Cisco routers send ICMP redirects when all of these conditions are met:
- The interface on which the packet comes into the router is the same interface on which the packet gets routed out.
- The subnet or network of the source IP address is on the same subnet or network of the next-hop IP address of the routed packet.
- The datagram is not source-routed.
- The kernel is configured to send redirects. (By default, Cisco routers send ICMP redirects. The interface subcommand no ip redirects can be used to disable ICMP redirects.)
Note: ICMP redirects are disabled by default if Hot Standby Router Protocol (HSRP) is configured on the interface. In Cisco IOS Software Release 12.1(3)T and later, ICMP Redirect is allowed to be enabled on interfaces configured with HSRP. For more information, refer to HSRP Support for ICMP Redirects section of Hot Standby Router Protocol Features and Functionality.
For example, if a router has two IP addresses on one of its interfaces:
interface ethernet 0 ip address 184.108.40.206 255.255.255.0 ip address 220.127.116.11 255.255.255.0 secondary
If the router receives a packet that is sourced from a host in the subnet 18.104.22.168 and destined to a host in the subnet 22.214.171.124, the router does not send an ICMP redirect because only the first condition is met, not the second.
The original packet for which the router sends a redirect still gets routed to the correct destination.