Explanation of ICMP Redirect Behavior

This article has been archived. It is offered "as is" and will no longer be updated.
The assumption on IP internetworks is that the IP hosts (nonrouters) onlyneed minimal routing information and can rely on IP routers havingknowledge of the topology of the internetwork and all of the best routes.Therefore, IP hosts are typically only configured with an IP address of adefault router (also called a default gateway). Any remote traffic from theIP host is forwarded to the default IP router. While this makes it easierto configure the IP hosts, in IP internetworks where there are multiplerouters on a given network, the behavior of sending all remote traffic tothe same router can produce non-optimal host routing. To prevent theperpetuation of non-optimal host routing, IP routers can update the routingtables of hosts using an ICMP Redirect message.
More information
The ICMP Redirect message is only sent in the following situation:

  1. Host A is sending a packet to Host B. Host A's default IP router is router R1. Because Host B is a remote host, Host A forwards the packet destined for Host B to its default router R1.
  2. R1 checks its routing table and finds that the next hop for the route to the network for Host B is router R2.
  3. If Host A and R2 are on the same network that is also directly attached to R1, an ICMP Redirect message is sent to Host A informing it that R2 is the better route when sending to Host B.
  4. Router R1 then forwards the IP datagram to R2.
  5. Host A adds a host route to its routing table for Host B's IP address with router R2's IP address as the forwarding address. Subsequent datagrams from Host A to Host B are forwarded by means of router R2.
An ICMP Redirect message is not sent for IP datagrams with IP source routeoptions even if there is a better route to the ultimate destination thanthe next address in the source route.

In the ICMP Redirect message:

   Type - Set to 5.   Code - Set to 0 - 3 (details below).				

Router IP Address - The IP address of the router corresponding to thebetter route as determined by the router originally sent the IP datagram.The sending host uses this information to update its routing table toinclude this new route.

IP Header and First 64 Bits of Original IP Payload - To identify theforwarded packet for the source, the IP header and 64 bits of the IPpayload are encapsulated and sent back to the source. Included in theencapsulated IP header is the IP Identification field uniquely identifyinga specific IP packet as sent by the source and the destination IP address.Between the destination IP address stored here and the router IP addressfield in the ICMP header, a routing table entry is made.
 Code Value  Meaning ----------  ------- 0           Redirected datagrams for the network (obsolete). 1           Redirected datagrams for the host. 2           Redirected datagrams for the Type of Service and the network. 3           Redirected datagrams for the Type of Service and the host.				
Windows NT Specifics:

A host route learned by means of an ICMP Redirect will be added to theroute table for 10 minutes, after which time it is removed and must berelearned through another ICMP Redirect.

Article ID: 195686 - Last Review: 12/05/2015 09:41:06 - Revision: 4.0

Microsoft Windows NT Server 3.51, Microsoft Windows NT Server 4.0 Standard Edition, Microsoft Windows NT Workstation 3.51, Microsoft Windows NT Workstation 4.0 Developer Edition, Microsoft Windows 95

  • kbnosurvey kbarchive kbinfo KB195686