ICMP unreachables, code 9,10,13

Roland Dobbins rdobbins at cisco.com
Wed Mar 28 23:14:17 UTC 2007


On Mar 28, 2007, at 3:57 PM, Christos Papadopoulos wrote:

> Responses with these codes seem to imply the presence of a firewall.
> Is this assumption correct or are these codes meaningless?

Not just firewalls - ACLs on routers, too.

A common practice is to either turn off sending of unreachables or to  
at least rate-limit them to preserve CPU on the router.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at cisco.com> // 408.527.6376 voice

         Words that come from a machine have no soul.

                       -- Duong Van Ngo




More information about the NANOG mailing list