The ipv6 icmp receive command enables the system to receive ICMPv6 messages with the local address as the destination address.
The undo ipv6 icmp receive command disables the system from receiving ICMPv6 messages with the local address as the destination address.
By default, the system receives ICMPv6 messages with the local address as the destination address.
ipv6 icmp { icmpv6-type icmpv6-code | icmpv6-name | all } receive
undo ipv6 icmp { icmpv6-type icmpv6-code | icmpv6-name | all } receive
| Parameter | Description | Value |
|---|---|---|
icmpv6-type |
Specifies the type of ICMPv6 messages. | The value is an integer in the range from 0 to 255. |
icmpv6-code |
Specifies the code of ICMPv6 messages. | The value is an integer in the range from 0 to 255. |
icmpv6-name |
Specifies the name of ICMPv6 messages. | ICMPv6 messages are classified into the following types:
|
all |
Indicates all ICMPv6 messages. | - |
Usage Scenario
In normal cases, a switch can properly receive ICMPv6 messages. However, when network traffic load is heavy, host unreachable or port unreachable events frequently occur, the switch receives a large number of ICMPv6 messages, which burdens the network and degrades device performance. In addition, attackers usually use ICMPv6 error messages to probe the internal network topology.
To improve network performance and security, run the undo ipv6 icmp receive command to disable the system from receiving ICMPv6 Echo Reply packets, Host Unreachable packets, and Port Unreachable packets with the local address as the destination address.
Precautions
When the network is in good performance again, you can run the ipv6 icmp receive command to enable the system to receive ICMPv6 messages with the local address as the destination address.
After the undo ipv6 icmp receive command is run, main interfaces are disabled from processing these ICMPv6 messages. In addition, the system does not collect statistics on these messages that are received but collects statistics on discarded messages.