Disabling icmp messages, Disabling replies to broadcast ping requests, Disabling icmp destination unreachable messages – Brocade Communications Systems Layer 3 Routing Configuration ICX 6650 User Manual
Page 61
Brocade ICX 6650 Layer 3 Routing Configuration Guide
43
53-1002603-01
Configuring IP parameters – Layer 3 Switches
NOTE
You must save the configuration and reload the software to place this configuration change into
effect.
Syntax: [no] ip broadcast-zero
Disabling ICMP messages
Brocade devices are enabled to reply to ICMP echo messages and send ICMP Destination
Unreachable messages by default.
You can selectively disable the following types of Internet Control Message Protocol (ICMP)
messages:
•
Echo messages (ping messages) – The Layer 3 Switch replies to IP pings from other IP devices.
•
Destination Unreachable messages – If the Layer 3 Switch receives an IP packet that it cannot
deliver to its destination, the Layer 3 Switch discards the packet and sends a message back to
the device that sent the packet to the Layer 3 Switch. The message informs the device that the
destination cannot be reached by the Layer 3 Switch.
Disabling replies to broadcast ping requests
By default, Brocade devices are enabled to respond to broadcast ICMP echo packets, which are
ping requests.
To disable response to broadcast ICMP echo packets (ping requests), enter the following command.
Brocade(config)# no ip icmp echo broadcast-request
Syntax: [no] ip icmp echo broadcast-request
If you need to re-enable response to ping requests, enter the following command.
Brocade(config)# ip icmp echo broadcast-request
Disabling ICMP destination unreachable messages
By default, when a Brocade device receives an IP packet that the device cannot deliver, the device
sends an ICMP Unreachable message back to the host that sent the packet. You can selectively
disable a Brocade device response to the following types of ICMP Unreachable messages:
•
Administration – The packet was dropped by the Brocade device due to a filter or ACL
configured on the device.
•
Fragmentation-needed – The packet has the Do not Fragment bit set in the IP Flag field, but
the Brocade device cannot forward the packet without fragmenting it.
•
Host – The destination network or subnet of the packet is directly connected to the Brocade
device, but the host specified in the destination IP address of the packet is not on the network.
•
Port – The destination host does not have the destination TCP or UDP port specified in the
packet. In this case, the host sends the ICMP Port Unreachable message to the Brocade
device, which in turn sends the message to the host that sent the packet.
•
Protocol – The TCP or UDP protocol on the destination host is not running. This message is
different from the Port Unreachable message, which indicates that the protocol is running on
the host but the requested protocol port is unavailable.