Specifications

2-277

Catalyst 4500 Se ries S wit ch C is co IO S C om mand R efer ence —Re lease I OS XE 3 .3.0 XO(1 5.1 (1)XO)

OL_28738 -01

Chapter 2 Cisco IOS Commands for the Catalyst 4500 Series Switches

ip verify header vlan all

To enable IP header validation for Layer 2-swit ched IPv4 packets, use the ip verify header vlan all

command. To disable the IP header validation, use the no form of this command.

ip verify header vlan all

no ip verify header vlan all

Syntax Description This command has no default settings.

Defaults The IP header is valid ated for bridged and route d IPv4 packets.

Command Modes Global configura tion mode

Usage Guidelines This command doe s not a pply to Layer 3-switche d (rout ed) pac kets.

The Catalyst 4500 series switch ch ecks the validity of the foll owing fields in the IPv4 header for all

switched IPv4 packets:

• The version must be 4.

• The header length must be gre ater than or equal to 20 bytes .

• The total length must be greater than or equal to four times the header length and greater than the

Layer 2 packet size minus the Layer 2 encaps ulation size.

If an IPv4 packet fails the IP header validation, the packet is dropped. If you disable the header

validation, the packets with the invalid IP headers are bridged but are not routed even if routing was

intended. The IPv4 access lists also are not applied to the IP headers.

Examples This example shows how to disable the IP header validation for the Layer 2-switched IPv4 packets:

Switch# config terminal

Switch(config)# no ip verify header vlan all

Switch(config)# end

Switch#