No IP Unreachable
Overview
The "no ip unreachable" feature in networking devices is a configuration used to enhance network security and efficiency by disabling the generation of Internet Control Message Protocol (ICMP) unreachable messages. Normally, these messages are sent by routers and other network devices in response to packets that cannot be delivered to their intended destination for various reasons.
When the "no ip unreachable" command is enabled, the network device stops sending these ICMP unreachable messages.
Supported ICMP Unreachable Codes
Here are the codes used in ICMPv6 Unreachable.
Table 80. ICMP Unreachable Codes
|
0
|
Destination network unreachable
|
|
|
1
|
Destination host unreachable
|
|
|
2
|
Destination protocol unreachable
|
|
|
3
|
Destination port unreachable
|
The destination network is not reachable from the current router.
|
|
4
|
Fragmentation needed and DF flag set
|
The specific destination host within a reachable network is not accessible.
|
|
5
|
Source Route Failed
|
The protocol specified in the packet is not supported by the destination.
|
|
6
|
Destination Network Unknown
|
The destination port is not open or not listening on the destination device.
|
|
7
|
Destination Host Unknown
|
NA
|
|
8
|
Source Host Isolated
|
NA
|
|
9
|
Network Administratively Prohibited
|
NA
|
|
10
|
Network Administratively Prohibited
|
NA
|
|
11
|
Network Unreachable for TOS
|
NA
|
|
12
|
Host Unreachable for TOS
|
NA
|
|
13
|
Communication Administratively Prohibited
|
NA
|
|
14
|
Host Precedence Violation
|
NA
|
|
15
|
Precedence Cutoff in Effect
|
NA
|
|
|
|
|
Supported ICMPv6 Unreachable Codes
Here are the codes used in ICMPv6 Unreachable.
Table 81. ICMPv6 Unreachable Codes
|
0
|
No route to destination
|
|
1
|
Communication with destination administratively prohibited
|
|
2
|
Beyond scope of source address
|
|
3
|
Address unreachable
|
|
4
|
Port unreachable
|
|
5
|
Source address failed ingress/egress policy
|
|
6
|
Reject route to destination
|
Feature Characteristics
The "no ip unreachable" feature is used to prevent a device from sending ICMP unreachable messages. These messages are typically generated when a router cannot forward a packet because the destination is unreachable. Disabling these messages can enhance network performance and security.
Benefits
The advantages of utilizing a No IP Unreachables:
- Enhanced Security
- Performance Optimization
- Simplified Troubleshooting.