Configuring ICMP Properties
Context
The Internet Control Message Protocol (ICMP) is a protocol of the TCP/IP protocol suite. It exchanges messages between hosts and routing devices. When receiving an ICMP packet, the device sends the packet to the CPU. When a device receives a large number of ICMP packets, the forwarding performance of the device degrades. Therefore, you need to set related ICMP properties to optimize IP performance.
Procedure
- Set ICMP properties in the system view to optimize IP performance.
- Set ICMP properties as required to optimize IP performance.
Run icmp-reply fast
The fast ICMP reply function is enabled.
By default, the fast ICMP reply function is enabled.
The fast ICMP reply function does not take effect on VBDIF interfaces.
For the S5720-EI, S6720-EI, and S6720S-EI:- The fast ICMP reply function does not take effect on sub-interfaces.
- When a routed main interface (supporting Layer 2 and Layer 3 mode switching) is bound to a VPN instance, the fast ICMP reply function does not take effect on the interface.
Run icmp ttl-exceeded drop { slot slot-id | all }
The switch is configured to discard the ICMP packets whose TTL values are 1.
By default, the function of discarding ICMP packets with TTL values of 1 is disabled.
Run icmp with-options drop { slotslot-id | all }
The switch is configured to discard the ICMP packets that carry options.
By default, the function of discarding ICMP packets that carry options is disabled.
Run icmp unreachable drop
The function of discarding ICMP Destination Unreachable packets is enabled.
By default, the function of discarding ICMP Destination Unreachable packets is disabled.
Run undo icmp { typeicmp-typecodeicmp-code | nameicmp-name | all } receive
The function of receiving ICMP packets is disabled.
By default, the function of receiving ICMP packets is enabled.
Run undo icmp host-unreachable send
The function of sending ICMP Host Unreachable packets is disabled.
By default, the function of sending ICMP Host Unreachable packets is enabled.
The icmp host-unreachable send command can be run in the system view or interface view.
- After the function of sending ICMP Host Unreachable packets is disabled in the system view, all interfaces do not send ICMP Host Unreachable packets. Even if the function is enabled on an interface, the interface does not send ICMP Host Unreachable packets.
- After the function of sending ICMP Host Unreachable packets is enabled in the system view, all interfaces send ICMP Host Unreachable packets because the function is enabled on all interfaces by default. You can run the undo icmp host-unreachable send command in the interface view to disable the function on a specified interface.
If the function of sending ICMP Host Unreachable packets is disabled, the switch does not send ICMP Host Unreachable packets in any situations.
Run undo icmp port-unreachable send
The function of sending ICMP Port Unreachable packets is disabled.
By default, the function of sending ICMP Port Unreachable packets is enabled.
The icmp port-unreachable send command can be run in the system view or interface view.
- After the function of sending ICMP Port Unreachable packets is disabled in the system view, all interfaces do not send ICMP Port Unreachable packets. Even if the function is enabled on an interface, the interface does not send ICMP Port Unreachable packets.
- After the function of sending ICMP Port Unreachable packets is enabled in the system view, all interfaces send ICMP Port Unreachable packets because the function is enabled on all interfaces by default. You can run the undo icmp port-unreachable send command in the interface view to disable the function on a specified interface.
If the function of sending ICMP Port Unreachable packets is disabled, the switch does not send ICMP Port Unreachable packets in any situations.
Run undo icmp protocol-unreachable send
The function of sending ICMP Protocol Unreachable packets is disabled.
By default, the function of sending ICMP Protocol Unreachable packets is enabled.
Run icmp blackhole unreachable send
The switch is enabled to send an ICMP Destination Unreachable packet to an initiator when a tracert packet matches an IPv4 blackhole route.
By default, the switch is disabled from sending an ICMP Destination Unreachable packet to an initiator when a tracert packet matches an IPv4 blackhole route.
Run icmp time-exceed { extension { compliant | non-compliant } | classic }
The format of ICMP Time Exceeded packets is configured.
By default, ICMP Time Exceeded packets carry extension headers in compliant mode and original datagrams are of variable length.
- Set ICMP properties as required to optimize IP performance.
- Set ICMP properties in the interface view to optimize IP performance.
- (Optional) On an Ethernet interface, run undo portswitch
The interface is switched to Layer 3 mode.
By default, an Ethernet interface works in Layer 2 mode.
Only the S5720-EI, S5720-HI, S5730-HI, S5731-H, S5731-S, S5731S-H, S5731S-S, S5732-H, S6720-EI, S6720-HI, S6720S-EI, S6730-H, S6730S-H, S6730-S, and S6730S-S support switching between Layer 2 and Layer 3 modes.
- Set ICMP properties in the interface view as required to optimize IP performance.
Run undo icmp redirect send
The function of sending ICMP Redirect packets is disabled.
By default, the function of sending ICMP Redirect packets is enabled.
If the function of sending ICMP Redirect packets is disabled, the switch does not send ICMP Redirect packets in any situations.
Run undo icmp ttl-exceeded send
The function of sending ICMP Time Exceeded packet is disabled.
By default, the function of sending ICMP Time Exceeded packet is enabled.
Run undo icmp port-unreachable send
The function of sending ICMP Port Unreachable packets is disabled.
By default, the function of sending ICMP Port Unreachable packets is enabled.
Run undo icmp host-unreachable send
The function of sending ICMP Host Unreachable packets is disabled.
By default, the function of sending ICMP Host Unreachable packets is enabled.
- (Optional) On an Ethernet interface, run undo portswitch