beautypg.com

Disabling icmp messages, Disabling replies to broadcast ping requests, Disabling icmp destination unreachable messages – Brocade BigIron RX Series Configuration Guide User Manual

Page 277

background image

BigIron RX Series Configuration Guide

199

53-1002484-04

Configuring forwarding parameters

7

Disabling ICMP messages

The device is enabled to reply to ICMP echo messages and send ICMP Destination Unreachable
messages by default.

You can selectively disable the following types of Internet Control Message Protocol (ICMP)
messages:

Echo messages (ping messages) – The device replies to IP pings from other IP devices.

Destination Unreachable messages – If the device receives an IP packet that it cannot deliver
to its destination, the device discards the packet and sends a message back to the device that
sent the packet. The message informs the device that the destination cannot be reached by
the device.

Disabling replies to broadcast ping requests

By default, the device is enabled to respond to broadcast ICMP echo packets, which are ping
requests.

To disable response to broadcast ICMP echo packets (ping requests), enter the following command.

BigIron RX(config)# no ip icmp echo broadcast-request

Syntax: [no] ip icmp echo broadcast-request

If you need to re-enable response to ping requests, enter the following command.

BigIron RX(config)# ip icmp echo broadcast-request

Disabling ICMP destination unreachable messages

By default, when the device receives an IP packet that the device cannot deliver, the device sends
an ICMP Unreachable message back to the host that sent the packet. You can selectively disable a
device’s response to the following types of ICMP Unreachable messages:

Administration – The packet was dropped by the Brocade device due to a filter or ACL
configured on the device.

Fragmentation-needed – The packet has the Don’t Fragment bit set in the IP Flag field, but the
device cannot forward the packet without fragmenting it.

Host – The destination network or subnet of the packet is directly connected to the device, but
the host specified in the destination IP address of the packet is not on the network.

Network – The device cannot reach the network specified in the destination IP address of the
packet.

Port – The destination host does not have the destination TCP or UDP port specified in the
packet. In this case, the host sends the ICMP Port Unreachable message to the device, which
in turn sends the message to the host that sent the packet.

Protocol – The TCP or UDP protocol on the destination host is not running. This message is
different from the Port Unreachable message, which indicates that the protocol is running on
the host but the requested protocol port is unavailable.

Source-route-failure – The device received a source-routed packet but cannot locate the
next-hop IP address indicated in the packet’s Source-Route option.

You can disable the device from sending these types of ICMP messages on an individual basis.

See also other documents in the category Brocade Computer Accessories: