ICMP redirect messages are used by
routers to notify the hosts on the data link that a better route is available
for a particular destination.
Here is the following network topology:
All routers are configured in the same broadcast domain – 10.1.123.0/24
R1 MAC Address – c0:00:14:98:00:00
R2 MAC Address – c0:01:14:98:00:00
R3 MAC Address – c0:02:14:98:00:00
I have disabled R3 routing capabilities (no ip routing) and
configured a default static route to R1,
R1 is configured with default static route to R2 while R2 is
configured with default static route to R1.
ICMP redirect is enabled:
When trying to send ICMP request from R3 to 192.168.21.1 the
following will happen:
1.
R3 will send an ARP request
message for 10.1.123.1 (his default gateway)
2.
R1 will answer with an ARP
replay message to R3
3.
R3 will send tan ICMP request
for IP 192.168.21.1 to R1
4.
R1 will send an ICMP
redirect to R3
5.
R3 will send an ARP request
message for 10.1.123.2
6.
R2 will answer with an ARP
replay message to R3
7.
R3 will send an ICMP
request for IP 192.168.21.1 to R2
8.
R2 will send an ICMP replay
message to R3
In the ICMP redirect we can see the source and destination
and the new gateway address which will send in response:
What will happen if I will disable IP redirect?
ICMP redirect is disabled:
I have configured R1 Fa0/0 with no ip redirect command and
clear the arp table of R3 then I sent another ICMP request to 192.168.21.1 and
this is what happens:
1.
R3 will send an ARP request
message for 10.1.123.1 (his default gateway)
2.
R1 will answer with an ARP replay message to
R3
3.
R3 will send to R1 an ICMP
request for IP 192.168.21.1
4.
R1 will send an ARP request
message for IP 10.1.123.2
5.
R2 will answer with an ARP
replay message to R1
6.
R1 will send an ICMP request
to R2 with source MAC address of R1 destination MAC address of R2, source IP
address of R3 and destination IP address of R2
7.
R2 will send an ARP request
message for 10.1.123.3
8.
R3 will answer with an ARP
replay message to R2
9.
R2 will send an ICMP replay
to R3
The first ICMP request is from R3 to R1:
note the MAC addresses - source is R3 destination is R1
The second ICMP request is from R1 to R2:
Note the MAC addresses - source is R1 destination is R2,
and the IP addresses - source is R3 and destination is R2
This capture has been made on R1 Fa0/0 link and that's the reason we can't see R2 replies.
Cisco routers send ICMP redirects when all of these
conditions are met:
-
The interface on which the
packet comes into the router is the same interface on which the packet gets
routed out.
-
The subnet or network of
the source IP address is on the same subnet or network of the next-hop IP
address of the routed packet.
-
The datagram is not source-routed
.
-
The kernel is configured to
send redirects. (By default, Cisco routers send ICMP redirects. The interface
subcommand no ip
redirects can be used to disable ICMP redirects.)
Note: ICMP redirects are
disabled by default if Hot Standby Router Protocol (HSRP) is configured on the
interface. In Cisco IOS Software Release 12.1(3)T and later, ICMP Redirect is
allowed to be enabled on interfaces configured with HSRP. For more information,
refer to HSRP Support
for ICMP Redirects section of Hot Standby
Router Protocol Features and Functionality.
For more information from Cisco web site:
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094702.shtml
No comments:
Post a Comment