour is using source address "C", but
> this can be corrected by setting the following somewhere in your
> /etc/sysctl.d/ files:
>=20
> # make traceroute nice
> net.ipv4.icmp_errors_use_inbound_ifaddr=3D1
>=20
> Kind regards,
>=20
> Job
