Microsoft KB Archive/243427

= ICMP Redirect Routes Override OSPF Routes =

Article ID: 243427

Article Last Modified on 2/22/2007

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows NT 4.0 Service Pack 4
 * Microsoft Windows NT 4.0 Service Pack 5

-



This article was previously published under Q243427



IMPORTANT: This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry



SYMPTOMS
When Routing and Remote Access Services (RRAS) is configured as an autonomous system boundary router (ASBR), it does not correctly import connected interface subnet routes. Instead, it injects host routes into the Open Shortest Path First (OSPF) routes. Because the OSPF router cannot be used as an ASBR router, importing connected interface subnet routes into OSPF results in confusing routing tables with strange routing paths.



CAUSE
Internet Control Message Protocol (ICMP) redirects cause the stack to plumb host routes. These routes override the OSPF-generated routes. This, by itself, is the expected behavior. The problem, however, is that for a period of time (the period of the ICMP redirect-plumbed routes' timeout, which is ten minutes) there is a black hole for the network concerned.



RESOLUTION
WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

To resolve this issue, turn off the routes being plumbed by ICMP redirects. In Windows 2000, you can do this by adjusting a registry value as follows:  Start Registry Editor (Regedt32.exe). Locate the following key in the registry:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

 Change the data value of the EnableICMPRedirect value to 0 (by default, it is 1). Quit Registry Editor.



STATUS
Microsoft has confirmed that this is a problem in Windows 2000.

<div class="moreinformation_section">

MORE INFORMATION
The registry value listed above is for Windows 2000 only.
 * In Windows NT 4.0, the REG_DWORD "EnableICMPRedirects" value must have an "s" at the end.
 * In Windows 2000 and later, the REG_DWORD "EnableICMPRedirect" value must not have an "s" at the end.

For additional information, click the article numbers below to view the articles in the Microsoft Knowledge Base:

225344 ICMP Redirect Attack Hangs Windows NT Server and Workstation

293626 Cannot Disable ICMP Redirects with EnableICMPRedirect Value

Keywords: kbenv kbnetwork kbprb KB243427

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.