Re: ICMP REDIRECTs

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Linus Torvalds: "Re: Unices are created equal, but ..."
• Previous message: Werner Almesberger: "Re: Ideas for reducing memory copying and zeroing times"
• Maybe in reply to: Madhusudana Rao: "ICMP REDIRECTs"
• Next in thread: Alan Cox: "Re: ICMP REDIRECTs"

Is it okay if someone
: wants to forward a frame on the same interface and disable the ICMP
: REDIRECTs ?

It is not OK. You should not disable redirects in this situation.
But if you really desire to spend your network bandwidth and
routers CPU cycles, you may tell
#define CONFIG_IP_NO_ICMP_REDIRECT
in ip_forward.c

: 1. It may be needed when you have more than one router on the same cable
: and you want to set the default routes to only one router. One can,
: though, argue against such a situation, but it can happen.

It is redirects that solve this problem!
You set up one default router, and all the packets are sent inittially to it,
then the network is automatically tuned by redirects.

: 2. The situation may arise where one may want to set up default routes to
: a single host, IP masquerade and let all the connection to appear
: from this host.
:
Agree. It may be serious reason to disable redirects.

: 3. Is it okay, if I define CONFIG_IP_NO_ICMP_REDIRECT in the file
: /usr/src/linux/include/net/ip_masq.h as

: #ifndef CONFIG_IP_NO_ICMP_REDIRECT
: #define CONFIG_IP_NO_ICMP_REDIRECT
: #endif

: to accomplish the desired effect for the point 2 ?

You are right.

Alexey Kuznetsov

• Next message: Linus Torvalds: "Re: Unices are created equal, but ..."
• Previous message: Werner Almesberger: "Re: Ideas for reducing memory copying and zeroing times"
• Maybe in reply to: Madhusudana Rao: "ICMP REDIRECTs"
• Next in thread: Alan Cox: "Re: ICMP REDIRECTs"