30 Jul
1997
30 Jul
'97
8:02 p.m.
Well, I've been filtering ICMP for quite a while at my border routers, and other than the occasional braindead sendmail configuration, and the fact that Solaris ping can't handle the "Administratively prohibited" return from the IOS filter rule, I've yet to see a major downside.
Under certain conditions filtering all ICMP messages will break Path MTU discovery. Check your router vendor's documentation for information about filtering types of ICMP messages. -- Sean Donelan, Data Research Associates, Inc, St. Louis, MO Affiliation given for identification not representation