Enabling sending ICMPv6 time exceeded messages

The device sends the source ICMPv6 time exceeded messages as follows:

If the device receives large numbers of malicious packets, its performance degrades greatly because it must send back ICMP time exceeded messages. To prevent such attacks, disable sending ICMPv6 time exceeded messages.

To enable sending ICMPv6 time exceeded messages:

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Enable sending ICMPv6 time exceeded messages.

ipv6 hoplimit-expires enable

The default setting is disabled.