I tried duplicating this by using a REL3 (RedHat Enterprise Linux 3) client and sending a broadcast ping to the subnet on which the switches reside, and I did not see anything logged in my /var/log/messages.
However, this may be related to the features of the 3324/48. This platform has some similarities to the 6024, so it has some layer 3 functionality built in. These features are simply disabled as it was designed as a layer 2 switch.
There are no specific commands to disable any ICMP unreachable responses (like Cisco's "no ip unreachables" command), so the only way to prevent these messages might be using either a management access-list or an ip access-list denying this traffic. The best way to resolve the messages, however, would be to "sniff" traffic on an uplink to isolate the source of the broadcast ping.
Broadcast pings are commonly used for DOS (Denial of Service) attacks and footprinting, so you might treat this as a possible security issue.
Ah well, I'd hoped to disable it on the switch, but it's not life or death - I'll just live with it for the moment and if I get a spare moment might look into packet sniffing, etc. :)
GregG1
2 Intern
•
812 Posts
0
June 15th, 2004 15:00
I tried duplicating this by using a REL3 (RedHat Enterprise Linux 3) client and sending a broadcast ping to the subnet on which the switches reside, and I did not see anything logged in my /var/log/messages.
However, this may be related to the features of the 3324/48. This platform has some similarities to the 6024, so it has some layer 3 functionality built in. These features are simply disabled as it was designed as a layer 2 switch.
There are no specific commands to disable any ICMP unreachable responses (like Cisco's "no ip unreachables" command), so the only way to prevent these messages might be using either a management access-list or an ip access-list denying this traffic. The best way to resolve the messages, however, would be to "sniff" traffic on an uplink to isolate the source of the broadcast ping.
Broadcast pings are commonly used for DOS (Denial of Service) attacks and footprinting, so you might treat this as a possible security issue.
gdhgdh
10 Posts
0
June 16th, 2004 07:00
Ah well, I'd hoped to disable it on the switch, but it's not life or death - I'll just live with it for the moment and if I get a spare moment might look into packet sniffing, etc. :)
Cheers,
Gavin.