Internet Control Message Protocol (ICMP) is used to communicate to the
original source, the errors encountered while routing the packets, and exercise
control on the traffic. This document discusses ICMP redirects and when
redirects happen in a network.
Knowledge of IP protocol suite is necessary.
This is supported in all series of Cisco routers and Cisco IOS®
For more information on document conventions, refer to the
Technical Tips Conventions.
ICMP redirect messages are used by routers to notify the hosts on the
data link that a better route is available for a particular destination.
For example, the two routers R1 and R2 are connected to the same
Ethernet segment as Host H. The default gateway for Host H is configured to use
router R1. Host H sends a packet to router R1 to reach the destination on
Remote Branch office Host 10.1.1.1. Router R1, after it consults its routing
table, finds that the next-hop to reach Host 10.1.1.1 is router R2. Now router
R1 must forward the packet out the same Ethernet interface on which it was
received. Router R1 forwards the packet to router R2 and also sends an ICMP
redirect message to Host H. This informs the host that the best route to reach
Host 10.1.1.1 is by way of router R2. Host H then forwards all the subsequent
packets destined for Host 10.1.1.1 to router R2.
This debug message shows router R1, as in the network diagram, sending
an ICMP redirect message to Host H (172.16.1.1).
debug ip icmp
ICMP packet debugging is on
*Mar 18 06:28:54: ICMP:redirect sent to 172.16.1.1 for dest 10.1.1.1, use gw 172.16.1.200
Router R1 (172.16.1.100) sends a redirect to Host H (172.16.1.1) to use
router R2 (172.16.1.200) as the gateway to reach the destination
Cisco routers send ICMP redirects when all of these conditions are met:
The interface on which the packet comes into the router is the same
interface on which the packet gets routed out.
The subnet or network of the source IP address is on the same subnet
or network of the next-hop IP address of the routed packet.
The datagram is not source-routed.
The kernel is configured to send redirects. (By default, Cisco
routers send ICMP redirects. The interface subcommand
can be used to disable ICMP redirects.)
Note: ICMP redirects are disabled by default if Hot Standby Router Protocol
(HSRP) is configured on the interface. In Cisco IOS Software Release 12.1(3)T
and later, ICMP Redirect is allowed to be enabled on interfaces configured with
HSRP. For more information, refer to
Support for ICMP Redirects section of
Standby Router Protocol Features and Functionality.
For example, if a router has two IP addresses on one of its
interface ethernet 0
ip address 184.108.40.206 255.255.255.0
ip address 220.127.116.11 255.255.255.0 secondary
If the router receives a packet that is sourced from a host in the
subnet 18.104.22.168 and destined to a host in the subnet 22.214.171.124, the
router does not send an ICMP redirect because only the first condition is met,
not the second.
The original packet for which the router sends a redirect still gets
routed to the correct destination.