My origianl message:
|>Greetings -
|>
|>I've just resolved a problem and I can't understand why it happened in the
|>first place. Perhaps some of you can help.
|>
|>Host A is Digital UNIX box running v3.2g. Host B is an Ultrix box running v4.3.
|>
|>problem:
|>Host A routing tables (as displayed by netstat -r) showed some dynamic routes
|>through a gateway host (Host B) which was incorrect. Host A has the
|>following route and gate daemon flags in rc.config:
|>
|>RWHOD="no"
|>ROUTED="no"
|>ROUTED_FLAGS=
|>ROUTER="no"
|>GATED="no"
|>GATED_FLAGS=
|>
|>we use only static routes on Host A (/etc/routes does not list Host B by name
|>or IP number).
|>
|>netstat -r on Host A showed:
|>
|>Routing tables
|>Destination Gateway Flags Refs Use Interface
|>Netmasks:
|>Inet 255.255.255.0
|>
|>Route Tree for Protocol Family 2:
|>default cisco_router UG 178 8511669 tu0
|>localhost localhost UH 26 177020204 lo0
|>BackboneLAN_IP BackboneGateway UG 0 10804 fta0
|>remotehost1 Host B UGHD 0 7389 tu0
|>... Host B UGHD ... ... tu0
|>remotehostn Host B UGHD 0 126 tu0
|> ^^^^
|>
|>hence all remote hosts listing Host B as their Gateway were inaccessible
|>from Host A.
|>
|>Resolution:
|>Host A# route delete -host <remotehost>
|>
|>But, Why did this happen in the first place? Could it be a nameserver entry
|>somewhere? Perhaps a misconfigured host BIND setup in the LANs of the
|>remotehosts? or perhaps some host thinking Host B was a nameserver?
|>
|>I'm at a loss to explain this.
|>
|>Any ideas?
What else we did:
Shutdown routed on Host B, the Ultrix machine (it was running routed with
no flags, and we assumed that this meant it was not running in *quiet*
mode). The curious thing about this, is that Host B has been running like
this for years on the same subnet as Host A, and this is the first instance
of this happening... We are continuing to monitor this daily.
An item worth pondering: We added a second NIC to Host A just over 6 months
ago, and at that time stopped routed and gated daemons to use static routes.
Still this was the first instnace of dynamic routes being added.
Responses:
From: Michael Matthews <matthewm_at_sgate.com>
|>Is host B running routed? If so, make sure it's running in *quiet* mode else
|>it'll broadcast to the network that it can handle routes to those remotehost
|>entries ifn's it thinks it can. I've noticed that DU will pick up routes
|>even if it's not configured to do so...
|>
|>But the real problem is host B is advertising to the rest of the world that
|>it can handle those routes, and host A is believing it.
From: John Kohl <jtk_at_atria.com>
|>The "D" in the flags listing indicate it was dynamically added. Usually
|>that means someone was sending you ICMP redirect messages (which may
|>have been bogus in this case).
From: Hellebo Knut <Knut.Hellebo_at_nho.hydro.com>
|>I've seen the same behaviour. It could be there was a misconfigured router
|>in your net redirecting the traffic away from the normal route to host B.
|>If the router then was taken down (off the net or not configured to give
|>ICMP_REDIRECT instead of ICMP_UNREACHABLE) you would be stuck with such
|>'dead' routes. Then the only way to clean up is via 'route delete'.
|>
|>If you don't wan't your host to act as a router you must also turn off
|>ip_forwarding in the kernel (from the listing it seems like host A have two
|>NICs)
From: Jon Craig <jcraig_at_gfs.com>
|>1) Do a ps -ef and verify routed has not been started (your setup indicates
|> it shouldn't).
|>
|>2) If you are using DecSafe ASE then your problem is actually with DECsafe.
|>I have noted in the past that even if routed is not running when a host is
|>segmented from a network and an additional network path is available (my case
|>a FDDI interconnect) that DECsafe will re-route traffic via this additional
|>path. My problem was in a test setup and I never escalated it to DEC but it
|>was very reproducible (I thought I was having a 100MB Ethernet switch problem).
|>
|>If this fits your circumstances you may wish to escalate to DEC (if so let
|>me know how it turns out).
From: "Pedro J. Lobo" <pjlobo_at_euitt.upm.es>
|>It seems that a gateway (probably cisco_router) is sending ICMP redirects
|>showing host B as the right gateway to reach remotehost[1-n]. Check your
|>gateway configuration. The problem has nothing to do with the
|>configuration of host A, and probably with that of host B either.
From: "Craig I. Hagan" <hagan_at_cih.com>
|>I'd start looking at the following:
|>
|> * host b is running a route advertising daemon (routed, gated,etc)
|> * host A is recieving ICMP redirects for those networks
|> pointing at host B
|> * a router may be misconfigured (??) to point at host B.
|>i forgot. is host B a sun running solaris with > 1 interface?
|>if so, then don't forget to edit the network start script
|>to PREVENT routing from starting.
From: chris_at_lagoon.meo.dec.com (Chris Jankowski)
|>You probably received millions of answers already:
|>
|>remotehost1 Host B UGHD 0 7389 tu0
|>... Host B UGHD ... ... tu0
|>remotehostn Host B UGHD 0 126 tu0
|> ^^^^
|>The D in the lines above points to the fact that somebody send an ICMP
|> redirect to your host A.
Randy M. Hayman
haymanr_at_icefog.alaska.edu
Received on Thu Nov 21 1996 - 00:48:02 NZDT