R3204P16-HP Load Balancing Module System Maintenance Configuration Guide-6PW101
82
A host may have only a default route to the default gateway in its routing table after startup. The default
gateway will send ICMP redirect packets to the source host, telling it to reselect a correct next hop to send
the subsequent packets, if the following conditions are satisfied:
• The receiving and forwarding interfaces are the same.
• The selected route has not been created or modified by ICMP redirect packet.
• The selected route is not the default route of the LB module.
• There is no source route option in the packet.
ICMP redirect packets function simplifies host administration and enables a host to gradually establish a
sound routing table to find out the best route.
2. Sending ICMP timeout packets
If the LB module received an IP packet with a timeout error, it drops the packet and sends an ICMP
timeout packet to the source.
The LB module will send an ICMP timeout packet under the following conditions:
• If the LB module finds the destination of a packet is not itself and the TTL field of the packet is 1, it
will send a “TTL timeout” ICMP error message.
• When the LB module receives the first fragment of an IP datagram whose destination is the device
itself, it starts a timer. If the timer times out before all the fragments of the datagram are received, the
LB module will send a “reassembly timeout” ICMP error packet.
3. Sending ICMP destination unreachable packets
If the LB module receives an IP packet with the destination unreachable, it will drop the packet and send
an ICMP destination unreachable error packet to the source.
Conditions for sending this ICMP packet:
• If neither a route nor the default route for forwarding a packet is available, the LB module will send
a “network unreachable” ICMP error packet.
• If the destination of a packet is local while the transport layer protocol of the packet is not supported
by the local device, the device sends a “protocol unreachable” ICMP error packet to the source.
• When receiving a packet with the destination being local and transport layer protocol being UDP,
if the packet’s port number does not match the running process, the LB module will send the source
a “port unreachable” ICMP error packet.
• If the source uses “strict source routing" to send packets, but the intermediate device finds that the
next hop specified by the source is not directly connected, the device will send the source a “source
routing failure” ICMP error packet.
• When forwarding a packet, if the MTU of the sending interface is smaller than the packet but the
packet has been set “Don’t Fragment”, the LB module will send the source a “fragmentation needed
and Don’t Fragment (DF)-set” ICMP error packet.
Disadvantages of sending ICMP error packets
Although sending ICMP error packets facilitates network control and management, it still has the
following disadvantages:
• Sending a lot of ICMP packets will increase network traffic.
• If a device receives a lot of malicious packets that cause it to send ICMP error packets, its
performance degrades.
• As the redirection function increases the routing table size of a host, the host’s performance will be
reduced if its routing table becomes very large.