> A filter on the port with the default route can be used to capture
> these, but then the packets just die. Shouldn't the PM instead return a
> host unreachable (or maybe network unreachable) packet? If ComOS had a
> null interface (bit bucket) and had a default route to null with a high
> metric for advertised addresses, this wouldn't be a problem.
I agree routing the pool to null0 would seem cleaner, but I finally spent
a few minutes setting up a filter for ether0 output, and it does now
generate host unreach:
yoda:~$ traceroute -i 205.229.60.33
traceroute to 205.229.60.33 (205.229.60.33), 30 hops max, 40 byte packets
1 pm1.fdt.net (205.229.48.10) 2 ms 10 ms 2 ms
2 ISDN-2.pm1.gnv.fdt.net (205.229.60.33) 207 ms 96 ms 32 ms
yoda:~$ traceroute -i 205.229.60.34
traceroute to 205.229.60.34 (205.229.60.34), 30 hops max, 40 byte packets
1 pm1.fdt.net (205.229.48.10) 2 ms 3 ms 2 ms
2 pm1.fdt.net (205.229.48.10) 2 ms !H 2 ms !H 2 ms !H
I'd rather fix it by routing rather than filtering...but it works.
------------------------------------------------------------------
Jon Lewis <jlewis@fdt.net> | Unsolicited commercial e-mail will
Network Administrator | be proof-read for $199/message.
Florida Digital Turnpike |
______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key____
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.