Re: Getting "ICMP Host redirect from gateway" response

Hello,

get "ICMP Host redirect from gateway" response ?

You would have to misconfigure the networking configuration. One way to
screw up this way is to provide _host_ routes using a gateway, such as


I tried and succeeded in getting a REDIRECT response, but I still have
a
little question:
I added a route with 192.168.0.10 as a gateway to a local host
(192.168.0.121).
with netmask 255.255.255.255.
192.168.0.10 a linux machine which supports sending redirects and
forwarding.

route -n shows the new entry:
192.168.0.121 192.168.0.10 255.255.255.255 UGH 0 0
0 eth0

I tried PING to 192.168.0.121 and got REDIRECT:

p -v 192.168.0.121 PING 192.168.0.121
(192.168.0.121) 56(84) bytes of data.
From 192.168.0.10: icmp_seq=1 Redirect Host(New nexthop:
192.168.0.121)
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst Data
4 5 00 5400 0000 0 0040 3f 01 22b9 192.168.0.189
192.168.0.121
64 bytes from 192.168.0.121: icmp_seq=1 ttl=64 time=1.52 ms


Running traceroute 192.168.0.121 shows that the packets go directly
to
192.168.0.121 and NOT to 192.168.0.10 as a result from this redirect,
as
expected.
Also following "ping -v 192.168.0.121" does not get
the "HOST REDIRECT" response. However, I expected that
the routing table will be updated as a result and a new entry with the
"D" flag
will be inserted, and it did not happen. The routing table stayed the
same,
as route -n shows. To be more specific:


according to "man route":
Flags: Possible flags include:
D (dynamically installed by daemon or redirect)
M (modified from routing daemon or redirect)
There is an example in chapter 9,
"9.5 ICMP Redirect Errors", of "TCP/IP Illustrated - Volume 1
The Protocols" by W. Richard Stevens.

According to this example, the routing table is added a new entry
after getting such a REDIRECT. This entry has a "D" flag.
....
....
140.252.13.35 140.252.1.183 HGHD 0 2
....


Why this did not happen in my case ? shouldn't the routing table
changed in my case ?

Regards,
Ian

On May 30, 3:39 am, ibupro...@xxxxxxxxxxxxxxxxxxxxxx (Moe Trin) wrote:
On 29 May 2007, in the Usenet newsgroup comp.os.linux.networking, in article

<1180440763.168583.236...@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>, ian...@xxxxxxxxx wrote:
I am connected to a LAN which has addresses in the range
192.168.0.10-192.168.0.253.
The default gw is 192.168.0.254 and is conneted outside to the
internet:

OK

I want to be able to ping machines and get "ICMP Host redirect from
gateway"
(for learning more about ICMP redirects).

0792 Internet Control Message Protocol. J. Postel. September 1981.
(Format: TXT=30404 bytes) (Obsoletes RFC0777) (Updated by RFC0950)
(Also STD0005) (Status: STANDARD)

1812 Requirements for IP Version 4 Routers. F. Baker, Ed.. June 1995.
(Format: TXT=415740 bytes) (Obsoletes RFC1716, RFC1009) (Updated by
RFC2644) (Status: PROPOSED STANDARD)

and from RFC1812, we find

4.3.3.2 Redirect

The ICMP Redirect message is generated to inform a local host that it
should use a different next hop router for certain traffic.

Contrary to [INTRO:2], a router MAY ignore ICMP Redirects when
choosing a path for a packet originated by the router if the router
is running a routing protocol or if forwarding is enabled on the
router and on the interface over which the packet is being sent.

and

5.2.7.2 Redirect

The ICMP Redirect message is generated to inform a local host the it
should use a different next hop router for a certain class of
traffic.

Routers MUST NOT generate the Redirect for Network or Redirect for
Network and Type of Service messages (Codes 0 and 2) specified in
[INTERNET:8]. Routers MUST be able to generate the Redirect for Host
message (Code 1) and SHOULD be able to generate the Redirect for Type
of Service and Host message (Code 3) specified in [INTERNET:8].

followed by about a page of discussion/explanation.

I made some trials but could not achieve this.

A _host_ redirect (ICMP Type 5 Code 1) would occur when you send traffic
_for_ one of the local hosts (192.168.0.10-192.168.0.253 in your example),
but send it to the default gateway (192.168.0.254) and expect it to
deliver the packet. The gateway will get unhappy, and send the redirect
trying to tell you "don't send it to me - send it directly to the host
which is on this same wire". This occurs when the person who set up the
routing tables made an error. This error is generated when the router
notices that the packet it received on interface $FOO is going to be sent
back out using the same interface. "Why are you wasting _my_ time?".

Can anybody suggest a senario where as a result of a ping (it can be
of course to a machine on the internet or a machine in the LAN) I will
get "ICMP Host redirect from gateway" response ?

You would have to misconfigure the networking configuration. One way to
screw up this way is to provide _host_ routes using a gateway, such as

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 4198 eth0
192.168.0.10 192.168.0.254 255.255.255.255 UGH 0 0 56 eth0
192.168.0.11 192.168.0.254 255.255.255.255 UGH 0 0 56 eth0
192.168.0.12 192.168.0.254 255.255.255.255 UGH 0 0 56 eth0
default 192.168.0.254 0.0.0.0 UG 0 0 10 eth0

In routing tables, when there are multiple routes to the same place, the
route with more bits in the network mask wins. Metric may also be a factor
and here I've intentionally set the metrics to zero. Note that if there
are two or more routes to the same place, with the same network mask and
the same metric, then the _last_ route specified wins.

Regarding ICMP Redirects, you should be aware that many operating systems
_ignore_ redirects - because this has been used in Denial Of Service
attacks in the past. Really, you shouldn't see them that often anyway, as
this generally occurs because of intentional configuration errors. ICMP
_Network_ Redirections (type 5 code 0) is generally the result of setting
the wrong gateway value in a routing table. An example might be

Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 89948 eth0
192.168.2.0 192.168.1.6 255.255.255.0 UG 0 0 32165 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 388 lo
0.0.0.0 192.168.1.248 0.0.0.0 UG 0 0 2673 eth0

If you sent packets destined for 192.168.2.x to 192.168.1.248 for
forwarding, that router would complain, and tell you to use 192.168.1.6
as the gateway for this route. For this to occur, the mis-configured
host would be lacking the second route, and assume that everything not
local goes to 192.168.1.248.

Old guy


.

Relevant Pages

  • Re: Getting "ICMP Host redirect from gateway" response
    ... The ICMP Redirect message is generated to inform a local host that it ... should use a different next hop router for certain traffic. ... but send it to the default gateway and expect it to ...
    (comp.os.linux.networking)
  • Re: routing - newbie-question
    ... there because they have to use a gateway to do so. ... to that host. ... Well doesn't look like a private subnet behind SERV1. ... Try pinging the host with your normal route config. ...
    (comp.os.linux.networking)
  • Re: How to set default gw not by route command in linux?
    ... The developers of pppd made the arbitrary choice to have the 'defaultroute' option create the default route with the peer address as the gateway, ... The NAS advertises for itself the same address on all PPP links, so the host sees the same peer address on both links. ...
    (comp.os.linux.networking)
  • Re: Getting "ICMP Host redirect from gateway" response
    ... I added a route with 192.168.0.10 as a gateway to a local host ... I tried PING to 192.168.0.121 and got REDIRECT: ... I can't say - you'd have to look at the kernel source (depending, ...
    (comp.os.linux.networking)
  • Re: (more) the coffee house broke my auto
    ... Is the IP address of your gateway actually ... route 2 network: route add default gw outer and route private network ... host in private network zone set this: ...
    (Debian-User)