How ICMP Redirect Messages Work?
Redirect message occurs when a host sends a datagram (or packet) to its gateway
(destination of this datagram is a different network), which in turn forwards
the same datagram to the next gateway (next hop) and this second gateway is on
the same network as the host. The second gateway will generate this ICMP
message and send it to the host from which the datagram originated.
For example, the two routers R1 and R2 are connected to the same
Ethernet segment as Host H. The default gateway for Host H is configured to use
router R1. Host H sends a packet to router R1 to reach the destination on
Remote Branch office Host 10.1.1.1. Router R1, after it consults its routing
table, finds that the next-hop to reach Host 10.1.1.1 is router R2. Now router
R1 must forward the packet out the same Ethernet interface on which it was
received. Router R1 forwards the packet to router R2 and also sends an ICMP
redirect message to Host H. This informs the host that the best route to reach
Host 10.1.1.1 is by way of router R2. Host H then forwards all the subsequent
packets destined for Host 10.1.1.1 to router R2.
This debug message shows
router R1, as in the network diagram, sending an ICMP redirect message to Host
H (172.16.1.1).
R1#
debug ip icmp
ICMP packet debugging is
on
*Mar 18 06:28:54:
ICMP:redirect sent to 172.16.1.1 for dest 10.1.1.1, use gw 172.16.1.200
R1#
Router R1 (172.16.1.100)
sends a redirect to Host H (172.16.1.1) to use router R2 (172.16.1.200) as the
gateway to reach the destination 10.1.1.1.
When Are ICMP Redirects
Sent?
Cisco routers send ICMP
redirects when all of these conditions are met:
- The interface on which the packet comes into the router
is the same interface on which the packet gets routed out.
- The subnet or network of the source IP address is on
the same subnet or network of the next-hop IP address of the routed
packet.
- The datagram is not source-routed.
- The kernel is configured to send redirects. (By
default, Cisco routers send ICMP redirects. The interface sub command no ip
redirects can be used to disable ICMP redirects.)
Note: ICMP redirects are disabled by default if Hot
Standby Router Protocol (HSRP) is configured on the interface.
For example, if a router
has two IP addresses on one of its interfaces:
interface
ethernet 0
ip address
171.68.179.1 255.255.255.0
ip address
171.68.254.1 255.255.255.0 secondary
If the router receives a
packet that is sourced from a host in the subnet 171.68.179.0 and destined to a
host in the subnet 171.68.254.0, the router does not send an ICMP redirect
because only the first condition is met, not the second.
The original packet for
which the router sends a redirect still gets routed to the correct destination.
Refer to below link for details on message types and analysis.
http://www.firewall.cx/networking-topics/protocols/icmp-protocol/155-icmp-redirect-
message.html
Refer to below link for details on message types and analysis.
http://www.firewall.cx/networking-topics/protocols/icmp-protocol/155-icmp-redirect-
message.html
No comments:
Post a Comment
Note: only a member of this blog may post a comment.