Be more specific on ports for ICMP#496
Conversation
|
I don't think it's any more correct to put the ICMP types in the "protocol" field than it is to put them in the "port" field. I know that the EC2 security group editor hides the numeric types and makes you pick from a list of human-readable type names... but they're not a protocol either. Someone who knows little enough about this to be confused by their presence in the Port field seems unlikely to be better served by conflating them with the Protocol, especially since we list only the numbers. Maybe change the "Port" header to "Port or Type", or just add a note above the table noting that it lists ICMP types in the port column, with a link to the IANA type registry at https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml#icmp-parameters-types in case someone needs the names? |
Signed-off-by: Manuel Buil <mbuil@suse.com>
I tried with a small footnote |
| | 8472 | UDP | All RKE2 nodes | All RKE2 nodes | Cilium CNI with VXLAN | ||
| | 51871 | UDP | All RKE2 nodes | All RKE2 nodes | Cilium CNI with WireGuard | ||
|
|
||
| \* 8/0 is not a port but the [ICMP type](https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml#icmp-parameters-types). It is required for the network utility ping |
There was a problem hiding this comment.
I think this is suggesting that you need types 8 and 0, correct? 8 is Echo, 0 is Echo Reply. Or is this type 8, code 0?
| \* 8/0 is not a port but the [ICMP type](https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml#icmp-parameters-types). It is required for the network utility ping | |
| \* 0 and 8 are not ports but [ICMP types](https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml#icmp-parameters-types). Cilium uses echo (ping) between nodes for health checks. |
There was a problem hiding this comment.
yes echo and echo reply. ICMP Type 8 and ICMP Type 0
There was a problem hiding this comment.
OK, lets change this. I would read 8/0 as type 8 code 0, if this is meant to be ready as "0 and 8" then we should say that.
Co-authored-by: Brad Davidson <brad@oatmail.org>
4 participants
A colleague got confused when configuring the AWS Security groups because 0/8 ports were not possible. I can see how the current docs could confuse users who are not familiar with the networking stack. This PR clarifies that ICMP has no port: