cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6476
Views
0
Helpful
3
Replies

what is mean of the commend "no ip redirects"

chenzhang_001
Level 1
Level 1

i dont't know when to use this commend of "no ip redirects"in routers interfaces,and what this commend mean?

3 Replies 3

garytayl
Level 3
Level 3

Hi,

Based on documentation:

An ICMP redirect message can be generated by a router when a packet is received and transmitted on the same interface. In this situation, the router will forward the original packet and send a ICMP redirect message back to the sender of the original packet. This behavior allows the sender to bypass the router and forward future packets directly to the destination (or a router closer to the destination).

There are two types of ICMP redirect messages: redirect for a host address or redirect for an entire subnet.

The ip icmp redirect command determines the type of ICMP redirects sent by the system and is configured on a per system basis. Some hosts do not understand ICMP subnet redirects and need the router to send out ICMP host redirects. Use the ip icmp redirect host command to have the router send out ICMP host redirects. Use the ip icmp redirect subnet command to set the value back to the default, which is to send subnet redirects.

To prevent the router from sending ICMP redirects, use the no ip redirects interface configuration command.

Hope it helps,

Gary

Thanks for your help, Gary! Because i'm a Chinese, my English is not very good i hope i can get more informations from the forums!

Mark Yeates
Level 7
Level 7

To add to Gary's post that the "no ip redirects"

command is highly recommended from a security standpoint. ICMP redirect messages can be used by an attacker to generate network topology and perform network diagnosis. Generation of this message should be disabled on all interfaces, especially interfaces that are connected to untrusted networks.

Mark

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: