Getting "Redirect Host(New nexthop: ..." PINGING from LAN net to WAN net

Hi

Been seeing a weird problem recently. From system (192.168.98.32) on LAN net (192.168.98.0/24) i’m PINGING a system (192.168.2.60) on my WAN net (192.168.2.0/24) but getting the following:

user@192.168.98.32 :~$ ping 192.168.2.60
PING 192.168.2.60 (192.168.2.60) 56(84) bytes of data.
64 bytes from 192.168.2.60: icmp_seq=1 ttl=63 time=1.96 ms
From 192.168.2.1 icmp_seq=2 Redirect Host(New nexthop: 60.2.168.192)
64 bytes from 192.168.2.60: icmp_seq=2 ttl=63 time=2.84 ms
From 192.168.2.1 icmp_seq=3 Redirect Host(New nexthop: 60.2.168.192)
64 bytes from 192.168.2.60: icmp_seq=3 ttl=63 time=2.95 ms
64 bytes from 192.168.2.60: icmp_seq=4 ttl=63 time=1.91 ms
From 192.168.2.1 icmp_seq=5 Redirect Host(New nexthop: 60.2.168.192)
64 bytes from 192.168.2.60: icmp_seq=5 ttl=63 time=5.22 ms
64 bytes from 192.168.2.60: icmp_seq=6 ttl=63 time=1.85 ms
64 bytes from 192.168.2.60: icmp_seq=7 ttl=63 time=2.92 ms
From 192.168.2.1 icmp_seq=8 Redirect Host(New nexthop: 60.2.168.192)
64 bytes from 192.168.2.60: icmp_seq=8 ttl=63 time=2.70 ms
64 bytes from 192.168.2.60: icmp_seq=9 ttl=63 time=2.48 ms
64 bytes from 192.168.2.60: icmp_seq=10 ttl=63 time=3.83 ms
64 bytes from 192.168.2.60: icmp_seq=11 ttl=63 time=3.63 ms
64 bytes from 192.168.2.60: icmp_seq=12 ttl=63 time=2.28 ms

Checked pfSense Firewall rules, gateways, Outbound NAT, etc but can’t seem to figure out what is causing this.

What I find interesting is the “New nexthop” is the reverse IP of the device I"m trying to ping.

Ping going to [192.168.2.60]

“New nexthop: [60.2.168.192]”

That seems extremely odd to me.

Any ideas how to diagnose?

Thx

what’s the routing table on 192.168.98.* network? (netstat -rn)

Here is ‘netstat -rn’ output from my Linux mint system on 192.168.98.0 network. Also providing PING output below:

xinud@db-hpzen-ku20:~$ netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         192.168.98.1    0.0.0.0         UG        0 0          0 enp0s25
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 enp0s25
192.168.98.0    0.0.0.0         255.255.255.0   U         0 0          0 enp0s25
xinud@db-hpzen-ku20:~$ ping 192.168.2.60
PING 192.168.2.60 (192.168.2.60) 56(84) bytes of data.
64 bytes from 192.168.2.60: icmp_seq=1 ttl=63 time=7.70 ms
From 192.168.2.1 icmp_seq=2 Redirect Host(New nexthop: 60.2.168.192)
64 bytes from 192.168.2.60: icmp_seq=2 ttl=63 time=2.73 ms
From 192.168.2.1 icmp_seq=3 Redirect Host(New nexthop: 60.2.168.192)
64 bytes from 192.168.2.60: icmp_seq=3 ttl=63 time=3.17 ms
From 192.168.2.1 icmp_seq=4 Redirect Host(New nexthop: 60.2.168.192)
64 bytes from 192.168.2.60: icmp_seq=4 ttl=63 time=3.80 ms
From 192.168.2.1 icmp_seq=5 Redirect Host(New nexthop: 60.2.168.192)
64 bytes from 192.168.2.60: icmp_seq=5 ttl=63 time=2.90 ms
From 192.168.2.1 icmp_seq=6 Redirect Host(New nexthop: 60.2.168.192)
64 bytes from 192.168.2.60: icmp_seq=6 ttl=63 time=2.42 ms
64 bytes from 192.168.2.60: icmp_seq=7 ttl=63 time=3.54 ms
From 192.168.2.1 icmp_seq=8 Redirect Host(New nexthop: 60.2.168.192)
64 bytes from 192.168.2.60: icmp_seq=8 ttl=63 time=2.58 ms
64 bytes from 192.168.2.60: icmp_seq=9 ttl=63 time=2.34 ms
64 bytes from 192.168.2.60: icmp_seq=10 ttl=63 time=2.03 ms
From 192.168.2.1 icmp_seq=11 Redirect Host(New nexthop: 60.2.168.192)
64 bytes from 192.168.2.60: icmp_seq=11 ttl=63 time=2.22 ms
64 bytes from 192.168.2.60: icmp_seq=12 ttl=63 time=2.13 ms
^C
--- 192.168.2.60 ping statistics ---
12 packets transmitted, 12 received, +7 errors, 0% packet loss, time 11017ms
rtt min/avg/max/mdev = 2.032/3.130/7.704/1.477 ms

Tried PINGING same device using Windows VM (on 192.168.98.0 network) and don’t encounter same problem.

Following is output “netstat -rn” and PING test from Window VM:

===========================================================================
Interface List
  2...0e df 99 aa ec 7c ......Intel(R) PRO/1000 MT Network Connection
  7...00 ff b0 25 4a eb ......Private Internet Access Network Adapter
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     192.168.98.1   192.168.98.111     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
     192.168.98.0    255.255.255.0         On-link    192.168.98.111    281
   192.168.98.111  255.255.255.255         On-link    192.168.98.111    281
   192.168.98.255  255.255.255.255         On-link    192.168.98.111    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link    192.168.98.111    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link    192.168.98.111    281
===========================================================================
Persistent Routes:
  None

Pinging 192.168.2.60 with 32 bytes of data:
Reply from 192.168.2.60: bytes=32 time=2ms TTL=63
Reply from 192.168.2.60: bytes=32 time=3ms TTL=63
Reply from 192.168.2.60: bytes=32 time=3ms TTL=63
Reply from 192.168.2.60: bytes=32 time=3ms TTL=63
Reply from 192.168.2.60: bytes=32 time=3ms TTL=63
Reply from 192.168.2.60: bytes=32 time=2ms TTL=63
Reply from 192.168.2.60: bytes=32 time=2ms TTL=63

Ping statistics for 192.168.2.60:
    Packets: Sent = 7, Received = 7, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 2ms, Maximum = 3ms, Average = 2ms

on the mint box, what does ifconfig enp0s25 show?

enp0s25: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.98.32  netmask 255.255.255.0  broadcast 192.168.98.255
        inet6 fe80::952c:69e8:e079:b222  prefixlen 64  scopeid 0x20<link>
        ether 30:8d:99:15:b2:3d  txqueuelen 1000  (Ethernet)
        RX packets 39649858  bytes 50190940578 (50.1 GB)
        RX errors 0  dropped 1346  overruns 0  frame 0
        TX packets 19077571  bytes 2365576712 (2.3 GB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 20  memory 0xc1400000-c1420000

Please disregard this. I figured it out and fixed it.

Thanks!

out of curiosity, what was the issue?