Header Only - DO NOT REMOVE - Extreme Networks

Extreme L3 switch doesn't send icmp redirect packet.


Userlevel 4
In the network there are a L3 Extreme Networks switch and a Cisco wan router. Both devices operate with OSPF. The pc has a default gateway, which is the L3 switch. When I connect to a device which is connected through the cisco router, I expect a icmp redirect packet from the Extreme switch, but the switch doesn’t send it.

The setting ICMP redirect is enabled.

Why isn’t the switch sending those packets ?

8 replies

Userlevel 6
Hello Johan

Can you do a show IPstats command and paste it? Also are the L3 switch and the Cisco router connected to the same L2 VLAN like a L2 switch?

Thanks
P
Userlevel 5
I think redirects will only be generated by the Extreme switch when an incoming packet has the Options field set, or when the destination IP of the packet is not in the L3 forwarding table, which would mean the packet would have to be slow-pathed in order for the redir to be sent. I'll double-check
Userlevel 7
Hello Johan,

can you provide the relevant routing table entries and IP addresses?

Thanks,
Erik
Userlevel 6
Hey Kawawa you are right. The show ipstats will show if the packets are going to CPU to be forwarded. If both routers the Extreme switch and the cisco are on the same L2 VLAN and the Extreme is the DG then the packet should go to him first. He will know that the Cisco has the interface to the subnet and will forward it over to the Cisco and should send redirect back to the end station to tell him to send it to the Cisco.

P
Userlevel 7
Hi,

while "show ipstats" can show if ICMP redirects are sent and/or received, it cannot tell us if ICMP redirects should be generated in the first place.
show ipstats | include [Rr]edirect[/code]Erik
Userlevel 7
Hi,

OK, the manual says that ICMP redirects are only generated for slow path forwarded packets:

ICMP redirects are only generated for IPv4 unicast packets that are "slowpath" forwarded by the CPU.That is, IPv4 packets that contain IP Options, or packets whose Destination IP is not in the Layer 3 forwarding hardware table.

Since the switch should usually forward packets using its forwarding hardware, it will usually not generate ICMP redirects.

Erik
Userlevel 4
The requested information:

The cisco router and the L3 Extreme switch are in the same vlan.

I have made several traces. In the traces of the Extreme L3 there are no redirect packets.

IP Global Statistics
InReceives = 1709943280 InUnicast = 901450824 InBcast = 495381177
InMcast = 313111279
InHdrErr = 5166521 Bad vers = 2 Bad chksum = 707
Short pkt = 225 Short hdr = 0
Bad hdrlen = 0 Bad length = 450
InDelivers = 735598580 InDiscards = 0 Bad Proto = 0
OutRequest = 1101261909 OutDiscard = 998 OutNoRoute = 0
Forwards = 517235870 ForwardOK = 517235870 Fwd Err = 0
NoFwding = 27281679 Redirects = 4322695 No route = 0
Bad TTL = 5165587 Bad MC TTL = 0
Bad IPdest = 22095733 Blackhole = 0 Output err = 0
MartianSrc = 0
FragCreate = 0 FragOKs = 0 FragFails = 998

Global ICMP Statistics
OutResp = 5171220 OutError = 0 InBadcode = 0
InTooshort = 0 Bad chksum = 0 In Badlen = 0
echo reply In = 11631 Out = 5171220
destination unreachable In = 40869 Out = 22002294
- protocol unreachable In = 0 Out = 0
redirect In = 0 Out = 4322695
echo In = 5171253 Out = 27808
router advertisement In = 428 Out = 0
time exceeded In = 396 Out = 3853084

Global IGMP Statistics
Out Query = 9674513 Out Report = 9872627 Out Leave = 20493
In Query = 6944445 In Report = 47501265 In Leave = 638949
In Error = 0

and

sh ipstats | include redirect
redirect In = 0 Out = 4322695
Userlevel 7
Johan Hendrikx wrote:

The requested information:

The cisco router and the L3 Extreme switch are in the same vlan.

I have made several traces. In the traces of the Extreme L3 there are no redirect packets.

IP Global Statistics
InReceives = 1709943280 InUnicast = 901450824 InBcast = 495381177
InMcast = 313111279
InHdrErr = 5166521 Bad vers = 2 Bad chksum = 707
Short pkt = 225 Short hdr = 0
Bad hdrlen = 0 Bad length = 450
InDelivers = 735598580 InDiscards = 0 Bad Proto = 0
OutRequest = 1101261909 OutDiscard = 998 OutNoRoute = 0
Forwards = 517235870 ForwardOK = 517235870 Fwd Err = 0
NoFwding = 27281679 Redirects = 4322695 No route = 0
Bad TTL = 5165587 Bad MC TTL = 0
Bad IPdest = 22095733 Blackhole = 0 Output err = 0
MartianSrc = 0
FragCreate = 0 FragOKs = 0 FragFails = 998

Global ICMP Statistics
OutResp = 5171220 OutError = 0 InBadcode = 0
InTooshort = 0 Bad chksum = 0 In Badlen = 0
echo reply In = 11631 Out = 5171220
destination unreachable In = 40869 Out = 22002294
- protocol unreachable In = 0 Out = 0
redirect In = 0 Out = 4322695
echo In = 5171253 Out = 27808
router advertisement In = 428 Out = 0
time exceeded In = 396 Out = 3853084

Global IGMP Statistics
Out Query = 9674513 Out Report = 9872627 Out Leave = 20493
In Query = 6944445 In Report = 47501265 In Leave = 638949
In Error = 0

and

sh ipstats | include redirect
redirect In = 0 Out = 4322695

Hi Johan,

As Erik mentioned, ICMP redirects will only be sent for CPU forwarded packets. Since most traffic will be hardware forwarded in the switching ASICs, it is expected for ICMP redirects to not be sent.

Reply