Vulnerability
    PMTU
Affected
    HP-UX release 10.30 and 11.00 only
Description
    An  HP-UX  10.30/11.00  system  can  be  used  as  an  IP  traffic
    amplifier.  Small amounts of inbound traffic can result in  larger
    amounts of outbound traffic.
    HP  provides  a  proprietary  method  for  determining PMTU.  When
    traffic needs to be routed to a destination for which the  optimum
    MTU has  not been  determined, ICMP  packets are  used to discover
    the MTU for that path  while data traffic is shipped  in parallel.
    This is the default strategy for determining PMTU.
Solution
    Reference ndd manpage  (1M), /etc/rc.config.d/nddconf.   To ensure
    that this parameter is set each time the system is booted, add the
    following lines to /etc/rc.config.d/nddconf:
        TRANSPORT_NAME[<index>]=ip
        NDD_NAME[<index>]=ip_pmtu_strategy
        NDD_VALUE[<index>]=1
    The  value  of  <index>  is  an  integer  from 0 to 99.  The first
    parameter specified in  the file should  use an <index>  of 0, the
    second an <index> of 1, and  so on.  Once these changes  have been
    made, execute the following command:
        /usr/bin/ndd -c
    This sets all of the options specified in the file
        /etc/rc.config.d/nddconf.
    To verify that the parameter  is set correctly, use the  following
    command:
        /usr/bin/ndd -get /dev/ip ip_pmtu_strategy
    This  should  report  a  value  of  1.   Another way to change the
    ip_pmtu_strategy  parameter  on  a  running  system  is to use the
    following NDD command:
        /usr/bin/ndd -set /dev/ip ip_pmtu_strategy 1
    This setting will only last until the system is rebooted at  which
    point the value of the parameter will be determined by the default
    value of 2 or whatever value is set in /etc/rc.config.d/nddconf.
TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH
