I have a machine running XP 32-bit, where, after rebooting and just going to Google or whatever, all the hosts that I contacted as part of loading those web pages are being added as dynamic host routes in the routing table, like this:
What in the world is the machine trying to do, and how do I disable it?
I’ve disabled everything on the machine except one NIC and (at the advice of some other sites) disabled acting on ICMP redirects, but to no avail (I’m not receiving any anyway, according to Wireshark.)
Your default router is likely sending an ICMP Redirect to 192.168.3.10 as the ‘better’ route to those destinations or some such. Look at a network capture. It is probably driven by off-host behavior not something your local system is doing (other than reacting to ICMP correctly). Good luck,Dave Cattley
I know some VPN software will do that, as a way to apply policy when there are multiple interfaces.
Jan
-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@gmail.com
Sent: Tuesday, April 16, 2013 10:06 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] Why would host routes be added automatically?
I have a machine running XP 32-bit, where, after rebooting and just going to Google or whatever, all the hosts that I contacted as part of loading those web pages are being added as dynamic host routes in the routing table, like this:
What in the world is the machine trying to do, and how do I disable it?
I’ve disabled everything on the machine except one NIC and (at the advice of some other sites) disabled acting on ICMP redirects, but to no avail (I’m not receiving any anyway, according to Wireshark.)
I know some VPN software will do that, as a way to apply policy
when there are multiple interfaces.
Interesting as the machine does have OpenVPN installed, however, it was not running (nor was the virtual Ethernet device running).
Re: Dave I will check again for ICMP redirects but like I said, I didn’t see any in Wireshark and either way I disabled the setting in CCS\Services\tcpip\Parameters.
another thing that creates routes like this is PMTUD. When the OS
discovers a reduced MTU to a path, it remembers it using a route.
Adrien
------ Original Message ------
From: “Dave Cattley” To: “Windows System Software Devs Interest List” Sent: 17/04/2013 5:42:32 a.m. Subject: RE: [ntdev] Why would host routes be added automatically? >Your default router is likely sending an ICMP Redirect to 192.168.3.10 >as the ‘better’ route to those destinations or some such. > >Look at a network capture. It is probably driven by off-host behavior >not something your local system is doing (other than reacting to ICMP >correctly). > >Good luck, >Dave Cattley > > >— >NTDEV is sponsored by OSR > >OSR is HIRING!! See http://www.osr.com/careers > >For our schedule of WDF, WDM, debugging and other seminars visit: >http://www.osr.com/seminars > >To unsubscribe, visit the List Server section of OSR Online at >http://www.osronline.com/page.cfm?name=ListServer
> What in the world is the machine trying to do, and how do I
> disable it?
Path MTU discovery.
Wow, thanks to Maxim and Adrien here. I went into Tcpip\Parameters and didn’t find a key called “EnablePMTUDiscovery” so at first I assumed “0” is the default. However, I created the key anyway and set it to zero manually, and rebooted. Problem solved now it seems??
the reason that path MTU discovery is creating all those routes is
because destinations over the VPN will have a reduced MTU due to VPN
encapsulation overhead.
but you really need PMTUD on to be able to access a bunch of
destinations all over the internet.
You could try reducing the adapter MTU instead. You can use ping.exe to
discover the MTU of your VPN by using -f and -l
A reduced adapter MTU will reduce your efficiency but at least won’t break connectivity.
Adrien
------ Original Message ------ From: “xxxxx@gmail.com” To: “Windows System Software Devs Interest List” Sent: 19/04/2013 5:25:06 a.m. Subject: RE:[ntdev] Why would host routes be added automatically? >Maxim S. Shatskih wrote: > >>> What in the world is the machine trying to do, and how do I >>> disable it? >> >> Path MTU discovery. > >Wow, thanks to Maxim and Adrien here. I went into Tcpip\Parameters and >didn’t find a key called “EnablePMTUDiscovery” so at first I assumed >“0” is the default. However, I created the key anyway and set it to >zero manually, and rebooted. Problem solved now it seems?? > >— >NTDEV is sponsored by OSR > >OSR is HIRING!! See http://www.osr.com/careers > >For our schedule of WDF, WDM, debugging and other seminars visit: >http://www.osr.com/seminars > >To unsubscribe, visit the List Server section of OSR Online at >http://www.osronline.com/page.cfm?name=ListServer
> and set it to zero manually, and rebooted. Problem
> solved now it seems??
Why do you think it’s a problem?
Well, problem or not, it’s unnecessary. The VPN is a “bridged” connection to one /24 subnet of 192.168.13.x. I don’t reach any other hosts through the VPN. So there’s no reason it should be creating all those other routes; they’re reachable through my default gateway, so it must be “confused” in some way, this is my conclusion.
>so it must be “confused” in some way, this is my conclusion.
No, this is normal. The result of PMTU Discovery process (important for TCP performance) is saved as this kind of a host-only route, where the MTU is the only piece of information actually used.
No, this is normal. The result of PMTU Discovery process
(important for TCP performance) is saved as this kind of a
host-only route, where the MTU is the only piece of information
actually used.
Yes, fine, but go back and look at my original post: the host route that it was creating *was pointing back to my default gateway anyway*. Which means it was totally redundant.
Redundant from an IP routing point of view, but not redundant from a TCP
perf point of view. Perhaps storing path information in the routing table
is a confusing choice, but it is a good choice. All these extra routes are
saying is that for a specific subnet, in this case a host, there is extra
information available that should be considered when forwarding packets.
wrote in message news:xxxxx@ntdev…
Maxim S. Shatskih wrote:
No, this is normal. The result of PMTU Discovery process
(important for TCP performance) is saved as this kind of a
host-only route, where the MTU is the only piece of information
actually used.
Yes, fine, but go back and look at my original post: the host route that it
was creating *was pointing back to my default gateway anyway*. Which means
it was totally redundant.
if you want people’s help, you should listen to them
The only confusion is yours. You don’t know why the routes are created,
and you presume and assert and argue they are useless.
they are not useless, they are necessary.
If you disable path MTU discovery, your OS has no way to “remember” that
a destination has a reduced MTU. Since all the destinations over your
VPN have a reduced MTU, this will cause you nothing but grief. I
suggest you do some research on MTU.
You need to go back to the start and question your original assumption,
which was that this was a behaviour that should be suppressed. It is
not.
You need to work around whatever affect it is having. For instance if
you are using the route table for something in code, and don’t want the
“pollution”, then filter out routes created by ICMP.
Adrien
------ Original Message ------
From: “xxxxx@gmail.com” To: “Windows System Software Devs Interest List” Sent: 19/04/2013 9:38:42 a.m. Subject: RE:[ntdev] Why would host routes be added automatically? >Maxim S. Shatskih wrote: > >> No, this is normal. The result of PMTU Discovery process >> (important for TCP performance) is saved as this kind of a >> host-only route, where the MTU is the only piece of information >> actually used. > >Yes, fine, but go back and look at my original post: the host route >that it was creating was pointing back to my default gateway anyway. >Which means it was totally redundant. > >— >NTDEV is sponsored by OSR > >OSR is HIRING!! See http://www.osr.com/careers > >For our schedule of WDF, WDM, debugging and other seminars visit: >http://www.osr.com/seminars > >To unsubscribe, visit the List Server section of OSR Online at >http://www.osronline.com/page.cfm?name=ListServer