Firewall Wizards mailing list archives
Re: ICMP Packets.
From: "Perry E. Metzger" <perry () piermont com>
Date: Tue, 02 Jun 1998 12:14:48 -0400
"Don Kendrick" writes:
In the standard configuration of you, with a perimeter router, connected point to point with an ISP's router; there's no reason I can think of other than troubleshooting to allow ICMP packets to enter your perimeter.
I think stopping ICMP is, in general, a very bad idea. Among other things, you totally screw up Path MTU discovery, and you make it hard to trace network problems. The Path MTU breakage is especially bad -- it will, among other things, impact your network performance. Perry
Current thread:
- ICMP Packets. Toddb (Jun 01)
- Re: ICMP Packets. Henry Hertz Hobbit (Jun 02)
- Re: ICMP Packets. Bennett Todd (Jun 02)
- Re: ICMP Packets. Perry E. Metzger (Jun 02)
- Re: ICMP Packets. tqbf (Jun 02)
- Re: ICMP Packets. Darren Reed (Jun 03)
- <Possible follow-ups>
- Re: ICMP Packets. Don Kendrick (Jun 02)
- Re: ICMP Packets. Perry E. Metzger (Jun 02)
- Re: ICMP Packets. Alec Muffett - SunLabs (Jun 02)
- Re: ICMP Packets. James R Grinter (Jun 02)
- Re: ICMP Packets. Henry Hertz Hobbit (Jun 03)
- Re: ICMP Packets. Don Kendrick (Jun 02)
- Re: ICMP Packets. Perry E. Metzger (Jun 02)
- Re: ICMP Packets. Perry E. Metzger (Jun 03)
- Re: ICMP Packets. Bennett Todd (Jun 04)
- Re: ICMP Packets. Paul D. Robertson (Jun 05)
- Re: ICMP Packets. Don Kendrick (Jun 02)
- Re: ICMP Packets. Perry E. Metzger (Jun 03)
(Thread continues...)
- Re: ICMP Packets. Henry Hertz Hobbit (Jun 02)