Topics: AIX, Networking, System Admin

ICMP packets from an AIX system

Where did all these routes come from & why is my system sending ICMP packets every 10 minutes? This is caused by path MTU discovery. If your AIX system is sending ICMP packets, you can disable it:

AIX has a feature called path MTU discovery which is based on ICMP packets in order to learn MTU sizes on the LAN. Path MTU discovery is a way of finding out the maximum packet size that can be sent along a network using ICMP packets and is enabled on AIX by default. This is done to avoid IP fragmentation on heterogenous networks (ie, an ATM network connected to an ethernet network) and is described in RFC 1191.

# no -a | grep discover
will show you whether tcp_pmtu_discover and udp_pmtu_discover are enabled (1) or disabled (0). Disable them with:
# no -p -o tcp_pmtu_discover=0
# no -p -o udp_pmtu_discover=0
If these are disabled, you shouldn't see any ICMP messages any more.

When one system tries to optimize its transmissions by discovering the path MTU, a pmtu entry is created in a Path MTU (PMTU) table. You can display this table using the pmtu display command. To avoid the accumulation of pmtu entries, unused pmtu entries will expire and be deleted when the pmtu_expire time (no -o pmtu_expire) is exceeded; default after 10 minutes.

If you found this useful, here's more on the same topic(s) in our blog:

UNIX Health Check delivers software to scan Linux and AIX systems for potential issues. Run our software on your system, and receive a report in just a few minutes. UNIX Health Check is an automated check list. It will report on perfomance, capacity, stability and security issues. It will alert on configurations that can be improved per best practices, or items that should be improved per audit guidelines. A report will be generated in the format you wish, and the report includes the issues discovered and information on how to solve the issues as well.

Interested in learning more?