Solved: icmp redirect message

sarahr202 · ‎04-24-2010

Hi every body.

I have a question about the icmp redirect message.

let say we have two routers( gateways), r1 and r2 on a lan.Host ,h1 is also connected to the same lan. h1 is configured with r1 as default gateway.

Let say r2 sends a icmp redirect message to h1 , asking the h1 to use r2 as default gateway. Will h1 use it considering the fact h1 is statically configured to use r1 as default gateway?

thanks and have a good weekend.

Giuseppe Larosa · ‎04-24-2010

Hello Sarah,

nice to see you again

host H1 can receive an ICMP redirect for a specific destination only by its default gateway R1 for the following reason:

the message is sent by a router in reaction to receiving packets from an host with a destination that has a next-hop that is another router in the same subnet as the host.

H1 will never send a packet to R2 with a destination different then R2 ip address in the common subnet because it is not its default gateway.

if H1 is configured with a specific route with next-hop R2 and R2 uses R1 as next-hop for that destination, you can have an occurrence of the event you have described.

Hope to help

Giuseppe

View solution in original post

Jon Marshall · ‎04-24-2010

sarahr202 wrote:
Hi every body.
I have  a question about the icmp redirect message.

let say we have two routers( gateways), r1 and r2 on a lan.Host ,h1 is also connected to the same lan.  h1 is configured with r1 as default gateway.
Let say r2 sends a icmp  redirect message to h1 , asking the h1 to use r2 as default gateway. Will h1 use it  considering the fact h1 is statically configured to use r1 as default gateway?
thanks and have a good weekend.

Sarah

R2 won't send an ICMP redirect to h1. R1 could send an ICMP redirect to h1 to tell it that R2 is a better path. If R1 does send an ICMP redirect it will be for a specific host route so h1 will install a host specific route in it's routing table. And h1 will use this route because it is more specific than the default-route it has to R1.

Jon

View solution in original post

Jon Marshall · ‎04-24-2010

Sarah

Being host, h1 should not have any routing table or more specific route. All it should have its own ip address, dns,default gateway etc.

Correct in normal circumstances a host will only have a default route or default-gateway if you like. But there is nothing stopping a host adding routes to it's routing table even if it's not running a dynamic routing protocol. For example you can add routes manually on a windows machine with the "route add ....." command from a DOS prompt.

So routes can be added to hosts, it's just that they normally only have a default-gateway. The ICMP redirect will only be for a specific destination route so in your example h1 will now have 2 routes, 1 specific host route pointing to R2 and one default route pointing to R1. The default route does not change from R1.

Jon

View solution in original post

Jon Marshall · ‎04-25-2010

sarahr202 wrote:

Thanks Jon for being patient.

This is what i understand.

Al though h1 is configured with r1 as default gateway, if host1 sends a packet say to host h3, and host1 receives the icmp redirect message from r1 asking h1 to use r2 as default gateway to send packet to h3 next time. host1 will create a route in its routing table for that specific destination. Next time if h1 has to send a packet to h3, it will look up its routing table and use that more specific route"

In nutshell, host can have routes in its routing table. routes can be added to its routing table using Add command or it can be created dynamically as was the case in our scenario where h1 upon receiving icmp redirect message from r1, creates a more specific entry in its routing table.

Is my understanding correct?

Sarah

No problem, it's important to understand things properly

Your summary is spot on.

Jon

View solution in original post

lamav · ‎04-25-2010

Sarah:

You should realize that well-designed networks do not typically rely on the icmp redirects. ICMP redirects are useful but only in as much as they expose the inefficiecy of a network's traffic flow and design.

Let's take a simple example.

In most enterprise deployments, users on a LAN will point to a virtual default gateway. In other words, HSRP, VRRP or GLBP is being used to provide gateway redundancy and failover for hosts on a LAN. In that case, all the routers in the failover group should have the exact same routes in their routing tables. More specifically, those routes must never point to another router in the group.

Remember that, because the host is being configured to use any of those routers as its default gateway (it uses the virtual gateway address), there should be no adverse consequence to using any router in the group when it comes to route path efficiency, traffic load and reliability. If there is, and icmp rediects are being used, you have a bad design.

I wanted to write a lot more when I ran into this document that covers most of what I wanted to tell you anyway, so please have a read of it.

http://www.cymru.com/gillsr/documents/icmp-redirects-are-bad.pdf

HTH

Victor

View solution in original post

Giuseppe Larosa · ‎04-24-2010

Hello Sarah,

nice to see you again

host H1 can receive an ICMP redirect for a specific destination only by its default gateway R1 for the following reason:

the message is sent by a router in reaction to receiving packets from an host with a destination that has a next-hop that is another router in the same subnet as the host.

H1 will never send a packet to R2 with a destination different then R2 ip address in the common subnet because it is not its default gateway.

if H1 is configured with a specific route with next-hop R2 and R2 uses R1 as next-hop for that destination, you can have an occurrence of the event you have described.

Hope to help

Giuseppe

sarahr202 · ‎04-24-2010

Thanks Giuseppe. I am still in training so still busy. But my weekends are devoted to cisco net pro , to learning from you guys.

Jon Marshall · ‎04-24-2010

sarahr202 wrote:
Hi every body.
I have  a question about the icmp redirect message.

let say we have two routers( gateways), r1 and r2 on a lan.Host ,h1 is also connected to the same lan.  h1 is configured with r1 as default gateway.
Let say r2 sends a icmp  redirect message to h1 , asking the h1 to use r2 as default gateway. Will h1 use it  considering the fact h1 is statically configured to use r1 as default gateway?
thanks and have a good weekend.

Sarah

R2 won't send an ICMP redirect to h1. R1 could send an ICMP redirect to h1 to tell it that R2 is a better path. If R1 does send an ICMP redirect it will be for a specific host route so h1 will install a host specific route in it's routing table. And h1 will use this route because it is more specific than the default-route it has to R1.

Jon

sarahr202 · ‎04-24-2010

Thanks Jon.

I still have few problems understanding icmp redirect message. I t was typo . i wrote" r2 sends icmp redirect message to h1 while h1 is configured with r1 as default gateway . Will h1 change its default gateway considering the fact h1 is configured with r1 as default gateway." It should have been" r1 sends the icmp redirect message to h1 while h1 is configured with with r1 as default gateway. . Will h1 change its default gateway to r2?

Here is my understanding.

host such as windows xp uses this logic to decide whether to send packet to default gateway or not. h1 first checks if the destination ip is on the same subnet/network like h1., if not h1 concludes it has to send this packet to default gateway. Being host, h1 should not have any routing table or more specific route. All it should have its own ip address, dns,default gateway etc.

I am sorry for the confusion and greatly appreciate your help.But iam not going away without finding out if h1 will change its default gateway to r2 as in mentioned in the above case. once again thanks a lot.

Jon Marshall · ‎04-24-2010

Sarah

Being host, h1 should not have any routing table or more specific route. All it should have its own ip address, dns,default gateway etc.

Correct in normal circumstances a host will only have a default route or default-gateway if you like. But there is nothing stopping a host adding routes to it's routing table even if it's not running a dynamic routing protocol. For example you can add routes manually on a windows machine with the "route add ....." command from a DOS prompt.

So routes can be added to hosts, it's just that they normally only have a default-gateway. The ICMP redirect will only be for a specific destination route so in your example h1 will now have 2 routes, 1 specific host route pointing to R2 and one default route pointing to R1. The default route does not change from R1.

Jon

sarahr202 · ‎04-24-2010

Thanks Jon for being patient.

This is what i understand.

Al though h1 is configured with r1 as default gateway, if host1 sends a packet say to host h3, and host1 receives the icmp redirect message from r1 asking h1 to use r2 as default gateway to send packet to h3 next time. host1 will create a route in its routing table for that specific destination. Next time if h1 has to send a packet to h3, it will look up its routing table and use that more specific route"

In nutshell, host can have routes in its routing table. routes can be added to its routing table using Add command or it can be created dynamically as was the case in our scenario where h1 upon receiving icmp redirect message from r1, creates a more specific entry in its routing table.

Is my understanding correct?

Jon Marshall · ‎04-25-2010

sarahr202 wrote:

Thanks Jon for being patient.

This is what i understand.

Al though h1 is configured with r1 as default gateway, if host1 sends a packet say to host h3, and host1 receives the icmp redirect message from r1 asking h1 to use r2 as default gateway to send packet to h3 next time. host1 will create a route in its routing table for that specific destination. Next time if h1 has to send a packet to h3, it will look up its routing table and use that more specific route"

In nutshell, host can have routes in its routing table. routes can be added to its routing table using Add command or it can be created dynamically as was the case in our scenario where h1 upon receiving icmp redirect message from r1, creates a more specific entry in its routing table.

Is my understanding correct?

Sarah

No problem, it's important to understand things properly

Your summary is spot on.

Jon

sarahr202 · ‎04-25-2010

Thanks Jon. Hope to see you again with more questions on next weekend for sure or during next week if time permits.

deepak23 · ‎11-10-2017

Hi Jon,

I have one observation which i can't explain to others regarding icmp redirect.

I have added a network route to host H1 for destination D1 for icmp redirect through redirect router R2. As usual, host H1(IPPhone) is connected to both R1 and R2 in the same network. Also R1 is the default gateway for H1(Disabled dhcp and statically configured IP settings to make this setup).

So, in my case the icmp ip packet sequence(obtained via wireshark) for the first two packets is as follows(for ping from H1 to D1):

A) First ping request from H1 TO D1:

1) H1 ==> R1

2) R1 ==> H1

(The 2nd sequence is the Network Redirect packet from R1 to H1 indicating that H1 should use R2 as redirect router for D1)

3) R1 ==> R2

(3rd sequence being Packet forwarded to R2)

B) Second ping request from H1 TO D1:

1) H1 ==> R1

2) R1 ==> H1

(The 2nd sequence is the Network Redirect packet from R1 to H1 indicating that H1 should use R2 as redirect router for D1)

3) R1 ==> R2

(3rd sequence being Packet forwarded to R2)

4) H1 ==> R2

(Packet from H1 now routed through R2 directly)

The third & subsequent icmp ping sequences are like this:

H1 ==> R2 (Packet from H1 now routing directly through R2)

In the above sequence, why does the second ping packet still goes to R1 instead of directly going to R2 as in the third and subsequent sequences.

Thanks a lot. I a very new to networking, so please pardon for any faults at my end while asking the question.

Best Regards,

Deepak

lamav · ‎04-25-2010

Sarah:

You should realize that well-designed networks do not typically rely on the icmp redirects. ICMP redirects are useful but only in as much as they expose the inefficiecy of a network's traffic flow and design.

Let's take a simple example.

In most enterprise deployments, users on a LAN will point to a virtual default gateway. In other words, HSRP, VRRP or GLBP is being used to provide gateway redundancy and failover for hosts on a LAN. In that case, all the routers in the failover group should have the exact same routes in their routing tables. More specifically, those routes must never point to another router in the group.

Remember that, because the host is being configured to use any of those routers as its default gateway (it uses the virtual gateway address), there should be no adverse consequence to using any router in the group when it comes to route path efficiency, traffic load and reliability. If there is, and icmp rediects are being used, you have a bad design.

I wanted to write a lot more when I ran into this document that covers most of what I wanted to tell you anyway, so please have a read of it.

http://www.cymru.com/gillsr/documents/icmp-redirects-are-bad.pdf

HTH

Victor

sarahr202 · ‎04-25-2010

Thanks Victor. It is nice seeing you again.

Jon Marshall · ‎04-25-2010

Victor

Nice post and congrats on the new star !!

Jon

lamav · ‎04-25-2010

Sarah:

It's nice seeing you, too. I'm very happy that you're still so enthusiastic about learning. Excellent work. And I like your questions very much because they make me revisit and rethink a lot of things that I have learned to take for granted as time has gone by.

Jon:

Thanks, buddy. I didn't realize I had a new star until you mentioned it just now. I think it just happened with the points I got from you guys!

Victor

sarahr202 · ‎04-25-2010

Thanks victor. I really appreciate all of you guys going extra mile to answer my questions.