3Com Switch 7750 Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

131

132

133

134

135

136

137

138

139

140

Disabling ICMP Error Message Sending 133

If you reference an ACL to filter directed broadcasts, only the directed broadcasts

that pass the ACL filtering can be forwarded to the directly connected network.

Disabling ICMP Error

Message Sending

Sending error packets is the major function of the Internet Control Message

Protocol (ICMP). ICMP packets are usually sent by the network layer protocols or

transport layer protocols to notify corresponding devices of failures.

Although sending ICMP error packets facilitates network control and

management, it still has the following disadvantages:

■ Sending a lot of ICMP packets will increase network traffic.

■ If receiving a lot of malicious packets that cause a device to send ICMP error

packets, the device’s performance will be reduced.

■ As the ICMP redirection function increases the routing table size of hosts, the

hosts’ performance will be reduced if the routing table becomes very large.

■ If a host sends malicious ICMP destination unreachable packets, end users may

be affected.

To solve such problems, you can disable a device from sending ICMP error packets.

Currently, you can only disable the sending of ICMP redirect messages.

Displaying and

Debugging IP

Performance

After the above configurations, you can execute the display command in any

view to display the running status to verify your IP performance configuration.

Table 79 Enable forwarding of directed broadcast packets

Operation Command Description

Enter system view system-view -

Enter VLAN interface view interface interface-type

interface-number

Enable forwarding of

directed broadcast packets

to a directly connected

network

ip forward-broadcast

[ acl-number ]

Required

By default, the switch does not

forward directed broadcast packets

to a directly connected network.

Table 80 Disable ICMP redirect message sending

Operation Command Description

Enter system view system-view -

Disable ICMP redirect

message sending

undo icmp redirect send Required

By default, the ICMP redirect

message sending is enabled.