R211x-HP Flexfabric 11900 Layer 3 - IP Services Command Reference
209
Usage guidelines
To avoid sending excessive ICMPv6 error messages within a short period that might cause network
congestion, you can use the command to limit the rate at which ICMPv6 error messages are sent. A token
bucket algorithm is used with one token representing one ICMPv6 error message. Tokens are placed in
the bucket at a specific interval until the maximum number of tokens that the bucket can hold is reached.
Tokens are removed from the bucket when ICMPv6 error messages are sent. When the bucket is empty,
ICMPv6 error messages are not sent until a new token is placed in the bucket.
Examples
# Configure an interval of 200 milliseconds and bucket size of 40 tokens for ICMPv6 error messages.
<Sysname> system-view
[Sysname] ipv6 icmpv6 error-interval 200 40
ipv6 icmpv6 multicast-echo-reply enable
Use ipv6 icmpv6 multicast-echo-reply enable to enable replying to multicast echo requests.
Use undo ipv6 icmpv6 multicast-echo-reply to disable replying to multicast echo requests.
Syntax
ipv6 icmpv6 multicast-echo-reply enable
undo ipv6 icmpv6 multicast-echo-reply enable
Default
The device is disabled from replying to multicast echo requests.
Views
System view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
If a host is configured to reply to multicast echo requests, an attacker can use this mechanism to attack
the host. For example, if Host A (an attacker) sends an echo request to a multicast address with Host B as
the source, all hosts in the multicast group send echo replies to Host B.
To prevent attacks, do not enable the device to reply to multicast echo requests unless necessary.
Examples
# Enable replying to multicast echo requests.
<Sysname> system-view
[Sysname] ipv6 icmpv6 multicast-echo-reply enable
ipv6 icmpv6 source
Use ipv6 icmpv6 source to specify an IPv6 address as the source address for outgoing ICMPv6 packets.
Use undo ipv6 icmpv6 source to restore the default.