Hello,

Hopefully I'm just confused, but here goes...

ICMP redirect processing does not seem to work properly.  I'm running a
NetBSD-current kernel (1.6K) from CVS, dated middle December.  If I make
the following configuration:

NetBSD box: 172.19.254.129/24
Linux box: 172.19.254.35/24
BSDI box: 172.19.254.2/24

Then add a network route on NetBSD to fake a subnet for the Linux box:

  route add -net 172.19.254.32 -netmask 255.255.255.224 -gateway BSDI

Turn on redirection acceptance:

  sysctl -w net.inet.icmp.rediraccept=1

And attempt to ping Linux from NetBSD, I see BSDI forward my echo request
and respond with an ICMP redirect.  Shortly thereafter, NetBSD's route
table shows a cloned entry for Linux, and I can't get to it at all (i.e. if
I stop the ping and start again) - no packets get sent on the wire.  If I
turn off ICMP rediraccept, then I can continue to send packets to Linux,
using BSDI as the gateway and ignoring regular pulse of redirections
without problem.

I'm not sure if this is a NetBSD problem or perhaps the redirects from BSDI
are no good - I don't think it is the latter, because if I reverse the
test (make Linux try to reach NetBSD using redirects), it works.

I was careful to remove ARP and cloned routes manually between tests.

Can anyone confirm this problem?

Thanks,
-bp
--
# Software Engineer