Addendum

Using the Configured Source IP Address in ICMP
Messages
This functionality to enable ICMP messages, such as ICMP unreachable or ICMP error messages, to be
sent with the configured ICMP source interface IP address address instead of the front-end port IP
address for traceroute command output listing is supported on the S4810, S4820T, Z9000, S6000, and
MXL platforms.
ICMP error or unreachable messages are now sent with the configured IP address of the source interface,
such as the loopback address of the system, instead of the front-end port IP address as the source IP
address. This behavior is applicable if you enable the generation of ICMP unreachable messages by
entering the
ip unreachable command in Interface Configuration mode. When a ping or traceroute
packet from an endpoint or a device arrives at the null 0 interface configured with a static route, it is
discarded. In such cases, you can configure Internet Control Message Protocol (ICMP) unreachable
messages to be sent to the transmitting device or the origin for such discarded packets. The null interface
is a data sink that handles undesired traffic sent to a device because it does not forward or receive
packets, and merely discards them and sends ICMP unreachable messages.
Configuring the ICMP Source Interface
In network environments that contain a large number of devices, ranging up to thousands of systems,
and with each device configured for equal-cost multipath (ECMP) links, you cannot effectively and
optimally use the traceroute and ping applications to examine the network reachability and identify any
broken links for diagnostic purposes. In such cases, if the reply that is obtained from each hop on the
network path contains the IP address of the adjacent, neighboring interface from which the packet is
received, it is difficult to employ the ping and traceroute utilites. You can enable the ICMP error and
unreachable messages to contain the configured IP address of the source device instead of the previous
hop's IP address to be able to easily and quickly identify the device and devices along the path because
the DNS server maps the loopback IP address to the hostname and does not translate the IP address of
every interface of the switch to the hostname.
You can enable the mechanism to configure the source or the originating interface from which the
packet (the device that generates the ICMP error messages) is received by the switch to send the
configured source interface IP address instead of its front-end IP address to be used in the ICMP
unreachable messages and in the traceroute command output. You can use the ip icmp source-
interface interface or the ipv6 icmp source-interface interface commands in
Configuration mode for IPv4 and IPv6 packets respectively to enable the ICMP error messages to be sent
with the source interface IP address. This functionality is supported on loopback, VLAN, port channel, and
physical interfaces for IPv4 and IPv6 messages. This capability to configure the source interface to send
the IP address is not supported on tunnel interfaces. ICMP error relay, PATH MTU transmission, and
fragmented packets are not supported for tunnel interfaces. The traceroute utilities, for IPv4 and IPv6, list
the IP addresses of the devices in the hops of the path for which ICMP source-interface is configured.
Working of the Traceroute Utility
Traceroute sends a sequence of three ICMP echo request packets addressed to a destination host. The
time-to-live (TTL) value, also known as hop limit, is used in determining the intermediate routers being
traversed towards the destination. Routers decrement packets' TTL value by 1 when routing and discard
packets whose TTL value has reached zero, returning the ICMP error message, ICMP Time Exceeded.
Common default values for TTL are 128 (Windows OS) and 64 (Unix-based OS).
150
IPv4 Routing