RE: ICMP redirects

From: R&S Groupstudy (rsg@synergy-networking.co.uk)
Date: Wed Nov 12 2003 - 13:02:14 GMT-3

• Next message: MCDONALD, ROMAN (SBCSI): "RE: New CCIE #12483"
• Previous message: HP-France,ex2: "OT: ICMP redirects"
• Next in thread: HP-France,ex2: "RE: ICMP redirects"
• Maybe reply: HP-France,ex2: "RE: ICMP redirects"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I can't think of a configurable option, but consider this.

1. configure up a route-map that matches on packet length and drops the
packet if it's too big

e.g.
route-map my_map deny 5
match length 1548 1550

int xxx x/x
ip policy my_map etc etc

you need to check out the values here - may be in bits, I don't know

2. the router would presumably send back a icmp unreachable - but without
the MTU info you specify below.

3. good luck

Adam

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
SANCHEZ-MONGE,ANTONIO (HP-France,ex2)
Sent: 12 November 2003 15:54
To: ccielab@groupstudy.com
Subject: OT: ICMP redirects

Hello all,

RFC 1191 specifies that ICMP unreachable packets for MTU issues must contain
the MTU of the next hop.

Is there any way to make Cisco behaviour non-RFC compliant, I mean, to send
the ICMP unreachable packets WITHOUT the next hop MTU in the payload?

In other words, I would like to suppress the "01 cc" extra information from
the ICMP payload in the following packet:

================================ IP Header (inbound -- [ICS])
================
Source: 192.168.2.2(C) Dest: 192.168.2.1(C)
       len: 56 ttl: 255 proto: 1 cksum: 0x330c id: 0x365
     flags: NONE tos: 0x0 hdrlen: 20 offset: 0x0 optlen: 0
-------------------------------- ICMP Header
---------------------------------
type: UNREACH chksum: 0x5ee1
code: IP_DF caused drop
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ IP Header/Data
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   0: 45 00 05 dc 99 0e 40 00 3f 06 18 bb c0 a8 02 01 E.....@.?.......
  16: c0 a8 01 01 cc fd 00 14 d4 63 fa b0 -- -- -- -- .........c......

Please note I am NOT asking how to suppress ICMP redirects nor how to use
adjust-mss, path-mtu-discovery, etc... I already tested those options and
understood how they work.

I guess the answer is: Cisco is RFC compliant, no way to suppress this info
from the ICMP PDU, but I wanted to ask just in case.

Best regards,
Antonio.

• Next message: MCDONALD, ROMAN (SBCSI): "RE: New CCIE #12483"
• Previous message: HP-France,ex2: "OT: ICMP redirects"
• Next in thread: HP-France,ex2: "RE: ICMP redirects"
• Maybe reply: HP-France,ex2: "RE: ICMP redirects"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Dec 12 2003 - 12:29:11 GMT-3