Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

ICMP redirects

All,

I'm revisiting a redirect problem that I had in the past and I'm starting to disable across all interfaces in our environment. I have a question though. Redirects were originally disabled in earlier versions of the IOS if HSRP was configured on that interface, but as of 12.1 (I know, still old) it enables redirects by default.

"

Usage Guidelines

Previously, if the Hot Standby Router Protocol (HSRP) was configured on  an interface, ICMP redirect messages were disabled by default for the  interface. With Cisco IOS Release 12.1(3)T, ICMP redirect messages are  enabled by default if HSRP is configured."

I've disabled redirects on my hsrp interfaces, but I'm wondering what type of an impact this is going to have should I need to failover? I know it shouldn't have "anything" to do with it, but my concern is that Cisco chose to enable by default for some reason. Does anyone know why?


Thanks,

John

HTH, John *** Please rate all useful posts ***
1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Blue

Re: ICMP redirects

j.blakley wrote:

All,

I'm revisiting a redirect problem that I had in the past and I'm starting to disable across all interfaces in our environment. I have a question though. Redirects were originally disabled in earlier versions of the IOS if HSRP was configured on that interface, but as of 12.1 (I know, still old) it enables redirects by default.

"

Usage Guidelines

#

Previously, if the Hot Standby Router Protocol (HSRP) was configured on  an interface, ICMP redirect messages were disabled by default for the  interface. With Cisco IOS Release 12.1(3)T, ICMP redirect messages are  enabled by default if HSRP is configured."

I've disabled redirects on my hsrp interfaces, but I'm wondering what type of an impact this is going to have should I need to failover? I know it shouldn't have "anything" to do with it, but my concern is that Cisco chose to enable by default for some reason. Does anyone know why?


Thanks,

John

John

It won't affect failover between the routers using the same HSRP group because the end devices only see the VIP and virtual mac and so they will fail over correctly.

As for why it iwas disabled, bit isn't now have a read of the overview in this doc which explains it better than i can ! -

HSRP ICMP redirects

Jon

5 REPLIES
Hall of Fame Super Blue

Re: ICMP redirects

j.blakley wrote:

All,

I'm revisiting a redirect problem that I had in the past and I'm starting to disable across all interfaces in our environment. I have a question though. Redirects were originally disabled in earlier versions of the IOS if HSRP was configured on that interface, but as of 12.1 (I know, still old) it enables redirects by default.

"

Usage Guidelines

#

Previously, if the Hot Standby Router Protocol (HSRP) was configured on  an interface, ICMP redirect messages were disabled by default for the  interface. With Cisco IOS Release 12.1(3)T, ICMP redirect messages are  enabled by default if HSRP is configured."

I've disabled redirects on my hsrp interfaces, but I'm wondering what type of an impact this is going to have should I need to failover? I know it shouldn't have "anything" to do with it, but my concern is that Cisco chose to enable by default for some reason. Does anyone know why?


Thanks,

John

John

It won't affect failover between the routers using the same HSRP group because the end devices only see the VIP and virtual mac and so they will fail over correctly.

As for why it iwas disabled, bit isn't now have a read of the overview in this doc which explains it better than i can ! -

HSRP ICMP redirects

Jon

Re: ICMP redirects

As always Jon, you're awesome! Thanks!

HTH, John *** Please rate all useful posts ***
Cisco Employee

Re: ICMP redirects

Hi John,

The IOS support for ICMP Redirects on HSRP-enabled interfaces has been significantly improved (and obfuscated as well, as could be expected ) which is the reason why the ICMP Redirect feature is enabled on HSRP-enabled interfaces.

You may want to read the following article:

http://www.cisco.com/en/US/docs/ios/ipapp/configuration/guide/ipapp_hsrp_ps6350_TSD_Products_Configuration_Guide_Chapter.html#wp1093370

It discusses the rationale behind the ICMP Redirects with HSRP and also the special handling of ICMP Redirect messages. I suggest reading this document first to see how the redirects are handled. Not exactly an easy reading, though.

Best regards,

Peter

Cisco Employee

Re: ICMP redirects

Oops,

Sorry guys - I appear to be only repeating what Jon has already answered. I seem to have been late at hitting my "Post answer" button Anyway - Jon, great answer as always!

Best regards,

Peter

Re: ICMP redirects

Thanks Peter!

HTH, John *** Please rate all useful posts ***
405
Views
5
Helpful
5
Replies
CreatePlease to create content