Hi,
I am not trying to achieve resilience by sending icmp redirects. I don't think that Eli was either.
I have a bunch of servers. Each of them has their default-gateway pointing to the Loadbalancer in order to be able to receive non-snatted, loadbalancened traffic to their single one IP address.
There is also a firewall in this subnet:
Assume Server A initiating a tcp-session with Server B in order to send a big file. It sends the SYN to the loadbalancer which would forward according to its config. All traffic from Server A to Server B would have to pass the BigIP.
By making the bigip send icmp redirects for specific hosts, it could make the server install temporary routes pointing to the firewall for this and subsequent transmissions.
There is an iRule Command "SIDEBAND" that can be used to craft udp datagrams. I guess I will raise an RFE to also be able to craft icmp datagrams there.
Cheers, Matt