Disabling ICMP Error Message Sending 133If you reference an ACL to filter directed broadcasts, only the directed broadcaststhat pass the ACL filtering can be forwarded to the directly connected network.Disabling ICMP ErrorMessage SendingSending error packets is the major function of the Internet Control MessageProtocol (ICMP). ICMP packets are usually sent by the network layer protocols ortransport layer protocols to notify corresponding devices of failures.Although sending ICMP error packets facilitates network control andmanagement, it still has the following disadvantages:■ Sending a lot of ICMP packets will increase network traffic.■ If receiving a lot of malicious packets that cause a device to send ICMP errorpackets, the device’s performance will be reduced.■ As the ICMP redirection function increases the routing table size of hosts, thehosts’ performance will be reduced if the routing table becomes very large.■ If a host sends malicious ICMP destination unreachable packets, end users maybe affected.To solve such problems, you can disable a device from sending ICMP error packets.Currently, you can only disable the sending of ICMP redirect messages.Displaying andDebugging IPPerformanceAfter the above configurations, you can execute the display command in anyview to display the running status to verify your IP performance configuration.Table 79 Enable forwarding of directed broadcast packetsOperation Command DescriptionEnter system view system-view -Enter VLAN interface view interface interface-typeinterface-number-Enable forwarding ofdirected broadcast packetsto a directly connectednetworkip forward-broadcast[ acl-number ]RequiredBy default, the switch does notforward directed broadcast packetsto a directly connected network.Table 80 Disable ICMP redirect message sendingOperation Command DescriptionEnter system view system-view -Disable ICMP redirectmessage sendingundo icmp redirect send RequiredBy default, the ICMP redirectmessage sending is enabled.