From my experience, if a Cisco router receives a packet on a particular
interface and then routes it out on the same interface, then it will send
the host that sent the packet an icmp redirect. It trying to tell the
sending host that there is a better route to the destination.
I had a server that was sending packets out to the default router. When I
added a second router, the icmp redirects from the default router adjusted
the routing table on my server (AIX 3.5) so that packets going to that
destination would go to the second router because that is where it would
eventually go to. That made future packets going to the final destination
save one router hop.
The only way I know to stop this from happening is to tweak the routing
table on your server. This is not to say that all icmp redirects are
benign. There are denial of service attacks out there that use icmp
redirects to flood your server or to mess up your routing tables.
Hope this helps....
-- Joe
At 04:39 PM 1/19/00 +0000, Gerardo Soto wrote:
>Hello everyone.
>
> How can I stop an icmp redirect , I mean , lately an icmp redirect
>message has been showing up in my logs. How bad is it ? How can I
>determine where it is beeing redirected and who is doing it ? Most
>importantly how can I stop it ?
>The message is as follows:
>
>
>server kernel: ICMP redirect from xxx.yyy.zzz.ccc which happens to my
>router.
>
>
> Any help will be deeply appreciated .
>
> Thanks !!!
>***************************************************************************
>****
>Ing. Gerardo Soto Casados
>Compu-Redes
>Labastida # 37 Esq. Tijuana
>San Martin Texmelucan Puebla
>Tel. y Fax (91248) 45-888
>e-mail: [EMAIL PROTECTED]
>http://www.compu-redes.net.mx
>***************************************************************************
>****
>
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
