ICMP source Quench

[t2net]

Bonjour,

Depuis quelques temps nous avons des problèmes, IPCOP se bloque
(OLEANE SDSL 2Mb - IPCOP 1.4.9 + Addon squiguard)

Quelqu'un peut il me dire à quoi correspond exactement un :
"ICMP Source Quench" dans le journal IDS
et comment IPCOP le traite ? je ne sais pas si c'est la cause ou la conséquence mais ce message apparait à chaque blocage

un redemarrage d'IPCOP suffit à résoudre le problème pour un certain temps

[antolien]

ce message indique qu'il y a trop de traffic, un engorgement.
le routeur envoie des messages plus vite que ce que la machine suivante peut accepter.
comment ipcop le traite je l'ignore, mais normalement la vitesse d'expedition est ralentie après un source quench.

[antolien]

cf rfc 792
http://www.faqs.org/rfcs/rfc792.html

Source Quench Message

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Code | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| unused |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Internet Header + 64 bits of Original Data Datagram |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

IP Fields:

Destination Address

The source network and address of the original datagram's data.

ICMP Fields:

Type

4

Code

0

Checksum

The checksum is the 16-bit ones's complement of the one's
complement sum of the ICMP message starting with the ICMP Type.
For computing the checksum , the checksum field should be zero.
This checksum may be replaced in the future.

Internet Header + 64 bits of Data Datagram

The internet header plus the first 64 bits of the original
datagram's data. This data is used by the host to match the
message to the appropriate process. If a higher level protocol
uses port numbers, they are assumed to be in the first 64 data
bits of the original datagram's data.

Description

A gateway may discard internet datagrams if it does not have the
buffer space needed to queue the datagrams for output to the next
network on the route to the destination network. If a gateway
discards a datagram, it may send a source quench message to the
internet source host of the datagram. A destination host may also
send a source quench message if datagrams arrive too fast to be
processed. The source quench message is a request to the host to
cut back the rate at which it is sending traffic to the internet
destination. The gateway may send a source quench message for
every message that it discards. On receipt of a source quench
message, the source host should cut back the rate at which it is
sending traffic to the specified destination until it no longer
receives source quench messages from the gateway. The source host
can then gradually increase the rate at which it sends traffic to
the destination until it again receives source quench messages.

The gateway or host may send the source quench message when it
approaches its capacity limit rather than waiting until the
capacity is exceeded. This means that the data datagram which
triggered the source quench message may be delivered.

Code 0 may be received from a gateway or a host.

[t2net]

Merci de la réponse

Est-ce que ça peut venir de l'extérieur
j'ai JUSTE AVANT

Date: 10/21 18:06:20
Name: ICMP Large ICMP Packet
Priority: 2
Type: Potentially Bad Traffic
IP Info: 81.52.3.97 -> XXX.XXX.XXX.XXX
SID: 499
Refs:
avec cette adresse IP qui revient d'origine :

inetnum: 81.52.1.0 - 81.52.15.255
netname: VPN-BACKBONE
descr: France Telecom Transpac
descr: P_routers and PE_routers
country: FR
admin-c: PHC757-RIPE
tech-c: PHC757-RIPE
status: ASSIGNED PA
remarks: INFRA-AW
mnt-by: RAIN-TRANSPAC
source: RIPE # Filtered

ou alors un problème au niveau de la machine IPCOP ?