[95513] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: ICMP unreachables, code 9,10,13

daemon@ATHENA.MIT.EDU (Roland Dobbins)
Wed Mar 28 19:22:53 2007

In-Reply-To: <20070328225740.GA2663@mozart.cs.colostate.edu>
From: Roland Dobbins <rdobbins@cisco.com>
Date: Wed, 28 Mar 2007 16:14:17 -0700
To: nanog <nanog@merit.edu>
Errors-To: owner-nanog@merit.edu



On Mar 28, 2007, at 3:57 PM, Christos Papadopoulos wrote:

> Responses with these codes seem to imply the presence of a firewall.
> Is this assumption correct or are these codes meaningless?

Not just firewalls - ACLs on routers, too.

A common practice is to either turn off sending of unreachables or to  
at least rate-limit them to preserve CPU on the router.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins@cisco.com> // 408.527.6376 voice

         Words that come from a machine have no soul.

                       -- Duong Van Ngo


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[95513] in North American Network Operators' Group

Re: ICMP unreachables, code 9,10,13

daemon@ATHENA.MIT.EDU (Roland Dobbins)Wed Mar 28 19:22:53 2007

daemon@ATHENA.MIT.EDU (Roland Dobbins)
Wed Mar 28 19:22:53 2007