Problem of blocking ICMP packets while calculating Path MTU
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Problem of blocking ICMP packets while calculating Path MTU
Dear All,
I am in process of implementing Path MTU detection technique. So for that I have to send ICMP ECHO request packets to destination host, and process the received ICMP ECHO reply packets.
I read that the ICMP server is embedded in the kernel of OS itself, so there is no need to write server code at all. So for sending and receiving of ICMP packets we will use raw sockets without specifying any port number.
But in between the network, some routers have some firewall configuration so that they will simply drop any incomming ICMP packet without sending any response to the sender. Hence originating host will not be aware of the status of destination host.
These firewall settings are due to some attacks like Ping of deth, Denial of request etc.
Can any one provide me any solution to overcome this problem.
You can try experimenting with the DF ( Don't Fragment ) bit in the IP header.
Send a normal IP packet ( not ICMP ), set the DF bit, and play with the packet size.
True, some routers/firewalls block incoming ICMP packets, but in this case, they will not be receiving one, instead they will be making one for you, and hopefully will send an "ICMP unreachable: fragmentation required".
Hope this helps.
Thanx for response. I tried the same as you suggested me. I sent some IP datagrams to a specified host in my local LAN but couldn't receive any response.
So buddy this thing din't work. Do u have some other alternatives, if then plz let me know.
Do you know of any ready-made tool that successfully does what you are looking for? if so, see if it works in your setup, and if it is open-sourced, have a look at the code to see how did they do it.
If not, then I guess the only way left is to talk to the sys/net/security admins to see if they are blocking ICMP, and if so, ask them to remove it for a little while just for your testing - assuming you aren't the admin ofcourse
Otherwise, sorry, I don't know how this could be done. Maybe someone else reading this can help.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
Problem of blocking ICMP packets while calculating Path MTU
