ICMP redirect uses?

FrankGuthrie

From what I gather ICMP redirect is done when a gateway get an message which might have a destination same broadcast domain.

So for me ICMP redirect should always be turned off, because this implies that incorrectly configure devices will not be located/identified.

So why do we even have this feature?

iproute.se

If you have multiple routers in the same LAN (R1&R2) and your PC (H1) is sending non-local traffic to R1 which in turn sends it to R2 based on its routing table then it would be better off if your PC sent it directly to R2 therefor R1 will issue an ICMP redirect telling you to do so.

This figure will you show an example

FrankGuthrie

bump upp

FrankGuthrie

iproute.se wrote: »

If you have multiple routers in the same LAN (R1&R2) and your PC (H1) is sending non-local traffic to R1 which in turn sends it to R2 based on its routing table then it would be better off if your PC sent it directly to R2 therefor R1 will issue an ICMP redirect telling you to do so.

This figure will you show an example

So basically R2 has a shorter path?

iproute.se

FrankGuthrie wrote: »

So basically R2 has a shorter path?

Yes in this case, not a good design though. If you have redundant routers on your LAN you would like to have the same cost to any remote network to avoid this scenario. ICMP redirects is usually not something you would like to see.

FrankGuthrie

iproute.se wrote: »

Yes in this case, not a good design though. If you have redundant routers on your LAN you would like to have the same cost to any remote network to avoid this scenario. ICMP redirects is usually not something you would like to see.

Ah ok, I was looking for any reason as to use it. Got any? Would there be design you would still use this?

iproute.se

To quote Richard Stevens
"A common use for redirects is to let a host with minimal routing knowledge build up a better routing table over time. The host can start with only a default route (either R1 or R2 from our example in Figure 9.3) and anytime this default turns out to be wrong, it'll be informed by that default router with a redirect, allowing the host to update its routing table accordingly. ICMP redirects allow TCP/IP hosts to be dumb when it comes to routing, with all the intelligence in the routers. Obviously R1 and R2 in our example have to know more about the topology of the attached networks, but all the hosts attached to the LAN can start with a default route and learn more as they receive redirects."

FrankGuthrie

iproute.se wrote: »

To quote Richard Stevens
"A common use for redirects is to let a host with minimal routing knowledge build up a better routing table over time. The host can start with only a default route (either R1 or R2 from our example in Figure 9.3) and anytime this default turns out to be wrong, it'll be informed by that default router with a redirect, allowing the host to update its routing table accordingly. ICMP redirects allow TCP/IP hosts to be dumb when it comes to routing, with all the intelligence in the routers. Obviously R1 and R2 in our example have to know more about the topology of the attached networks, but all the hosts attached to the LAN can start with a default route and learn more as they receive redirects."

Thanks for the reply, but this example also looks like a non preferred scenario. I;m looking for a valid reason to use it.

iproute.se

FrankGuthrie wrote: »

Thanks for the reply, but this example also looks like a non preferred scenario. I;m looking for a valid reason to use it.

You need to understand that it's not something you need/want to implement, it's part of TCP/IP and already implemented. ICMP is used for errors (TTL expired etc) and information (ICMP Echo Response, Redirect) not a protocol you implement. ICMP redirect is just a way to tell you that you have problems to fix.

Protocols you want to implement may include OSPF for routing, HSRP for gateway redundancy, Spanning-Tree for loop avoidance etc. ICMP is just part of IP that you get whether you want it or not.