ICMP redirect messages are used by routers to inform hosts that there is a better next hop to reach a certain destination. Take a look at the following topology for an example:
Let me explain the topology above:
- R1, R2 and the host are connected to the 192.168.12.0 /24 network.
- R1 is connected to an ISP to reach the Internet, it will use a default route to get there.
- R2 is connected to R3, there’s a server behind R3 that is reachable at IP address 184.108.40.206.
- R1 uses a static route to reach 220.127.116.11.
- Hosts on the 192.168.12.0 /24 network will use R1 as their default gateway.
Whenever our host tries to reach 18.104.22.168 then it will send its packets to its default gateway. R1 however has a static route for this destination that points to R2.
This is a bit pointless since packets from the host will enter and exit the same interface on R1. To prevent this from happening, our routers can use ICMP redirect.
When R1 receives IP packets from the host with 22.214.171.124 as its destination then it will send an ICMP redirect message telling the host to use R2 as their gateway for this destination. Most hosts will respect these ICMP messages and will use R2 to reach 126.96.36.199 from now on.
Cisco IOS routers will send ICMP redirects when the following conditions are met:
- The IP packet should be received and transmitted on the same interface.
- The source IP address of the incoming packet should be on the same subnet as the new next hop IP address.
- The IP packet doesn’t use source routing.
- ICMP redirect has to be enabled, on Cisco IOS routers this is enabled by default.
Let’s take a look at some configuration examples so you can see how this works. I’ll use the following topology for this:
I will use the same topology but I’ve added a couple of hosts:
- Windows 8 host
- Linux host
- Cisco router as host (IP routing disabled)
Let’s see how these hosts act when they receive an ICMP redirect.
First let me show you the routing tables of R1 and R2:
R1#show ip route static | begin via S* 0.0.0.0/0 [1/0] via 192.168.14.4 188.8.131.52/32 is subnetted, 1 subnets S 184.108.40.206 [1/0] via 192.168.12.2
R1 has two static routes, a default route and an entry for 220.127.116.11. Here’s R2:
R2#show ip route static | begin via S 18.104.22.168 [1/0] via 192.168.23.3
R2 only has a static route for 22.214.171.124 with R3 as its next hop.
Let’s enable ICMP debugging on R1, this will show us when R1 is sending ICMP redirects:
R1#debug ip icmp ICMP packet debugging is on
Now let’s generate some traffic from our hosts.
We will start with the Windows host. Let’s send a ping to 126.96.36.199:
C:Usersvmware>ping 188.8.131.52 Pinging 184.108.40.206 with 32 bytes of data: Reply from 220.127.116.11: bytes=32 time=4ms TTL=254 Reply from 18.104.22.168: bytes=32 time=1ms TTL=254 Reply from 22.214.171.124: bytes=32 time=2ms TTL=254 Reply from 126.96.36.199: bytes=32 time=2ms TTL=254 Ping statistics for 188.8.131.52: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 1ms, Maximum = 4ms, Average = 2ms
We don’t see anything spectacular on the host but R1 generates the following message:
How to disable the ip redirect (receive) in Router acting as a host?
Hmm good question, I’m not sure if there is a command for it to disable this. You might be able to filter the incoming ICMP redirect message with an access-list, that could do the trick.
This is an exception situation btw, IP routing has to be disabled on the router which is not a common thing to do.
The IP redirect only redirect ICMP? Any other protocol will redirect other than this?
When you receive an ICMP redirect then it will apply to all IPv4 traffic.