I'm missing ICMP redirects from a 1.6.1 NetBSD machine running
ipfilters.  It is the default router for 172.24.0.0/16 but has

  # route add -net 192.168.3.128 -netmask 255.255.255.248 172.24.1.254

and does not seem to issue the expected ICMP-redirects when host
172.24.16.6 attempts to, say, telnet to 192.168.3.129.  Instead,
if I attempt a traceroute from 172.24.16.6, I get "unreachables"
for the destination address:

  traceroute to 192.168.3.129 (192.168.3.129), 30 hops max, 40 byte packets
   1  172.24.16.129  0.260 ms  0.157 ms  0.153 ms
   2  172.24.16.129  0.179 ms !H  0.171 ms !H  0.168 ms !H

I did check net.inet.ip.{forwarding,redirect} and both are enabled.
Also, I'm sure I don't have any ipfilter rules that conflict with
my expectation, although the rules _are_ complicated, so I could
be mistaken. I may also be expecting the unreasonable, but then
I'd like to know why it's unreasonable.

In passing, there are only a few hosts that need to see the
192.168.3.128 subnet, but it is a changing scenario and I'd like
to avoid having to track it in more than one place.  I don't mind
being told that I'm missing something obvious, I'm kinda used to
it by now.

++L