Why is Linux sending icmp redirects...

To: debian-isp@lists.debian.org
Subject: Why is Linux sending icmp redirects...
From: Christian Hammers <ch@debian.org>
Date: Thu, 20 Nov 2003 12:06:04 +0100
Message-id: <[🔎] 20031120110604.GD13120@westend.com>

Hello

It seems that my linux router is sending icmp redirect messages to a
host telling him that it should use a gateway which is not on the same
ip subnet. According to http://www.faqs.org/rfcs/rfc792.html this is
not valid and so I'm wondering.  

The problem occured when two hosts (.66.54 and .77.18) from two different
ip networks were connected on the same vlan on my linux router (.66.53).
During this time both were reachable from the internet but not from eachother.
One of the hosts received the following in its logfile:

(addresses slightly anonymized and reformatted to ease reading)
Nov 12 07:23:46 xxx kernel: SuSE-FW-DROP-ICMP 
	IN=eth2 OUT=

	MAC=00:00:c0:96:98:fa : 00:02:b3:96:57:d7 : 08:00 (dst:src verified)
	SRC=111.111.66.53 DST=111.111.66.54 

	LEN=124 TOS=0x00 PREC=0xC0 TTL=64 ID=14493 

	PROTO=ICMP TYPE=5 CODE=1 
	GATEWAY=111.111.77.18 

	[SRC=111.111.66.54 DST=111.111.77.18
	LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=50043 
	PROTO=ESP SPI=0x3e3556b ]

Any ideas?

bye,

-christian-

Reply to:

Follow-Ups:
- Re: Why is Linux sending icmp redirects...
  - From: Donovan Baarda <abo@minkirri.apana.org.au>

Prev by Date: RE: E-Center in PHP and Payments per Credit-Cards
Next by Date: Re: Mylex ExtremeRAID 1100
Previous by thread: Re: apt-get bcm5700-module-2.4.18
Next by thread: Re: Why is Linux sending icmp redirects...
Index(es):
- Date
- Thread