Tomas,
: lan - router - fw - the big and bad internet
: one time, the fw stalled/hung/died/became unreachable and when pinging
: the internal interface of the fw from the lan at that very time, the
: router answered with a icmp that the firewall "is unreachable". how
on
: earth is the router able to know this? since there isnt a dynamic
: routing structure here, just a ordinary default route, i find this very
: strange. i dont think i have seen this before iproute2 was installed on
: both the router and the fw.
: is this some kind of feature of the iproute2 suit to know when
router''s
: are not alive although they dont rely on dynamic routing?
This has nothing to do with iproute2.
Consider what happens at router.
Assuming a traditional routing setup, and the following:
- your router is up
- a host on the LAN is up
- the firewall is down
1. packet arrives on router bound for firewall (or world)
2. router ARPs for locally reachable IP on firewall (its default
gateway)
3. router waits for an answer. And waits. And waits.
4. after a while of no ARP reply (seconds, in fact) it knows that
the IP for firewall is no longer reachable
5. it reports that the IP is unreachable to the requestor of the queued
packet
-Martin
--
Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/