Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How to turn off ICMP header???

Status
Not open for further replies.
quattro5vt

quattro5vt

IS-IT--Management
Apr 3, 2002
19
US
My sytem is an F50 running Aix v:4.3.3. Im trying to Telnet to a remote host whose firewall denies and traffic which contains an ICMP header. So my session is terminated do to the header. Is it possible to turn the header off? If so how. Thanks in adavance……Mark
 
Sort by date Sort by votes
ICMP is the error and control message protocol used by IP and the Internet protocol family. It may be accessed for network monitoring and diagnostic functions....


so - the firewall is blocking your connections to a remote host

consider asking remote site maintainers to allow an access through their firewall and it has nothing to do with AIX
 
Upvote 0 Downvote
AIX's strangest network stack options can be set via /usr/sbin/no utility
 
Upvote 0 Downvote
The site maintainers will not allow it through, I already asked them.
 
Upvote 0 Downvote
as far as I am aware of - this is not the forum on firewall trespassing nor information security in general ( and AIX is not the best tool to do such things )
 
Upvote 0 Downvote

Your awareness is correct, and yes this is the Aix forum. Your obvious preseptive skills are amazing. My question is not one of firewall tresspasing or security rather of Aix. The telnet is originating from and R/S 6000 the remote sites NCC says there should be a way of turning off sending out an ICMP header . This can be done in Solaris my question once again, is this possible with Aix?
 
Upvote 0 Downvote
i have had run-in with such problem - solaris sets IP header options that some packets it sends are not to be fragmented (A Dont-fragment bit) which is not required (maybe IBM thinks same way)
most likely your ip stack needs some tuning using
/usr/sbin/no
eg
no -a == show many screens of all options
no -o clean_partial_conns=1 == change some option

/etc/rc.net - the place some /usr/sbin/no are executed on boot and wait for more to join

although i am not sure if that helps - mostly because of solaris stations all our border gateways simply ignore and clean strangest ip(and icmp) header options

as "no" is very aix-specific you may search for /usr/sbin/no in your favorite search engine
 
Upvote 0 Downvote
although df was still set in initial SYN
no -o tcp_pmtu_discover=0
enabled connection to some strangely configured linux+ipchains box, it had its twin option udp_pmtu_discover, which I have'nt checked. I have stopped trying after an hour of reading aix-s manuals and changing "no" options- but if you find answer - please post it here as it may be of some use for somebody - somewhere
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

E
  • Locked
  • Question
What are reservations and how do you set them?
Replies
0
Views
195
emze
E
A
  • Locked
  • Question
Adding Existing LUN to New LPAR AIX
Replies
0
Views
230
Alvinghost
A
sheilar32
  • Locked
  • Question
Migrating from AIX to anything else
Replies
0
Views
210
sheilar32
sheilar32
noobAIX
  • Locked
  • Question
How to extend PP on VG ( FREE PPs: 0 (0 megabytes))
Replies
1
Views
153
chgwhat
chgwhat
dhirender
  • Locked
  • Question
How to calculate total disk space available in AIX
Replies
1
Views
169
johnherman
johnherman

Part and Inventory Search

Sponsor

Back
Top