Quick Reference Guide
PowerConnect B-Series TI24X Configuration Guide 595
53-1002269-02
Configuring IP parameters – Layer 3 Switches
21
Disabling ICMP destination unreachable messages
By default, when a device receives an IP packet that the device cannot deliver, the device sends an
ICMP Unreachable message back to the host that sent the packet. You can selectively disable a
device response to the following types of ICMP Unreachable messages:
• Administration – The packet was dropped by the device due to a filter or ACL configured on the
device.
• Fragmentation-needed – The packet has the Do not Fragment bit set in the IP Flag field, but
the device cannot forward the packet without fragmenting it.
• Host – The destination network or subnet of the packet is directly connected to the device, but
the host specified in the destination IP address of the packet is not on the network.
• Port – The destination host does not have the destination TCP or UDP port specified in the
packet. In this case, the host sends the ICMP Port Unreachable message to the device, which
in turn sends the message to the host that sent the packet.
• Protocol – The TCP or UDP protocol on the destination host is not running. This message is
different from the Port Unreachable message, which indicates that the protocol is running on
the host but the requested protocol port is unavailable.
• Source-route-failure – The device received a source-routed packet but cannot locate the
next-hop IP address indicated in the packet Source-Route option.
You can disable the device from sending these types of ICMP messages on an individual basis. To
do so, use the following CLI method.
NOTE
Disabling an ICMP Unreachable message type does not change the device ability to forward packets.
Disabling ICMP Unreachable messages prevents the device from generating or forwarding the
Unreachable messages.
To disable all ICMP Unreachable messages, enter the following command.
PowerConnect(config)#no ip icmp unreachable
Syntax: [no] ip icmp unreachable [host | protocol | administration | fragmentation-needed | port
|
source-route-fail]
• If you enter the command without specifying a message type (as in the example above), all
types of ICMP Unreachable messages listed above are disabled. If you want to disable only
specific types of ICMP Unreachable messages, you can specify the message type. To disable
more than one type of ICMP message, enter the no ip icmp unreachable command for each
messages type.
• The administration parameter disables ICMP Unreachable (caused by Administration action)
messages.
• The fragmentation-needed parameter disables ICMP Fragmentation-Needed But Do
not-Fragment Bit Set messages.
• The host parameter disables ICMP Host Unreachable messages.
• The port parameter disables ICMP Port Unreachable messages.
• The protocol parameter disables ICMP Protocol Unreachable messages.
• The source-route-fail parameter disables ICMP Unreachable (caused by Source-Route-Failure)
messages.