Re: Discarding inbound ICMP REDIRECT by default

From: Ed Maste <emaste_at_freebsd.org>
Date: Fri, 14 Jun 2024 14:57:13 UTC
On Fri, 14 Jun 2024 at 09:57, Rodney W. Grimes
<freebsd-rwg@gndrsh.dnsmgr.net> wrote:
>
> I am not sure that it would "hang" the port, but by ignoring the
> rediect your going to place additional burden on the router that
> is trying  to redirect you as all packets would have to be forwarded
> by that router.  I suppose it could hang you if infact the router
> sent the redirect but did not forward the packet for you expecting
> that a retransmission with your updated routing table due to the
> redirect would get the flow going.

The router is required to forward the packet (RFC1812); if an ICMP
REDIRECT is necessary it is sent as the final step in unicast
forwarding.