Disabling replies to broadcast ping requests, Disabling icmp destination unreachable messages – HP 2610-PWR User Manual

IP Routing Features

Configuring IP Parameters for Routing Switches

Disabling Replies to Broadcast Ping Requests

By default, ProCurve devices are enabled to respond to broadcast ICMP echo
packets, which are ping requests. You can disable response to ping requests
on a global basis using the following CLI method.

To disable response to broadcast ICMP echo packets (ping requests), enter
the following command:

ProCurve(config)# no ip icmp echo broadcast-request

Syntax: [no] ip icmp echo broadcast-request

If you need to re-enable response to ping requests, enter the following
command:

ProCurve(config)# ip icmp echo broadcast-request

Disabling ICMP Destination Unreachable Messages

By default, when a ProCurve device receives an IP packet that the device
cannot deliver, the device sends an ICMP Unreachable message back to the
host that sent the packet. The following types of ICMP Unreachable messages
are generated:

■

Administration

– The packet was dropped by the ProCurve device due

to a filter or ACL configured on the device.

■

Fragmentation-needed

– The packet has the Don’t Fragment bit set in

the IP Flag field, but the ProCurve device cannot forward the packet
without fragmenting it.

■

Host

– The destination network or sub-net of the packet is directly

connected to the ProCurve device, but the host specified in the destination
IP address of the packet is not on the network.

■

Network

– The ProCurve device cannot reach the network specified in

the destination IP address of the packet.

■

Port

– The destination host does not have the destination TCP or UDP

port specified in the packet. In this case, the host sends the ICMP Port
Unreachable message to the ProCurve device, which in turn sends the
message to the host that sent the packet.

7-15