Re: ICMP "Destination unreachable" - should it be sent?

[Michael Thomas <mat@cisco.com>]

Henry Spencer writes:
 > On Wed, 27 Sep 2000, Stefan Schlott wrote:
 > > ..."Destination Unreachable Message
 > > Code 1 - communication with destination administratively prohibited"
 > > Should this message be sent when a packet does not conform to the local
 > > security policy database (spd), or should such packets be silently dis-
 > > carded?
 > 
 > The central question is whether the ICMP message is believable.
 > 
 > If it will flow via an authenticated path (e.g. an IPsec tunnel) or via a
 > physically-secure path (e.g. on the "interior" side of a security gateway,
 > where plaintext communication is normal), then sending it is probably
 > wise... although administrators might want to be able to control that. 
 > 
 > If it will flow via an insecure path, then what good is it?  The receiver
 > can't trust it to tell the truth.  At most, it might give the receiver a
 > hint that communications difficulties are occurring, but the receiver
 > cannot trust that report without confirming it by other means. 

   This strikes me as completely backward: the sender should *always*
   send it. It is the *receiver's* job to determine whether it is
   believable. Having the sender second guess what the receiver 
   should and should not discard sounds like a great way to cause
   an interoperability deadlock.

		      Mike

---

References:

• ICMP "Destination unreachable" - should it be sent?
• From: Stefan Schlott <stefan.schlott@student.uni-ulm.de>
• Re: ICMP "Destination unreachable" - should it be sent?
• From: Henry Spencer <henry@spsystems.net>

---

• Prev by Date: Re: ICMP "Destination unreachable" - should it be sent?
• Prev by thread: Re: ICMP "Destination unreachable" - should it be sent?
• Next by thread: Connectathon and IKE/IPsec interop?
• Index(es):
  • Main
  • Thread