8. Redirect Function
The Redirect message is used by routers to inform hosts of a better first hop for a destination. Routers send Redirect messages only for packets forwarded by the router. Hosts MUST silently discard any received Redirect messages that do not satisfy all of the validity checks specified in Section 8.1.
8.1. Validation of Redirect Messages
A host MUST silently discard any received Redirect message that does not satisfy all of the following validity checks:
-
The IP source address of the Redirect is the same as the current first-hop router for the specified ICMP Destination Address.
-
The IP Hop Limit field has a value of 255, i.e., the packet could not possibly have been forwarded by a router.
-
ICMP Checksum is valid.
-
ICMP Code is 0.
-
ICMP length (derived from the IP length) is 40 or more octets.
-
The IP source address of the Redirect is a link-local address. Routers must use their link-local address as the source for Redirect messages so that hosts can uniquely identify routers.
-
The ICMP Destination Address field in the redirect message does not contain a multicast address.
-
The ICMP Target Address is either a link-local address (when redirected to a router) or the same as the ICMP Destination Address (when redirected to the on-link destination).
-
All included options have a length that is greater than zero.
The contents of the Reserved field, and of any unrecognized options, MUST be ignored. Future, backward-compatible changes to the protocol may specify the contents of the Reserved field or add new options; backward-incompatible changes may use different Code values.
The contents of any defined options that are not specified to be used with Redirect messages MUST be ignored and the packet processed as normal. The only defined options that may appear are the Target Link-Layer Address and Redirected Header options.
8.2. Router Specification
A router SHOULD send a Redirect message, subject to rate limiting, whenever it forwards a packet that is not explicitly addressed to itself, in which:
-
the Source Address field of the packet identifies a neighbor, and
-
the router determines that a better first-hop node resides on the same link as the sending node for the Destination Address of the packet, and
-
the Destination Address of the packet is not a multicast address.
The transmitted Redirect message contains:
-
In the Target Address field: the address to which subsequent packets for the destination should be sent. If the target is a router, that router's link-local address MUST be used. If the target is a host, the target address field MUST be set to the same value as the Destination Address of the invoking IP packet.
-
In the Destination Address field: the destination address of the invoking IP packet.
-
In the options:
-
Target Link-Layer Address option: the link-layer address of the target. It SHOULD be included (if known). Note that on NBMA links, hosts may not have link-layer addresses, in which case the option cannot be included.
-
Redirected Header: as much of the forwarded packet as can fit without the redirect packet exceeding the minimum MTU required to support IPv6 as specified in [IPv6].
-
A router MUST limit the rate at which Redirect messages are sent, in order to limit the bandwidth and processing costs incurred by the Redirect messages when the source does not correctly respond to the Redirects. More details on the rate-limiting of ICMP error messages can be found in [ICMPv6].
8.3. Host Specification
A host receiving a Redirect examines the packet and performs the following validity checks. If any of these checks fail, the host MUST silently discard the Redirect message.
After the host verifies that the Redirect message is valid, it processes the message as follows:
-
If the Target Address is not the same as the Destination Address, the host replaces the current entry for the Destination Address in its Destination Cache with an entry pointing to the Target Address. The entry should inherit the state of the old entry with respect to Path MTU information and Neighbor Unreachability Detection state. When the host creates a new Destination Cache entry, the entry is initialized as described in Section 5.2.
-
If the Target Address is the same as the Destination Address, the receiving host performs the following operations on its Prefix List entry for the destination:
- If no entry exists, the host adds the destination to its Prefix List as an on-link destination.
- If an entry for the destination already exists in the Prefix List, the host updates the entry to indicate that the destination is on-link.
For both cases, the host updates the Destination Cache entry for the destination to point to the Target Address. If the Destination Cache entry does not exist, the host creates a new entry. The entry SHOULD be updated even if the host already has a cached entry that specifies a different first-hop neighbor, because routers are in a better position to determine the proper first-hop neighbor.
If the redirect contains a Target Link-Layer Address option, the host either creates or updates the Neighbor Cache entry for the target. In both cases, the Link-Layer Address in the option is used. The Neighbor Cache entry for the target is set to the STALE state. If a Neighbor Cache entry is created for the target, its reachability state MUST be set to STALE as specified in Section 7.3.3. If a cache entry already existed and is updated with a different link-layer address, its reachability state MUST also be set to STALE.
The host MUST add the Target Address to the Destination Cache. The entry's next-hop address is set to the Target Address of the Redirect. If a Destination Cache entry for the destination already existed, it is updated to use the Target Address as its next hop. Note that the host does not verify that the target is reachable; the validity of the Redirect message is the router's responsibility.
A Redirect message SHOULD be sent by a router in response to a packet forwarded by the router in which the Source Address field identifies a neighbor and the router determines a better first-hop node for the destination. The rate at which a router may send Redirects must be limited to prevent broadcasting storms or denial-of-service attacks on hosts.
8.4. Example
Consider the case where a host sends a packet to a destination via a default router R1, but another router R2 on the same link would be a better first hop to the destination. Upon forwarding the packet, R1 sends a Redirect to the host informing it that R2 is a better choice. The Redirect includes R2's link-local address.
+------+
| Host |
+------+
|
| (1) Packet to Dest
|
v
+----+ +----+
| R1 | ---------> | R2 |
+----+ Redirect +----+
| |
| |
+------------------+
Link
- Host sends packet to destination via R1 (its default router)
- R1 forwards packet and sends Redirect to host, indicating R2 is better
- Host updates its Destination Cache to use R2 for this destination
- Subsequent packets to destination are sent directly to R2
8.5. Redirect Loop Prevention
The Redirect mechanism is susceptible to redirect loops if multiple routers on a link disagree about the best first hop for a destination. However, such loops are typically short-lived for the following reasons:
-
Routers only send Redirects for packets they forward. If a router receives a packet for which it is the best first hop, it will not send a Redirect.
-
Hosts that receive multiple Redirects pointing to different routers for the same destination will use the most recently received Redirect. Over time, the system should converge to a stable state.
-
The Neighbor Unreachability Detection algorithm will eventually detect if a router is unreachable, causing the host to fall back to another router.
Despite these mitigations, implementations should be aware of the possibility of redirect loops and may implement additional safeguards, such as limiting the rate at which Destination Cache entries are updated in response to Redirects.