Configuring Icmpv6 Packet Sending; Configuring The Maximum Icmpv6 Error Packets Sent In An Interval; Enabling Replying To Multicast Echo Requests; Enabling Sending Of Icmpv6 Time Exceeded Messages - HP A5120 EI Series Configuration Manual

Hide thumbs Also See for A5120 EI Series:
Table of Contents

Advertisement

Configuring ICMPv6 packet sending

Configuring the maximum ICMPv6 error packets sent in an
interval
If too many ICMPv6 error packets are sent within a short time in a network, network congestion may
occur. To avoid network congestion, you can control the maximum number of ICMPv6 error packets sent
within a specified time by adopting the token bucket algorithm.
You can set the capacity of a token bucket to determine the number of tokens in the bucket. In addition,
you can set the update interval of the token bucket, that is, the interval for restoring the configured
capacity. One token allows one ICMPv6 error packet to be sent. Each time an ICMPv6 error packet is
sent, the number of tokens in a token bucket decreases by one. If the number of ICMPv6 error packets
successively sent exceeds the capacity of the token bucket, the additional ICMPv6 error packets cannot
be sent out until the capacity of the token bucket is restored.
Follow these steps to configure the capacity and update interval of the token bucket:
To do...
Enter system view
Configure the capacity
and update interval of
the token bucket

Enabling replying to multicast echo requests

If hosts are configured to answer multicast echo requests, an attacker may use this mechanism to attack a
host. For example, if Host A (an attacker) sends an echo request with the source being Host B to a
multicast address, all the hosts in the multicast group will send echo replies to Host B. To prevent such an
attack, disable the switch from replying multicast echo requests by default. In some application scenarios,
however, you need to enable the switch to reply multicast echo requests.
Follow these steps to enable replying to multicast echo requests:
To do...
Enter system view
Enable replying to multicast echo
requests

Enabling sending of ICMPv6 time exceeded messages

A switch sends out an ICMPv6 Time Exceeded message in the following cases.
If a received IPv6 packet's destination IP address is not a local address and its hop limit is 1, the
switch sends an ICMPv6 Hop Limit Exceeded message to the source.
Use the command...
system-view
ipv6 icmp-error { bucket
bucket-size | ratelimit
interval } *
Use the command...
system-view
ipv6 icmpv6 multicast-echo-reply
enable
133
Remarks
Optional
By default, the capacity of a token bucket is 10
and the update interval is 100 milliseconds. At
most 10 ICMPv6 error packets can be sent within
100 milliseconds.
The update interval ―0‖ indicates that the number
of ICMPv6 error packets sent is not restricted.
Remarks
Required
Not enabled by default.

Hide quick links:

Advertisement

Table of Contents
loading

Table of Contents