Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1090
Views
5
Helpful
5
Replies

ICMP redirects

Go to solution
John Blakley
VIP Alumni
VIP Alumni

‎09-13-2010 06:39 AM - edited ‎03-06-2019 12:56 PM

All,

I'm revisiting a redirect problem that I had in the past and I'm starting to disable across all interfaces in our environment. I have a question though. Redirects were originally disabled in earlier versions of the IOS if HSRP was configured on that interface, but as of 12.1 (I know, still old) it enables redirects by default.

"

Usage Guidelines

Previously, if the Hot Standby Router Protocol (HSRP) was configured on  an interface, ICMP redirect messages were disabled by default for the  interface. With Cisco IOS Release 12.1(3)T, ICMP redirect messages are  enabled by default if HSRP is configured."

I've disabled redirects on my hsrp interfaces, but I'm wondering what type of an impact this is going to have should I need to failover? I know it shouldn't have "anything" to do with it, but my concern is that Cisco chose to enable by default for some reason. Does anyone know why?


Thanks,

John

HTH, John *** Please rate all useful posts ***
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎09-13-2010 06:49 AM 

j.blakley wrote:
All,
I'm revisiting a redirect problem that I had in the past and I'm starting to disable across all interfaces in our environment. I have a question though. Redirects were originally disabled in earlier versions of the IOS if HSRP was configured on that interface, but as of 12.1 (I know, still old) it enables redirects by default.
"
Usage Guidelines
#
Previously, if the Hot Standby Router Protocol (HSRP) was configured on  an interface, ICMP redirect messages were disabled by default for the  interface. With Cisco IOS Release 12.1(3)T, ICMP redirect messages are  enabled by default if HSRP is configured."
I've disabled redirects on my hsrp interfaces, but I'm wondering what type of an impact this is going to have should I need to failover? I know it shouldn't have "anything" to do with it, but my concern is that Cisco chose to enable by default for some reason. Does anyone know why?

Thanks,
John

John

It won't affect failover between the routers using the same HSRP group because the end devices only see the VIP and virtual mac and so they will fail over correctly.

As for why it iwas disabled, bit isn't now have a read of the overview in this doc which explains it better than i can ! -

HSRP ICMP redirects

Jon

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎09-13-2010 06:49 AM 

j.blakley wrote:
All,
I'm revisiting a redirect problem that I had in the past and I'm starting to disable across all interfaces in our environment. I have a question though. Redirects were originally disabled in earlier versions of the IOS if HSRP was configured on that interface, but as of 12.1 (I know, still old) it enables redirects by default.
"
Usage Guidelines
#
Previously, if the Hot Standby Router Protocol (HSRP) was configured on  an interface, ICMP redirect messages were disabled by default for the  interface. With Cisco IOS Release 12.1(3)T, ICMP redirect messages are  enabled by default if HSRP is configured."
I've disabled redirects on my hsrp interfaces, but I'm wondering what type of an impact this is going to have should I need to failover? I know it shouldn't have "anything" to do with it, but my concern is that Cisco chose to enable by default for some reason. Does anyone know why?

Thanks,
John

John

It won't affect failover between the routers using the same HSRP group because the end devices only see the VIP and virtual mac and so they will fail over correctly.

As for why it iwas disabled, bit isn't now have a read of the overview in this doc which explains it better than i can ! -

HSRP ICMP redirects

Jon

0 Helpful

Go to solution
John Blakley
VIP Alumni
VIP Alumni
In response to Jon Marshall

‎09-13-2010 06:51 AM

As always Jon, you're awesome! Thanks!

HTH, John *** Please rate all useful posts ***
0 Helpful

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎09-13-2010 06:53 AM

Hi John,

The IOS support for ICMP Redirects on HSRP-enabled interfaces has been significantly improved (and obfuscated as well, as could be expected ) which is the reason why the ICMP Redirect feature is enabled on HSRP-enabled interfaces.

You may want to read the following article:

http://www.cisco.com/en/US/docs/ios/ipapp/configuration/guide/ipapp_hsrp_ps6350_TSD_Products_Configuration_Guide_Chapter.html#wp1093370

It discusses the rationale behind the ICMP Redirects with HSRP and also the special handling of ICMP Redirect messages. I suggest reading this document first to see how the redirects are handled. Not exactly an easy reading, though.

Best regards,

Peter

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to Peter Paluch

‎09-13-2010 07:06 AM

Oops,

Sorry guys - I appear to be only repeating what Jon has already answered. I seem to have been late at hitting my "Post answer" button Anyway - Jon, great answer as always!

Best regards,

Peter

0 Helpful

Go to solution
John Blakley
VIP Alumni
VIP Alumni
In response to Peter Paluch

‎09-13-2010 07:07 AM

Thanks Peter!

HTH, John *** Please rate all useful posts ***
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card