blank.gif (43 bytes)

Church Of The
Swimming Elephant

Search:
4.3.2.7 When Not to Send ICMP Errors Connected: An Internet Encyclopedia
4.3.2.7 When Not to Send ICMP Errors

Up: Connected: An Internet Encyclopedia
Up: Requests For Comments
Up: RFC 1812
Up: 4. INTERNET LAYER - PROTOCOLS
Up: 4.3 INTERNET CONTROL MESSAGE PROTOCOL - ICMP
Up: 4.3.2 GENERAL ISSUES
Prev: 4.3.2.6 Source Route
Next: 4.3.2.8 Rate Limiting

4.3.2.7 When Not to Send ICMP Errors

4.3.2.7 When Not to Send ICMP Errors

An ICMP error message MUST NOT be sent as the result of receiving:

  • An ICMP error message, or

  • A packet which fails the IP header validation tests described in Section [5.2.2] (except where that section specifically permits the sending of an ICMP error message), or

  • A packet destined to an IP broadcast or IP multicast address, or

  • A packet sent as a Link Layer broadcast or multicast, or

  • A packet whose source address has a network prefix of zero or is an invalid source address (as defined in Section [5.3.7]), or

  • Any fragment of a datagram other then the first fragment (i.e., a packet for which the fragment offset in the IP header is nonzero).

Furthermore, an ICMP error message MUST NOT be sent in any case where this memo states that a packet is to be silently discarded.

NOTE: THESE RESTRICTIONS TAKE PRECEDENCE OVER ANY REQUIREMENT ELSEWHERE IN THIS DOCUMENT FOR SENDING ICMP ERROR MESSAGES.

DISCUSSION

These rules aim to prevent the broadcast storms that have resulted from routers or hosts returning ICMP error messages in response to broadcast packets. For example, a broadcast UDP packet to a non- existent port could trigger a flood of ICMP Destination Unreachable datagrams from all devices that do not have a client for that destination port. On a large Ethernet, the resulting collisions can render the network useless for a second or more.

Every packet that is broadcast on the connected network should have a valid IP broadcast address as its IP destination (see Section [5.3.4] and [INTRO:2]). However, some devices violate this rule. To be certain to detect broadcast packets, therefore, routers are required to check for a link-layer broadcast as well as an IP-layer address.

IMPLEMENTATION

This requires that the link layer inform the IP layer when a link-layer broadcast packet has been received; see Section [3.1].


Next: 4.3.2.8 Rate Limiting

Connected: An Internet Encyclopedia
4.3.2.7 When Not to Send ICMP Errors

Cotse.Net

Protect yourself from cyberstalkers, identity thieves, and those who would snoop on you.
Stop spam from invading your inbox without losing the mail you want. We give you more control over your e-mail than any other service.
Block popups, ads, and malicious scripts while you surf the net through our anonymous proxies.
Participate in Usenet, host your web files, easily send anonymous messages, and more, much more.
All private, all encrypted, all secure, all in an easy to use service, and all for only $5.95 a month!

Service Details

 
.
www.cotse.com
Have you gone to church today?
.
All pages ©1999, 2000, 2001, 2002, 2003 Church of the Swimming Elephant unless otherwise stated
Church of the Swimming Elephant©1999, 2000, 2001, 2002, 2003 Cotse.com.
Cotse.com is a wholly owned subsidiary of Packetderm, LLC.

Packetderm, LLC
210 Park Ave #308
Worcester, MA 01609