Disabling icmp messages – Brocade TurboIron 24X Series Configuration Guide User Manual
Page 497
Brocade TurboIron 24X Series Configuration Guide
463
53-1003053-01
Configuring IP parameters – Layer 3 Switches
•
Strict source routing – requires the packet to pass through only the listed routers. If the Layer
3 Switch receives a strict source-routed packet but cannot reach the next hop interface
specified by the packet, the Layer 3 Switch discards the packet and sends an ICMP
Source-Route-Failure message to the sender.
NOTE
The Layer 3 Switch allows you to disable sending of the Source-Route-Failure messages. Refer
to
•
Loose source routing – requires that the packet pass through all of the listed routers but also
allows the packet to travel through other routers, which are not listed in the packet.
The Layer 3 Switch forwards both types of source-routed packets by default. To disable the feature,
use either of the following methods. You cannot enable or disable strict or loose source routing
separately.
To disable forwarding of IP source-routed packets, enter the following command.
TurboIron(config)#no ip source-route
Syntax: [no] ip source-route
To re-enable forwarding of source-routed packets, enter the following command.
TurboIron(config)#ip source-route
Disabling ICMP messages
Devices are enabled to reply to ICMP echo messages and send ICMP Destination Unreachable
messages by default.
You can selectively disable the following types of Internet Control Message Protocol (ICMP)
messages:
•
Echo messages (ping messages) – The Layer 3 Switch replies to IP pings from other IP devices.
•
Destination Unreachable messages – If the Layer 3 Switch receives an IP packet that it cannot
deliver to its destination, the Layer 3 Switch discards the packet and sends a message back to
the device that sent the packet to the Layer 3 Switch. The message informs the device that the
destination cannot be reached by the Layer 3 Switch.
Disabling replies to broadcast ping requests
By default, devices are enabled to respond to broadcast ICMP echo packets, which are ping
requests.
To disable response to broadcast ICMP echo packets (ping requests), enter the following command.
TurboIron(config)#no ip icmp echo broadcast-request
Syntax: [no] ip icmp echo broadcast-request
If you need to re-enable response to ping requests, enter the following command.
TurboIron(config)#ip icmp echo broadcast-request
Disabling ICMP destination unreachable messages
By default, when a device receives an IP packet that the device cannot deliver, the device sends an
ICMP Unreachable message back to the host that sent the packet. You can selectively disable a
device response to the following types of ICMP Unreachable messages: