AI.CLIVE@MCC.COM (Clive Dawson) (11/04/88)
After sending my previous message in which I wondered what would cause only some hosts on net 10 to be able to communicate with a certain other hosts, I began doing some systematic testing to try and determine what the connectivity was really like. In the process, I discovered the answer to my own question. It turns out that all the prime gateways which my TOPS-20 system knew about were down! Some years ago, the NIC assigned certain MILNET gateways to each Arpanet host. Up until yesterday, these gateways have always been sufficient to provide all the redirect info required. But since all the Milnet gateways apparently went down because of this virus, my system had nobody left to ask. I've added a couple of other non-Milnet prime gateways to my INTERNET.GATEWAYS file, and all is well. I suspect there may be other TOPS-20 systems out there with the same problem, since the practice of having only one or two entries in the gateways file was pretty widespread for a while. Clive -------
fserr@ALEXANDER.BBN.COM (Frederick E Serr BBNCC 20/666 x2474) (11/05/88)
I would urge TOPS-20 administrators NOT to add more than one or two other gateways to their gateways file, if any. The MILNET Mailbridge Gateways were explicitly turned off yesterday to slow the spread of the virus. As you yourself said, their normal reliability is such that one primary gateway and one backup entry was enough to keep your host "connected" for several years without running into this problem. Presumably, turning off the Mailbridges because of external circumstances will continue to be a rare event. The reason for only having one or two entries in the file in the first place is to reduce the amount of ICMP overhead traffic on Arpanet and Milnet. TOPS-20s periodically "ping" all the gateways on their list. A few years back, this was adding up to a substantial fraction of all the traffic on the Arpanet. While one can argue that adding one more gateway to one host will result in only a small amount of traffic, it still seems worth avoiding, when the problem one is fixing is so rare. Fred Serr Network Analysis Dept. BBN Communications
WANCHO@WSMR-SIMTEL20.ARMY.MIL ("Frank J. Wancho") (11/05/88)
Clive, I discovered the same problem last night caused by the fact that the prime gateways were down (either deliberately taken down, looped off the net or powered down by the NOC) in an effort to compartmentalize the spread of the worm (not virus). It is not just the TOPS20 hosts which depend on these gateways for ICMP REDIRECTs - all hosts using the prime gateways do. Once I added a couple of other gateways, everything started flowing again everywhere except across the MIL-ARPA gateways (as I believe was the intent in shutting off those gateways). The lesson to be learned from this is that we should have at least one other non-MIL-ARPA prime gateway in the list of assigned gateways should it become necessary to isolate those two nets from each other in the future. --Frank
SRA@XX.LCS.MIT.EDU (Rob Austein) (11/05/88)
Clive, Right. Here's the rest of the story. XX and Score are configured differently than MCC or NIC, because while all four are multi-homed hosts, XX and Score are not the sole contact points between the nets to which they are connected. Eg, XX is connected to nets 10 and 18, but so is GW.LCS.MIT.EDU. A multi-homed TOPS-20 in this configuration needs more entries in its INTERNET.GATEWAYS file than just its IMP's two assigned "mailbridge" gateways, eg, XX's also lists GW, KLUDGE.AI.MIT.EDU, SLUDGE.LCS.MIT.EDU, and SEWAGE.MIT.EDU. Yesterday XX ended up routing all of its "default" traffic via GW.LCS.MIT.EDU after it gave up on IMP44's assigned gateways. I assume something similar happened to Score. Is the "eager pinger" problem believed to be fixed? If I remember correctly, that's where the practice of having only two live core gateways known per host came from. The NIC has a file online (in NETINFO:, I think) explaining this, but it was never clear to me if the underlying problem was really fixed or simply toned down to an acceptable level if everybody stuck to the two gateway rule. --Rob -------