Community discussions

MUM Europe 2020
 
prabinpps
just joined
Topic Author
Posts: 6
Joined: Fri Feb 13, 2015 12:59 pm
Location: Nepal
Contact:

icmp reply redirect host (new next hop [gatewayIP]

Tue Apr 05, 2016 12:16 pm

Hello,

I am having few problem with routing and I am unaware to solve this issue. There was no problem with the same configuration. I tried restoring backups too.

Problem : One of our server with public IP was down server times that led me to this. I have checked this with other system but same problem and found to be problem in routing, I guess. There is certain interval that our server is not accessible from public network (from internal, there is no any problem), and it comes up automatically. Also If I restart network service it works. Then I tried tracing then it stopped @ our Mikrotik router. I ping our router and gateway, there is no problem in getting reply. But then I ping our ISP DNS and google DNS as well, then I get icmp reply like:

"From [A IP] icmp_seq=11 Redirect HostFrom [A IP: icmp_seq=11 Redirect Host (new nexthop: B IP)"

Model : CRS125-24G-1S-2HnD
Version: 6.32.4
Server: CentOS 7
A IP : Mikrotik IP
B IP : Gateway IP

I am sure of routing problem but as I am not experienced with this routing... need help !

Thanks
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4051
Joined: Wed May 11, 2011 6:08 pm

Re: icmp reply redirect host (new next hop [gatewayIP]

Tue Apr 05, 2016 5:20 pm

It sounds like your network looks something like this:
figure1.png
... where the black arrows represent what the default GW is set to be.

If my drawing is correct, then the problem is that your server is trying to use the wrong device as the default gateway, and the Mikrotik is telling the server to use the Internet router instead. Probably the Mikrotik is doing some NAT on the traffic that's being "bounced" off of the Mikrotik from the server, and whenever the server decides to use the ICMP-redirected route, the NAT gets broken or something like that -

It's hard to say for sure exactly what's going on in your case without more details, but in general, the diagram shows a bad configuration. The host's default GW should be the Internet router, not the Mikrotik. If you're trying to access the server without any NAT, then create a static route in the host that points to the LAN's IP range, and uses the Mikrotik's IP as the gateway, but leave the default GW set to be the Internet router.
You do not have the required permissions to view the files attached to this post.
When given a spoon,
you should not cling to your fork.
The soup will get cold.
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4051
Joined: Wed May 11, 2011 6:08 pm

Re: icmp reply redirect host (new next hop [gatewayIP]

Tue Apr 05, 2016 5:35 pm

Here's what the diagram would look like with the host configured as I suggested:
figure2.png
You do not have the required permissions to view the files attached to this post.
When given a spoon,
you should not cling to your fork.
The soup will get cold.
 
SystemErrorMessage
Member
Member
Posts: 378
Joined: Sat Dec 22, 2012 9:04 pm

Re: icmp reply redirect host (new next hop [gatewayIP]

Tue Apr 05, 2016 7:03 pm

i've seen this happen with a hotspot and you have a gateway behind it as i've seen it happen with my ISP. They verify by mac and perform NAT filtering to prevent any device behind a NAT or unauthorised from connecting to internet.
 
prabinpps
just joined
Topic Author
Posts: 6
Joined: Fri Feb 13, 2015 12:59 pm
Location: Nepal
Contact:

Re: icmp reply redirect host (new next hop [gatewayIP]

Wed Jun 29, 2016 1:46 pm

Here's what the diagram would look like with the host configured as I suggested:

figure2.png
Worked for me. Thanks
 
harjeetv
just joined
Posts: 9
Joined: Tue Jan 23, 2018 2:40 pm
Location: India
Contact:

Re: icmp reply redirect host (new next hop [gatewayIP]

Sun Dec 01, 2019 6:14 am

Sorry to bump an old thread, but i am also in the same situation. Can you please post the solution again as it is not available anymore.

Who is online

Users browsing this forum: No registered users and 15 guests