Monday, 19 October 2015

1.1d (i) ICMP unreachable, redirect

ICMP unreachable

Internet Control Message Protocol (ICMP)is used to communicate to the source host if any errors occured during the routing of packets.

An ICMP unreachable message is generated and sent back to the sender to inform it that the destination is unreachable.

The IP header plus the first 8 bytes of the original data is sent back to the source host, below some situations where this behavior is seen:

If the gateway has no next hop information to match the destination address on the IP packet or the distance to such network is infinte(i.e. 255) the gateway may send a destination unreachable message to the source host. Also, when fragmentation is needed for the do not fragment flag is set in the packet an ICMP unreachable is going to be sent back to the source host.


Below some ICMP code types:


Type Name     Reference
---- -------------------------  ---------
  0 Echo Reply     [RFC792]
  1 Unassigned        [JBP]
  2 Unassigned        [JBP]
  3 Destination Unreachable    [RFC792]
  4 Source Quench      [RFC792]
  5 Redirect     [RFC792]
 
In this case the ICMP code type 3 is used on the returning packet.
Below an screenshot of a packet capture where the ICMP type code 3 is being used
by the gateway.
 
 
 

ICMP Redirect

ICMP redirect messages are used by the gateway to inform the source host of a better route to the destination is available. For these messages to be sent by the gateway, the below conditions have to be met:

  • The interface on which the packet comes into the router is the same interface on which the packet gets routed out.
  • The subnet or network of the source IP address is on the same subnet or network of the next-hop IP address of the routed packet.
  • The datagram is not source-routed.
  • The kernel is configured to send redirects. (By default, Cisco routers send ICMP redirects. The interface subcommand no ip redirects can be used to disable ICMP redirects.) 

    Below an important fact to remember when configuring HSRP on a cisco router:
    ICMP redirects are disabled by default if Hot Standby Router Protocol (HSRP) is configured on the interface. In Cisco IOS Software Release 12.1(3)T and later, ICMP Redirect is allowed to be enabled on interfaces configured with HSRP.