On 25 Jun 2009, at 08:10, Adam Carter wrote:
I've got one machine here on the LAN which isn't responding to
broadcast
ping. Any idea why not?
You need to set icmp_echo_ignore_broadcasts to 0. Default is
1, mainly for dos prevention:
# sysctl net.ipv4.icmp_echo_ignore_broadcasts=0
I thought it would default to off in most OSes these days, because of;
http://en.wikipedia.org/wiki/Smurf_attack
Are those other machines patched up?
They're all on the LAN, anyway, but:
192.168.1.71 - the machine from which the ping was sent (don't know if
that makes a difference). Mac OS X 10.5, fairly recent updates, but
perhaps not this month's.
192.168.1.43 - Gentoo 1.4 profile, 2.4 kernel, not updated in at least
3 years, well due for retirement, just as soon as I've moved services
to 192.168.1.100
192.168.1.22 - network KVM [1], probably can't get a firmware update,
unfortunately. :( Not a very recent one, anyway. Although they may
still sell it, I'm pretty sure it's rebadged OEM & development on the
product is ceased.
192.168.1.9 - LaserJet 4000, JetDirect card.
Interestingly the router is a model at least 5 years old - a Draytek
Vigor, older than the 192.168.1.43 build - and it isn't replying.
I now realise that 3 other Linux boxes are missing from the list. I'm
sure I'm not the only person on the list to occasionally lose count.
Anyway, for each device it's either a case of:
- yes, it's regularly updated;
- sorry, there's not much to be done about it; or
- yes, I know it needs updating!
It shouldn't matter, anyway, if they're all behind a NAT router,
should it? I'm inclined to disable this ignore, because I do find
broadcast ping very occasionally useful.
Stroller.
[1] http://www.austin-hughes.co.uk/products.cfm?Product=28
