ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
April 17th, 2024 | 14:30-16:00 SGT (UTC+8) | Online
Wireshark logo

Wireshark-dev: [Wireshark-dev] Seeing something prohibited in Wireshark

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Jonathan S. Weissman" <jsw52@xxxxxxxxx>
Date: Thu, 16 Feb 2012 08:09:51 -0800 (PST)

Please see the following 3 links, and then look at the 
attached capture.
I've seen it in the past with a correct "Redirect for Host," but now on multiple machines with various PC OSes, I'm seeing something that RFC 1812 PROHIBITED (Redirect for Network). I've eliminated OSes, NICs, and drivers. Could this be a bug in a version of Wireshark?

.

http://support.microsoft.com/kb/195686
0           Redirected datagrams for the network (obsolete).

http://www.tcpipguide.com/free/t_ICMPv4RedirectMessages-2.htm
Note: One problem with Redirects for whole networks is that the network 
specification may be ambiguous in an environment where subnetting or 
classless addressing are used. For this reason, the use of Code values 0
 and 2 was prohibited by RFC 1812; they are considered obsolete on the 
modern Internet.


http://www.ietf.org/rfc/rfc1812.txt
Redirected datagrams for the network
5.2.7.2 Redirect


   The ICMP Redirect message is generated to inform a local host the it
   should use a different next hop router for a certain class of
   traffic.

   Routers MUST NOT generate the Redirect for Network or Redirect for
   Network and Type of Service messages (Codes 0 and 2) specified in



Baker                       Standards Track                    [Page 82]


RFC 1812         Requirements for IP Version 4 Routers         June 1995


   [INTERNET:8].  Routers MUST be able to generate the Redirect for Host
   message (Code 1) and SHOULD be able to generate the Redirect for Type
   of Service and Host message (Code 3) specified in [INTERNET:8].

    DISCUSSION
      If the directly connected network is not subnetted (in the
      classical sense), a router can normally generate a network
      Redirect that applies to all hosts on a specified remote network.
      Using a network rather than a host Redirect may economize slightly
      on network traffic and on host routing table storage.  However,
      the savings are not significant, and subnets create an ambiguity
      about the subnet mask to be used to interpret a network Redirect.
      In a CIDR environment, it is difficult to specify precisely the
      cases in which network Redirects can be used.  Therefore, routers
      must send only host (or host and type of service) Redirects.
 
Jonathan S. Weissman

Attachment: redirect_for_network_192.pcap
Description: Binary data

Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube