Community discussions

 
conchalnet
Member Candidate
Member Candidate
Topic Author
Posts: 274
Joined: Thu Nov 03, 2005 1:44 pm
Location: Brazil

ICMP - redirect host (5:1)

Wed Jan 27, 2010 11:01 pm

Hi all!

I changed my FreeBSD gateway with a RB1000 (it's great).

After change it I started to receive some strange message on ping response sometimes when I "ping" a customer from my AP (not from the RB1000)

My structure is the follow:

internet------RB1000(GW)--------- RB433H(AP) ------- customers

Some information about my structure:
- The customers are on the network 200.X.X.0/24
- The administrative network is 192.168.1.0/24 (all RB that are working as AP are on this network)
- The RB1000 is working as gateway of my network and I'm using 2 NICs (eth1 and eth2)
- On the ETH2 of RB1000 I've the IPs 192.168.1.1 (gateway of the RBs) and 200.x.x.1 (gateway of the customers)
- On the ETH1 of RB1000 is connected with the internet
- The RB433 is working as AP and it's configurated as BRIDGE. I've 1 wireless card on this RB433 where the customers are registrated. On the RB433 I've the IP 192.168.1.2 and the gateway of it is 192.168.1.1.

I can 'ping' the customers from the RB433. But sometimes I've received the follow message from the gateway:
192.168.1.1 92 byte redirect host (5:1) time=4 ms

When my gateway was a FreeBSD I never received this message. The problem started after I change the FreeBSD with a RB1000.

Does someone know what's happening? Why do I receive the redirect icmp message?

Thanks in advanced
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 5839
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: ICMP - redirect host (5:1)

Thu Jan 28, 2010 9:38 am

You receive this message because icmp packet is sent and received through the same interface. What happens in your case is that AP does not know how to reach client directly. From AP packet is being sent to RB1000 and then RB1000 is routing back to AP and then to client.
If you don't like these messages you can drop them in firewall.
 
changeip
Forum Guru
Forum Guru
Posts: 3803
Joined: Fri May 28, 2004 5:22 pm

Re: ICMP - redirect host (5:1)

Thu Jan 28, 2010 9:45 am

you cannot drop these in the output chain on the source though correct? i have tried and failed...
Colo and Wholesale Bandwidth Available! Sales at SanDiegoBroadband dot com
 
conchalnet
Member Candidate
Member Candidate
Topic Author
Posts: 274
Joined: Thu Nov 03, 2005 1:44 pm
Location: Brazil

Re: ICMP - redirect host (5:1)

Thu Jan 28, 2010 3:03 pm

Hi guys, thanks for the replys!

I drop the response on the output chain of my RB1000.

I stranged it becau when the gw was a FreeBSD and never saw this message.

best regards!
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 5839
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: ICMP - redirect host (5:1)

Thu Jan 28, 2010 3:06 pm

I believe that FreeBSD disabled these messages in kernel.
 
User avatar
NetworkPro
Forum Guru
Forum Guru
Posts: 1369
Joined: Mon Jan 05, 2009 6:23 pm
Location: Worldwide
Contact:

Re: ICMP - redirect host (5:1)

Thu Feb 11, 2010 6:36 pm

OH MY GOD HOLY FUQING SHTIFFT !!

mrz, you do realize that this is a major problem these ICMP messages, right?

I have verified this to be a problem in the case when routing to+from same interface. A router having two networks on the interface, routing from one to the other. Verified v3.30 and v4.5 have the problem.

The problem actually consists of the slowing down or not delivering a service, when a client from the one subnet requests it from a server from the other. Because the router sends these ICMP redirect messages to the client, and obviously the client does not take these well ;)

MY GOOOOD HOW MANY PROBLEMS WE HAD BECAUSE OF THIS !!!!! TONS AND TONS AND THE WASTED TIME !!!!!!!!! GOD !!!!
wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service
 
changeip
Forum Guru
Forum Guru
Posts: 3803
Joined: Fri May 28, 2004 5:22 pm

Re: ICMP - redirect host (5:1)

Thu Feb 11, 2010 6:48 pm

this is normal routing stuff... even 15 years ago I would see the cisco boxes do this. If you route something back out the same interface it came in on then ICMP redirects should go out. Why hit the router if its on the same wire? Many clients these days will ignore them for security reasons. Now on the other hand, I have seen major memory leaks in Mikrotik because of this (when acting as a client to these messages). I still havent pinpointed that exactly.
Colo and Wholesale Bandwidth Available! Sales at SanDiegoBroadband dot com
 
User avatar
NetworkPro
Forum Guru
Forum Guru
Posts: 1369
Joined: Mon Jan 05, 2009 6:23 pm
Location: Worldwide
Contact:

Re: ICMP - redirect host (5:1)

Thu Feb 11, 2010 8:42 pm

Memory leaks? Seems like you are applying for a developer ;) How did you spot one ? :)
Why hit the router if its on the same wire?
Different subnets :) example - clients with public IPs and clients with private IPs :)
wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service
 
variable
Member Candidate
Member Candidate
Posts: 217
Joined: Wed Apr 13, 2005 4:36 am

Re: ICMP - redirect host (5:1)

Sat Nov 26, 2011 1:09 am

I have a network of:

(10.1.1.0/24)----[10.1.1.1=ROUTER-A=10.1.2.125]-----(10.1.2,3,4.0/24)[.1=ROUTER-B=]

Where Router A has Router B as it's gateway. If a host on 10.1.1.0/24 pings a host on 10.1.3.0/24 the first ping gets a reply, everything after fails. Looking into it more, after the first ping ROUTER-B sends an icmp redirect message to the host on 10.1.3.0/24, however as far as I can tell this is against the RFC (see below)
http://www.networksorcery.com/enp/proto ... p/msg5.htm
http://www.cisco.com/en/US/tech/tk365/t ... 4702.shtml
As ICMP redirect messages should only be sent if the host and the nexthop are on the SAME subnet, which they are not.

Browsing the forums I found that a rule dropping redirects would fix it and it does, but this appears to be non-rfc complaint?
/ip firewall filter
add action=drop chain=output disabled=no icmp-options=5:0-255 out-interface=\
    bridge1 protocol=icmp
Is this a bug in mt then?
 
User avatar
NetworkPro
Forum Guru
Forum Guru
Posts: 1369
Joined: Mon Jan 05, 2009 6:23 pm
Location: Worldwide
Contact:

Re: ICMP - redirect host (5:1)

Sat Nov 26, 2011 1:44 am

Oh, don't worry. Linux kernel does that and other things. Recently I discovered zombie IGMP frames coming out of the routers, when provoked with other IGMP frames. Just drop 'em if they interfere.
wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service
 
psycoclan1
Frequent Visitor
Frequent Visitor
Posts: 50
Joined: Mon Aug 11, 2008 4:30 pm
Location: England

Re: ICMP - redirect host (5:1)

Fri Jan 15, 2016 4:35 am

I get a similar message from ICMP. Can you give me an explanation of this message?

0 xxx.yyy.zzz.sss 84 64 53ms redirect host
0 xxx.yyy.zzz.sss 84 64 115ms redirect host
0 xxx.yyy.zzz.eee 56 255 125ms TTL exceeded
1 xxx.yyy.zzz.sss 84 64 0ms redirect host
1 xxx.yyy.zzz.eee 56 255 4ms TTL exceeded
2 xxx.yyy.zzz.sss 84 64 0ms redirect host
2 xxx.yyy.zzz.eee 56 255 4ms TTL exceeded
3 xxx.yyy.zzz.sss 84 64 0ms redirect host
3 xxx.yyy.zzz.eee 56 255 4ms TTL exceeded
4 xxx.yyy.zzz.sss 84 64 0ms redirect host
4 xxx.yyy.zzz.eee 56 255 4ms TTL exceeded
5 xxx.yyy.zzz.eee 56 255 135ms TTL exceeded
6 xxx.yyy.zzz.sss 84 64 0ms redirect host
6 xxx.yyy.zzz.eee 56 255 4ms TTL exceeded



Where :
xxx.yyy.zzz.eee is the IP of the provider


And xxx.yyy.zzz.sss is the IP of the core router

The target IP is an IP inside the public IP range

let's say the range is rrr.www.qqq.0/24

and the target IP is rrr.www.qqq.ttt

Who is online

Users browsing this forum: No registered users and 29 guests