< Home

Configuring the Switch to Discard IP Packets Matching No Routing Entry

Context

If the switch receives an IP packet that matches no routing entry in the local routing table, it sends the packet to the CPU. If a lot of IP packets match no routing entry because of an attack or incorrect network configuration, the CPU is busy. To prevent this problem, configure the switch to discard these packets.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ipv4 destination-unreachable drop

    The switch is configured to discard IP packets that match no routing entry.

    By default, the function of discarding IP packets that match no routing entry is enabled.

    Only the S5720-EI, S5720-HI, S5720I-SI, S5720S-SI, S5720-SI, S5735-L, S5735S-L, S5735S-L-M, S5735-S, S5735S-S, S5735-S-I, S5730-HI, S5730S-EI, S5730-SI, S5731-H, S5731-S, S5731S-H, S5731S-S, S5732-H, S6720-EI, S6720-HI, S6720-LI, S6720S-EI, S6720S-LI, S6720S-SI, S6720-SI, S6730-H, S6730S-H, S6730-S, and S6730S-S support this command.

Parent Topic: Optimizing IP Performance
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >