farrell@pangea.Stanford.EDU (Phil Farrell) (05/08/91)
The subject line says it all: I want to turn off the IP forwarding function on an RS/6000 running AIX 3.1. How do I do this? Please respond by e-mail as I am not a regular reader of this news group. For those wondering what IP forwarding is, here is the story. IP forwarding is an optional function of the original BSD networking code, which appears to be the base for all UNIX TCP/IP implementations. With this function on, if the RS/6000 sees an ethernet broadcast packet intended for an IP network different than the one configured into the RS/6000, it will attempt to forward the packet to the appropriate network. IP forwarding appears to be on by default in the RS/6000, which is a bad idea. This is usually compiled into the kernel; on the original BSD UNIX, you could toggle the flag value on the running kernel with the adb debugger. I have absolutely no idea how to turn it off on the RS/6000, but I badly need to. I am the manager for a departmental network at Stanford University. Our building ethernet cable was assigned a sub-net of the overall campus net number (net 36.51.0). Having used all IP addresses on that subnet, a second subnet number (net 36.151.0) was assigned to the same cable. Our router to the rest of campus (and the world) knows that both subnets are really on the same cable, so traffic coming from one for the other is simply sent back out on the same cable. The problem is that when a host on subnet 36.151.0 sends a broadcast packet (intended for 36.151.255.255), the RS/6000 on net 36.51.0 sees that packet (remember, it contains a broadcast ethernet address), says to itself, "Aha, somebody is broadcasting to the wrong net on my cable, but I can forward it", and then turns around and sends the packet to the router, saying "please forward this on to net 36.151.0". If the router were to do that, the packet would go right back out on the same cable, the RS/6000 would see it again and forward it again, ad infinitum. Actually, since I have two machines on net 36.51.0 that are trying to do this IP forwarding, this would quickly lead to a "broadcast storm" that would grow exponentially. Fortunately for now, the router is NOT forwarding broadcasts between the two nets on the same cable, but we need to configure it to do so in order to provide another network functionality. When that happens, I either have to get the IP forwarding turned off on the RS/6000, or the RS/6000 has to come off the net. Any help figuring out how to bludgeon the RS/6000 into minding its own business and NOT trying to IP forward would be appreciated. By the way, we have 14 different UNIX architectures on this net, and only the RS/6000 and Stardent have IP forwarding turned on by default. -Phil Farrell, Computer Systems Manager Stanford University School of Earth Sciences farrell@pangea.stanford.edu 415-723-9575
heimlich@watson.ibm.com (Steve Heimlich) (05/09/91)
Under AIX 3, the command no -o ipforwarding=0 will turn off forwarding until the next reboot. The command no -a will list everything you can play with. "no" stands for "network option". Steve