IBM Support

IV06779: TRACEROUTE AGENT CAUSES UDP PACKET FROM PORT 0 CAUSING FIREWALL ERROR

Direct links to fixes

ITNMIP_Patch_V3.8.0.89_Win32
3.8.0-TIV-ITNMIP-Solaris-REF-FP0007
3.8.0-TIV-ITNMIP-Linux-REF-FP0007
ITNMIP_Patch_V3.8.0.89_AIXPPC32
IBM Tivoli Network Manager IP 3.9.0 Fix Pack 3, 3.9.0-TIV-ITNMIP-FP0003
IBM Tivoli Network Manager IP 3.9.0 Fix Pack 4, 3.9.0-TIV-ITNMIP-FP0004
IBM Tivoli Network Manager IP Edition 3.9.0 Fix Pack 5, 3.9.0-TIV-ITNMIP-FP0005

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • When the traceroute agent is enabled, UDP packets are sent at
the behest of the agent that come from TCP Source Port 0. This
can cause firewall issues as many firewalls check for packets
originating from port 0, and blocking such packets.

Refer to PMR 53602,379,000 for additional information.

Local fix

  • N/A

Problem summary

  • ****************************************************************
* USERS AFFECTED:                                              *
* Users with TraceRoute agent enabled.                         *
****************************************************************
* PROBLEM DESCRIPTION:                                         *
* When the TraceRoute agent is enabled, UDP packets are sent   *
* from TCP Source Port 0. This can cause firewall issues as    *
* many firewalls check for packets originating from port 0,    *
* and blocking such packets                                    *
****************************************************************
* RECOMMENDATION:                                              *
* The fix for this APAR is contained in the following          *
* maintenance packages:                                        *
* fix pack | 3.9.0-ITNMIP-FP0001                               *
****************************************************************

Problem conclusion

  • Implemented a new configurable field m_UpdSrcPort in
DiscoPingHelperSchema.cfg.
It will be used as the SrcPort for the TraceRoute udp packet
sent.

The following fixpacks will contain the fix:
| fix pack | 3.8.0-ITNMIP-FP0007
| fix pack | 3.9.0-ITNMIP-FP0001

Temporary fix

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    IV06779
    • 

  • Reported component name
    TIV NETWK MGR I
    • 

  • Reported component ID
    5724S4500
    • 

  • Reported release
    380
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt
    • 

  • Submitted date
    2011-08-24
    • 

  • Closed date
    2011-09-29
    • 

  • Last modified date
    2011-11-18
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    NC/PREC DISCOVY
    • 

  • Fixed component ID
    5724O52DS
    • 



Applicable component levels


    

  • R390  PSN
       UP
    • 

  • R390  PSY
       UP
    • 








      
              
                            

              

              [{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSSHRK","label":"Tivoli Network Manager IP Edition"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"380","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            18 November 2011
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback