3com 4210 PWR 9-Port 3CR17341-91-ME 用户手册
产品代码
3CR17341-91-ME
92
C
HAPTER
8: IP P
ERFORMANCE
C
ONFIGURATION
the system restarts the timer from receiving the last non-FIN packet. The
connection is broken after the timer expires.
connection is broken after the timer expires.
■
Size of TCP receive/send buffer
Disabling ICMP to Send
Error Packets
Sending error packets is a major function of ICMP protocol. In case of network
abnormalities, ICMP packets are usually sent by the network or transport layer
protocols to notify corresponding devices so as to facilitate control and
management.
abnormalities, ICMP packets are usually sent by the network or transport layer
protocols to notify corresponding devices so as to facilitate control and
management.
By default, Switch 4210 Family support sending ICMP redirect and destination
unreachable packets.
unreachable packets.
Although sending ICMP error packets facilitate control and management, it still
has the following disadvantages:
has the following disadvantages:
■
Sending a lot of ICMP packets will increase network traffic.
■
If receiving a lot of malicious packets that cause it to send ICMP error packets,
the device’s performance will be reduced.
the device’s performance will be reduced.
■
As the ICMP redirection function increases the routing table size of a host, the
host’s performance will be reduced if its routing table becomes very large.
host’s performance will be reduced if its routing table becomes very large.
■
If a host sends malicious ICMP destination unreachable packets, end users may
be affected.
be affected.
You can disable the device from sending such ICMP error packets for reducing
network traffic and preventing malicious attacks.
network traffic and preventing malicious attacks.
Table 52 Configure TCP attributes
Operation
Command
Remarks
Enter system view
system-view
-
Configure TCP synwait timer’s
timeout value
timeout value
tcp timer syn-timeout
time-value
time-value
Optional
By default, the timeout value
is 75 seconds.
is 75 seconds.
Configure TCP finwait timer’s
timeout value
timeout value
tcp timer fin-timeout
time-value
time-value
Optional
By default, the timeout value
is 675 seconds.
is 675 seconds.
Configure the size of TCP
receive/send buffer
receive/send buffer
tcp window window-size
Optional
By default, the buffer is 8
kilobytes.
kilobytes.
Table 53 Disable sending ICMP error packets
Operation
Command
Remarks
Enter system view
system-view
-
Disable sending ICMP
redirects
redirects
undo icmp redirect send
Required
Enabled by default
Disable sending ICMP
destination unreachable
packets
destination unreachable
packets
undo icmp unreach send
Required
Enabled by default