[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ICMP:::Protocol Unreachable Error

To: kernelnewbies@nl.linux.org
Subject: Re: ICMP:::Protocol Unreachable Error
From: Seth Arnold <sarnold@wirex.com>
Date: Mon, 2 Dec 2002 23:43:20 -0800
In-Reply-To: <20021203071407.55214.qmail@web10803.mail.yahoo.com>
List-archive: <http://mail.nl.linux.org/kernelnewbies/>
List-help: <mailto:listar@nl.linux.org?Subject=help>
List-owner: <mailto:riel@nl.linux.org>
List-post: <mailto:kernelnewbies@nl.linux.org>
List-software: Listar version 1.0.0
List-subscribe: <mailto:kernelnewbies-request@nl.linux.org?Subject=subscribe>
List-unsubscribe: <mailto:kernelnewbies-request@nl.linux.org?Subject=unsubscribe>
Mail-Followup-To: kernelnewbies@nl.linux.org
Original-Recipient: rfc822;kernelnewbies-archive@nl.linux.org
References: <20021203071407.55214.qmail@web10803.mail.yahoo.com>
Sender: kernelnewbies-bounce@nl.linux.org
User-Agent: Mutt/1.4i

On Mon, Dec 02, 2002 at 11:14:07PM -0800, paridhi bansal wrote:
> When A pings to B using the gateway, gateway forwards
> the packet correctly to B. B receives the echo request
> packet. however,in return B sends the ICMP packet of
> type 3 code 2 i.e. destination unreachable (Protocol
> unreachable). And B sends this packet to gateway's
> 10.2.1.2 interface and not to A.
> 
> What canm be the possible problem???What's the way
> out??

I don't understand the problem. You are using a gateway to send traffic
from A to B, and then are surprised when B sends traffic to A through
the gateway? Or, is B sending packets to the gateway with the destination
IP set to the gateway? If this is the case, it is probably because you
re-wrote the source address of packets leaving the gateway -- you'll
need to re-write the destination address of packets returning to the
gateway as the NAT NetFilter modules do...

Perhaps schematics:
A sends packet (src=A dest=B) to gateway.
gateway sends modified packet (src=gateway dest=B) to B.
B receives packet (src=gateway dest=B) from gateway.

The return trip:
B sends packet (src=B dest=gateway) to gateway.
gateway _should_ send modified packet (src=B dest=A) to A.
A _should_ receive (src=b dest=A) from gateway.

Depending upon the NAT semantics in use, it might be the case that
neither A nor B know the IP addresses of the other end point -- they may
know only their own IP and the gateway IP. I think one form is known as
just 'NAT', and the others as 'SNAT' and 'DNAT', but the terms never
made sense to me. (I'll admit that's because I've never used a system
that cared about the names. If I used IPTables to perform NAT, I'd
probably know the acronyms by now...)

HTH

-- 
"There's an old saying in Tennessee, i know it's in Texas, probably in
Tennessee, that says, 'Fool me once... shame on ... shame on .. you; but
fool--you can't get fooled again.'" -- Commander in Chief of the US Military

PGP signature

References:
- ICMP:::Protocol Unreachable Error
  - From: paridhi bansal <paridhibansal@yahoo.com>

Prev by Date: inode->i_ino
Next by Date: Re: inode->i_ino
Prev by thread: ICMP:::Protocol Unreachable Error
Next by thread: inode->i_ino
Index(es):
- Date
- Thread