Questions tagged [icmp]
ICMP is the Internet Control Message Protocol. It is used for diagnostic purposes, for querying information, and for transmitting network-level error messages. ICMPv6, the version for IPv6, is also used for configuring nodes on the link.
91 questions
7 votes
2 answers
2k views
ICMP echo traffic doesn't NEED to be operated on a raw socket any more than UDP or TCP traffic does, so why is it done that way?
If you've ever tried writing tools that depend upon ICMP echo requests, you've inevitably run into the same problem as everyone else: you can't do it unless your tool is running as root. When you try ...
0 votes
2 answers
74 views
Faking traceroute hops but only for the VM, not for the VM host
I'm trying to modify ICMP time-exceeded responses (type 11) for traceroute packets, but only when they're responses to traceroute probes from a specific VM. My setup is: Host OS running Ubuntu with ...
- 175
0 votes
1 answer
70 views
Linux Off-path ICMP Fragmentation Needed Injection Attack to quic-go library
I was looking at CVE-2024-53259, where an attacker can inject ICMP Fragmentation Needed message to a host with QUIC connection using quic-go library. The cause is quic-go setting IP_PMTUDISC_DO socket ...
4 votes
2 answers
7k views
Confused about the message "No route to host" when blocked by firewalld
Debugging a software problem, I detected a state where the attempt to make a TCP connection resulted in a "No route to host" error message. This was especially confusing as ping had no such ...
- 1,777
1 vote
0 answers
92 views
Why is Linux not sending ICMP6 problem parameter message
I'm performing testing for USGv6 certification against a Linux build made using Yocto (Poky distribution version 5.0 - Scarthgap, Kernel 6.6). All required tests are passing except one: an echo ...
- 11
2 votes
2 answers
546 views
traceroute (UDP) lost packets
I am facing the following issue when running traceroute between two nodes in the same subnet. This is done as a test whether the network connection between this 2 nodes is reliable or not. We were ...
- 278
0 votes
0 answers
331 views
Ping setting source address differences between IPv4 and IPv6
I was testing something and stumbled on this weird oddity: Ping using IPv4 and setting the source address to '127.0.0.1' (works): # ping -I 127.0.0.1 192.168.1.1 PING 192.168.1.1 (192.168.1.1) from ...
- 9
0 votes
0 answers
178 views
Server not responding to ICMP requests
I have 4 servers running on rocky linux at a datacenter in Chicago but one is not answering to ping requests. I have been checking for solutions for day but so far things look good, what I am missing? ...
1 vote
1 answer
3k views
Host will not send ICMP "fragmentation needed" if received packet length is greater than its MTU?
I'm in the middle of figuring out an MTU related issue in a network. Lacking some knowledge, hoping to get some clarification here :) I have a setup, where a client host (with MTU=1500 bytes ...
- 13
0 votes
1 answer
628 views
What's the differnce between "Connection timed out" v/s "No route to host" for ncat command?
I tried to use ncat command to 2 diff unknown IPs from a CENTOS 7 (linux) terminal. [abc@localhost ~]$ ncat -zv 10.11.78.5 22 Ncat: Version 7.50 ( https://nmap.org/ncat ) Ncat: No route to host. [abc@...
- 101
2 votes
1 answer
1k views
How to disable Ping response (ICMP) in Linux then bring back up?
I'm trying to test the aliveness of some of my services by continuously pinging them to make sure they're up. It checks if 'alive' by pinging the address (192.168.20.1). I've tried disabling it via ...
0 votes
0 answers
79 views
Can the source IP of an ICMP reply message be altered with rules like iptables?
I have set up ip_forward=1 and rp_filter=2 on CentOS 7, which has two network interfaces: eth0 192.168.89.100/24 eth1 192.168.66.200/24 I hope that after eth1 receives an ICMP request, it will ...
- 1
0 votes
1 answer
516 views
Changing source address of ICMP packets from 1 interface to another
In my box, I have two ethernet interfaces. Due to the constraints of the system I am dealing with, I need all ICMP response messages to have the source address of 1 of the interfaces. An example: A ...
1 vote
2 answers
394 views
Traceroute from VM guest does not go past Host PC to internet
I have created an Ubuntu virtual machine on my PC, and I was trying out the traceroute command, as I need it for a college project. However, when I ran "traceroute www.google.com", what I ...
- 13
0 votes
0 answers
166 views
ping program not response the icmp error message
My operation like this: ping -s 8950 10.10.1.100 . I can capture the icmp error message(frag needed and DF set, mtu=8900) with tcpdump from the interface, but the ping program not frag packets ...
- 1