Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

ICMP Redirects on Network

Posted on 2007-03-19
5
875 Views
Last Modified: 2013-11-29
We have several remote offices connected to the HQ via PIX to PIX L2L Ipsec tunnels.

The remote offices are reporting performance issues.  For diagnostics, I am using hrping.

During pings, I am getting a large number of ICMP Redirects

C:\Documents and Settings\hannibal>hrping pvl
This is hrPING v2.34 by cFos Software GmbH -- http://www.cfos.de

Pinging pvl [10.1.4.1]
with 64 bytes data (92 bytes IP):

Reply from 10.1.4.1: seq=0000 time=21.667ms TTL=128 ID=a97d
Reply from 10.1.4.1: seq=0001 time=21.583ms TTL=128 ID=a97f
Reply from 10.1.13.199: redirect for network; seq=0002 time=0.460ms
Reply from 10.1.4.1: seq=0003 time=21.449ms TTL=128 ID=a981

Sometimes redirects represent 50-70% of results.

The network is pretty simple.  10.1.13.199 is the gateway L3 switch (Cisco 3550-48 L3).  It's default gateway is a PIX 506e (6.3(5)).  The PIX does an IPSec VPN.  The outside of the PIX connects with a 2611, connected to a T1.

No dual gateways or anything that could be causing ICMP Redirects.

Any ideas why I am seeing this?
0
Comment
Question by:RPPreacher
5 Comments
 
LVL 32

Expert Comment

by:Kamran Arshad
ID: 18798169
0
 
LVL 20

Author Comment

by:RPPreacher
ID: 18798744
No help at all.  And RTFM is not an appropriate expert exchange answer.
0
 
LVL 2

Accepted Solution

by:
jaredcall earned 500 total points
ID: 18812618
When a router sends a network redirect, it is essentially saying "you shouldn't use me as as a router to get there.  Use this other router instead."

These can be sent by a node that's not a router, but other nodes have configured as their default gateway.

-jared
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 18837457
RPPreacher,

 Would be it possible for a quick ascii diagram  with ip addresses ? IP redirects aren't bad, but without seeing the network we can decide if we can turn it off or not.

Cheers,
Rajesh
0
 
LVL 20

Author Comment

by:RPPreacher
ID: 18837810
Per TAC, we turned off ICMP redirects.
Resolved.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
EIGRP Load sharing 12 82
EIGRP Configuration 2 48
Confused about VPN connection and private IP addresses..?? 5 67
VPN Ports 8 30
OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
SSL is a very common protocol used these days when browsing the web.  The purpose is to provide security to communication, but how does it do it?  There are several pieces at work that have to be setup before SSL will even work and it requires both …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question