The icmp send command enables the system to send ICMP packets of a specified type.
The undo icmp send command disables the system from sending ICMP packets of a specified type.
The clear icmp send command clears the configurations of the icmp send and undo icmp send commands.
By default, the system is enabled to send ICMP packets.
clear icmp name { echo | echo-reply | net-unreachable | parameter-problem | timestamp-reply | timestamp-request | ttl-exceeded } send
clear icmp name reassembly-timeout send
clear icmp name port-unreachable send
clear icmp name fragmentneed-dfset send
clear icmp name source-route-failed send
clear icmp type typevalue code codevalue send
icmp name { echo | echo-reply | net-unreachable | parameter-problem | timestamp-reply | timestamp-request | ttl-exceeded } send
icmp name reassembly-timeout send
icmp name port-unreachable send
icmp name fragmentneed-dfset send
icmp name source-route-failed send
icmp type typevalue code codevalue send
undo icmp name { echo | echo-reply | net-unreachable | parameter-problem | timestamp-reply | timestamp-request | ttl-exceeded } send
undo icmp name reassembly-timeout send
undo icmp name port-unreachable send
undo icmp name fragmentneed-dfset send
undo icmp name source-route-failed send
undo icmp type typevalue code codevalue send
| Parameter | Description | Value |
|---|---|---|
| echo |
Enables the device to send ICMP Echo packets. An ICMP Echo packet is sent to the destination host during a ping operation. The destination host responds with an ICMP Echo Reply packet, indicating that the destination is reachable. |
- |
| echo-reply |
Enables the device to send ICMP Echo Reply packets. |
- |
| net-unreachable |
Enables the device to send net-unreachable packets. |
- |
| parameter-problem |
Enables the device to send parameter-problem packets. |
- |
| timestamp-reply |
Enables the device to send Timestamp Reply packets. |
- |
| timestamp-request |
Enables the device to send Timestamp Request packets. |
- |
| ttl-exceeded |
Enables the device to send ICMP TTL Exceeded packets. |
- |
| name |
Enables the system to send ICMP packets with a name. |
- |
| reassembly-timeout |
Enables the system to send reassembly-timeout packets. |
- |
| port-unreachable |
Enables the device to send ICMP port-unreachable packets. |
- |
| fragmentneed-dfset |
Enables the device to send fragmentneed-DFset packets. |
- |
| source-route-failed |
Enables the device to send source-route-failed packets. |
- |
| type typevalue |
Enables the system to send ICMP packets with a specified type. |
type: The value is an integer ranging from 0 to 255. You can run the icmp name ? command in the system view or interface view to view the mappings between the ICMP packet name, type, and code. |
| code codevalue |
Enables the system to send ICMP packets with a specified code. |
code: The value is an integer ranging from 0 to 255. You can run the icmp name ? command in the system view or interface view to view the mappings between the ICMP packet name, type, and code. |
Usage Scenario
In normal situations, the system can properly send ICMP packets. In case of heavy network traffic, if hosts or ports are frequently unreachable, devices send a large number of ICMP packets, which causes heavy traffic burden and performance deterioration. In addition, network attackers often use ICMP error packets to spy on the internal structure of the network.
To improve network performance and security, run the undo icmp send command to disable the system from sending ICMP packets of a specified type. If you want to restore the default configuration and the display this command output does not contain the icmp send or undo icmp send command configuration, run the clear icmp send command.Configuration Impact
After the system is disabled from sending ICMP packets, the system collects only statistics about discarded packets.
Precautions
By default, a device can respond to ICMP TTL timeout packets. Other devices may obtain the IP address of the local device through traceroute. To disable this function, run the icmp name ttl-exceeded send command.