Solved

ICMP Redirects on Network

Posted on 2007-03-19
5
891 Views
Last Modified: 2013-11-29
We have several remote offices connected to the HQ via PIX to PIX L2L Ipsec tunnels.

The remote offices are reporting performance issues.  For diagnostics, I am using hrping.

During pings, I am getting a large number of ICMP Redirects

C:\Documents and Settings\hannibal>hrping pvl
This is hrPING v2.34 by cFos Software GmbH -- http://www.cfos.de

Pinging pvl [10.1.4.1]
with 64 bytes data (92 bytes IP):

Reply from 10.1.4.1: seq=0000 time=21.667ms TTL=128 ID=a97d
Reply from 10.1.4.1: seq=0001 time=21.583ms TTL=128 ID=a97f
Reply from 10.1.13.199: redirect for network; seq=0002 time=0.460ms
Reply from 10.1.4.1: seq=0003 time=21.449ms TTL=128 ID=a981

Sometimes redirects represent 50-70% of results.

The network is pretty simple.  10.1.13.199 is the gateway L3 switch (Cisco 3550-48 L3).  It's default gateway is a PIX 506e (6.3(5)).  The PIX does an IPSec VPN.  The outside of the PIX connects with a 2611, connected to a T1.

No dual gateways or anything that could be causing ICMP Redirects.

Any ideas why I am seeing this?
0
Comment
Question by:RPPreacher
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 32

Expert Comment

by:Kamran Arshad
ID: 18798169
0
 
LVL 20

Author Comment

by:RPPreacher
ID: 18798744
No help at all.  And RTFM is not an appropriate expert exchange answer.
0
 
LVL 2

Accepted Solution

by:
jaredcall earned 500 total points
ID: 18812618
When a router sends a network redirect, it is essentially saying "you shouldn't use me as as a router to get there.  Use this other router instead."

These can be sent by a node that's not a router, but other nodes have configured as their default gateway.

-jared
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 18837457
RPPreacher,

 Would be it possible for a quick ascii diagram  with ip addresses ? IP redirects aren't bad, but without seeing the network we can decide if we can turn it off or not.

Cheers,
Rajesh
0
 
LVL 20

Author Comment

by:RPPreacher
ID: 18837810
Per TAC, we turned off ICMP redirects.
Resolved.
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco ASA 5506W VPN Clients not seeing local network 12 78
Stuck in INIT/DROTHER 2 102
VPN tunnel between Watchguard and OpenVPN? 1 208
Remote Desktop Services in AWS 4 51
We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question