difference between DROPped pings and non existing hosts

Daniel Lopes lopsch at lopsch.com
Tue Apr 26 20:48:38 CEST 2005


Tobias DiPasquale schrieb:
> On 4/26/05, Daniel Lopes <lopsch at lopsch.com> wrote:
> 
>>I would like to know how ICMP distinguishes between DROPped pings and
>>non existing hosts. Both times you don´t get a reply from the
>>destination host but if it doesn´t reply because it doesn´t exist you
>>get the correct destination unreachable message if it drops the requests
>>for example with IPTables you get a timeout. And I haven´t a clue why
>>this is so.
> 
> 
> In the case where you get a destination unreachable message back, its
> the router that is responsible for the network on which the machine
> you are trying to ping that is responding with that message. When ICMP
> is dropped, the packet makes it to the host and thus the router does
> not generate a destination unreachable message to send back to you.
> 
Hmm I forgot the hardware address. In the case the router can´t do a 
address resolution he generates a ICMP error message because he won´t be 
able to deliver the packet is that right?
Thank´s so far for the reply :).



More information about the netfilter mailing list