Differences between current version and previous revision of DestinationNetworkUnreachable.
Other diffs: Previous Major Revision, Previous Author, or view the Annotated Edit History
Newer page: | version 4 | Last edited on Thursday, April 12, 2007 3:04:58 pm | by BenStaz | |
Older page: | version 3 | Last edited on Tuesday, June 1, 2004 11:38:26 pm | by PerryLorier | Revert |
@@ -1,9 +1,11 @@
[ICMP] reason subcode 0, used with ICMP reason code 3 to explain why a DestinationUnreachable message was sent.
+
+If a router cannot forward a packet because it has no routes at all (including no default route) to the destination specified in the packet, then the router must generate a Network Unreachable.
It is usally generated by a gateway when it does not have a route for the destination specified in the IP packet that caused the error.
Note a server with a default gateway won't ever issue this message (since it always has a route for packets...).
Reject routes can also solicit this error. I recommend you add the routes below to any machine that is physically on the internet. It'll make any packet that doesn't have a more specific route (via some VPN, or locally connected machine) generate an [ICMP] DestinationNetworkUnreachable message and not just leak random IP's out onto the Internet.
route add -net 10.0.0.0/8 reject metric 10000
route add -net 192.168.0.0/16 reject metric 10000