difference between DROPped pings and non existing hosts
Daniel Lopes
lopsch at lopsch.com
Tue Apr 26 20:48:38 CEST 2005
Tobias DiPasquale schrieb:
> On 4/26/05, Daniel Lopes <lopsch at lopsch.com> wrote:
>
>>I would like to know how ICMP distinguishes between DROPped pings and
>>non existing hosts. Both times you don´t get a reply from the
>>destination host but if it doesn´t reply because it doesn´t exist you
>>get the correct destination unreachable message if it drops the requests
>>for example with IPTables you get a timeout. And I haven´t a clue why
>>this is so.
>
>
> In the case where you get a destination unreachable message back, its
> the router that is responsible for the network on which the machine
> you are trying to ping that is responding with that message. When ICMP
> is dropped, the packet makes it to the host and thus the router does
> not generate a destination unreachable message to send back to you.
>
Hmm I forgot the hardware address. In the case the router can´t do a
address resolution he generates a ICMP error message because he won´t be
able to deliver the packet is that right?
Thank´s so far for the reply :).
More information about the netfilter
mailing list