Re: udp traceroute dropping packets

[Philippe Troin]

Russell Miller <rmiller@xxxxxxxxxxxx> writes:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> I came across this archived linux-kernel message:
> 
> http://www.uwsg.iu.edu/hypermail/linux/net/0007.2/0111.html
> 
> I am having the exact same problem as is outlined there, from a post three 
> years ago.  Here's a summary:
> 
> "I think I've found a bug in UDP/ICMP code in the kernel using 
>  traceroute. 
>  
> To reproduce: Launch traceroute -n to some Linux system nearby 
>  really quickly 3 times in the row; localhost won't work, it has to go 
>  through network. Quick response is crucial. I used systems w/ in 
>  the same physical network and a few routers between (still < 5 ms 
>  response). 
>  
> The effect: On third traceroute (or perhaps second/first, if you're quick 
>  enough), ICMP port unreachable will not be sent to the UDP datagram. "
> 
> I reproduced this on a redhat 8.0 machine running kernel 2.4.23.
> Changing to the -I option of traceroute (to use ICMP) works
> flawlessly.  I'll be glad to provide more information if you need
> it.  Please CC, as I'm not subscribed.

You're probably hitting the ICMP rate limit.

Play with /proc/sys/net/ipv4/icmp_rate*.

 - increase /proc/sys/net/ipv4/icmp_ratelimit

or

 - clear bit 3 in /proc/sys/net/ipv4/icmp_ratemask

Phil.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/