karn@faline.bellcore.com (Phil R. Karn) (11/03/87)
I've been asked to be less coy about mentioning misbehaving host implementations by name. Fine. Herewith is a brief summary of what I see on our own network after about 5 minutes of monitoring with a "bogon trap" of my own design: 1. A bunch of Excelan hosts emitting rwho/UDP broadcasts with 128.96.0.0 (our local broadcast address) in *both* the IP source and destination fields. 2. A Vax running 4.3BSD (or at least that's what the login banner says) that returns an ICMP Unreachable Port to the sender of each RIP packet it sees. 3. A Vax running MicroVMS V4.6 that's doing the same thing. 4. A big group of Symbolics LISP machines that return ICMP Unreachable Protocol messages in response to IP broadcasts with a locally-defined protocol field (255). None of these machines are under my administrative control so I cannot verify actual software version numbers, etc. Phil
CLYNN@G.BBN.COM.UUCP (11/05/87)
Phil, I think that 2 and 3 (returning port unreachable) are not bugs but are actually doing what the spec says they should. 4 (returning protocol unreachable in response to broadcasts) is probably not a good idea, but the specs were written before broadcast were widely used. Charlie
ddp+@ANDREW.CMU.EDU (Drew Daniel Perkins) (11/11/87)
Phil's 2 and 3 (returning port unreachable), like his 4 (protocol unreachable) may not be bugs due to unclear specs, but are certainly not a good idea. A future spec for hosts (similar to rfc 1009 for gateways) being written by a group in the IETF will probably specifiy that ICMP error messages should not be sent due to IP broadcasts. ICMP echo requests may not be prohibited however, since they are not error messages. Drew