Le dimanche 07 mai 2006 à 00:19 -0700, R. Rajasekaran a écrit : > IP of H1 = 10.0.0.1 > IP of H2 = 10.0.0.2 [...] > >From 10.0.0.2: icmp_seq=1 Redirect Host (New nexthop: > 10.0.0.3) [...] > The above behaviour is of Linux functionality. > Here the redirect uses the next-hop address as > 10.0.0.3. What is the reason of it ? Because your network setting is just wrong. The smallest network mask you can set on this type of link is /30, i.e. 10.0.0.0/30. Then you have : 10.0.0.0 as network address 10.0.0.3 as broadcast address 10.0.0.1 and 10.0.0.2 as host addresses If you send a packet from H1 to H2 destined to 10.0.0.3, H2 will complain because he's not the best router for H1 to reach 10.0.0.3. As describe by network mask, H1 should reach 10.0.0.3 directly on link, without using H2 as a router, thus you gety an ICMP Redirect. This is still true if network mask is wider than /30, because then, 10.0.0.3 will be a host address belonging to H1 and H2 local link. Then there's not reason for H1 to go through H2 to reach it, and you get an ICMP redirect again. Set your network as 10.0.0.0/30 and try to ping 10.0.0.5 instead. BTW, there's nothing related to Netfilter in this behaviour. -- http://sid.rstack.org/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread!
