<jonl@yubyub.net> writes:

> On Mon, 19 Mar 2001, Charles M. Hannum wrote:

> > Those are indeed redirects.  If you consult the netstat(8) man page:
> >
> >      D       RTF_DYNAMIC     Created dynamically (by redirect)
> >
> > This is usually because one of your routes is wrong, and the system it
> > points to is compensating by sending you redirects.
> 
> Hmmm... the network at this point is pretty simple.  Is there a way to 1)
> ignore ICMP redirects, or 2) log who they're coming from without doing a
> tcpdump for a few days?  Or is this just a great example of using ipf with
> logging?

Redirects are a *good* thing, not a bad thing (although it would be
even better if you had correct routes to begin with), at least when
compared to simply ignoring them without fixing your routing table.

If your routing table has the wrong next-hop for a particular host and
you ignore icmp redirects, every packet to that host ends up
traversing the local network segment *twice*. Add to that the
bandwidth required for the icmp-redirect that gets sent by the
wrongly-supposed gateway, and you end up with a gigantic waste of
bandwidth. Of course this may not make a noticeable difference if
there is a bottleneck somewhere further along the line, and/or if the
local network segment is much fatter than required for the application
anyway. But believe me, it can make a *huge* difference when, for
example, you're doing a throughput benchmark at a client site, and the
application in question is otherwise capable of saturating the local
net.

Anyway, more on to specifics - either your local network has more than
one gateway to other subnets, or you've set the default route
incorrectly. Verify the correct settings with your local network
admin.