About Gandlaf

30 Temmuz 2014 Çarşamba

ICMP Redirect

The ICMP Redirect

You will not find this very often … sometimes, you will come across a network where there are two routers on the same broadcast segment, each responsible for different networks. So how do you get your hosts to know which gateway should they use? You could setup two default gateways – both Windows and Linux allow that. However, you could also rely on ICMP Redirects – this feature is enabled by default on Cisco routers.
I will be working on the following topology:
icmp-redirect-img01
Host1 is set with one single gateway of 192.168.1.254 (Router1). When Host1 tries to reach Host4 by sending a ping to 192.168.3.4, Host1 identifies the destination IP is not on the same LAN so it sends to its default gateway. Router1, knows how to reach 192.168.3.0 network through Router2. – so Router1 forwards the packet to Router2 -it does so by using the same interface as where the packet was received! This will then trigger Router1 sending the ICMP Redirect message to Host1 saying – “Next time you need to send a packet to 192.168.3.0 network, just use Router2 straight, since it’s on the same segment as I am!
Notice this is different from standard routing where the normally, Router1 would forward the traffic out to another router, only this time, using another interface and not the same interface on which the packet was received!

Let’s see this in action …
The routing table on Host1 and Router1 look like this:
icmp-redirects-img-02
You can see that Router1 routes packets for network 192.168.3.0 through 192.168.1.253 (Router2); also, Host1 routes any packet through its default gateway which is set to 192.168.1.254 (Router1). Let’s send a ping to 192.168.3.1 now …
icmp-redirect-img03
Router1 receives the packet since it is the default gateway to Host1; Router1 then forwards the packet to Router2 as per it’s own routing table; in doing so, it used the same interface on which the same packet was received – so Router1 will also send a redirect message to the sender. As a result, you can see that Host1, automatically adds a route in its routing table pointing to 192.168.1.253 – despite its default gateway being 192.168.1.254!
Next time Host1 sends a packet to host 192.168.3.1, it will use the gateway of 192.168.1.253.
Notice also that the route added in Host1′s routing table, is a host route, not a network route. So clearly, this method presents a disadvantage – each host will have a route entry, even if they are part of the same network!

You can also disable this behaviour by using the interface command “no ip redirects“.


Gönderen zaman:

Hiç yorum yok:

Yorum Gönder

Kaydol: Kayıt Yorumları (Atom)