no ip redirects--this disables icmp redirect messages. Redirects happen when a router recognizes a packet arriving on an interface and the best route is out that same interface. In that case the router sends an icmp redirect back to the source telling them about a better router on the same subnet. Subsequent packets take the optimal path. If you disable this, the packets would have continued using the sub optimal path (in this scenario).
no ip unreachable--disable icmp type 3 generation. Can wreak havoc if an egress port has a lower mtu. This is because icmp "packet to big fragment needed" is type 3 code 4.
no ip proxy-arp--proxy arp allows the router to respond to any arp request that is out another interface according to the route table. Disabling this makes the router only respond to arps to the interface ip address.
no ip route-cache--process switches ip packets. Mostly useful only with debug ip packet.
No comments:
Post a Comment