[OLSR-users] ICMP Redirects
lolo
(spam-protected)
Wed Aug 31 11:03:40 CEST 2005
Hi every body
Weber, Michael J. (US SSA) wrote:
> Under Win32, there is a call made to disable redirects. Apparently,
> linux will issue a redirect if it forwards a packet out the same
> interface on which it was received (which is always the case with a
> transit node in a MANET.)
There are some more subtilities about ICMP redirect. From the network
sorcery web site :
http://www.networksorcery.com/enp/protocol/icmp/msg5.htm
> Routers MUST NOT generate a Redirect Message unless *all* the
> following conditions are met:
>
> * The packet is being forwarded out the same physical interface
> that it was received from.
> * The IP source address in the packet is on the same Logical IP
> (sub)network as the next-hop IP address.
> * The packet does not contain an IP source route option.
>
> The source address used in the ICMP Redirect MUST belong to the
> same logical (sub)net as the destination address.
>
> A router using a routing protocol (other than static routes) MUST
> NOT consider paths learned from ICMP Redirects when forwarding a
> packet. If a router is not using a routing protocol, a router MAY
> have a configuration that, if set, allows the router to consider
> routes learned through ICMP Redirects when forwarding packets.
>
"Regular" configuration of MANET nodes meets these three conditions
So I understand why at the 2nd OLSR Interop this summer, the guys from
INRIA and LRI insist loudly on configuring our interface with a netmask of
255.255.255.255, even we were all using networks of the form 10.x.0.0/8
(we were ask to choose a value for x in the [1,9] for identification of the
teams nodes).
That Netmask could be translated as : i am the only node reachable on
that network, which is my IP address (weird), so don't bother me with
icmp redirect, and don't even try to send that IP frame directly to the
network but use instead a gateway in every cases.
BTW it was not being possible to set that value on windows XP
(although with found a possible hack at editing the registry at the end of
the day but with no testing)
My two cents
Laurent
More information about the Olsr-users
mailing list