Filter
Top Products
26-3
Cisco 10000 Series Router Software Configuration Guide
OL-2226-23
Chapter 26 Protecting the Router from DoS Attacks
Configuration Examples for IP Options Selective Drop
DETAILED STEPS
Verifying IP Options Packets
Use the show ip traffic command to verify that the router drops all the packets received with IP options.
Configuration Examples for IP Options Selective Drop
This section provides the following configuration examples:
• Dropping IP Options Packets: Example, page 26-3
• Verifying IP Options Handling: Example, page 26-4
Dropping IP Options Packets: Example
The following sample configuration shows how to configure the router (and downstream routers) to drop
all the packets with IP options that enter the network:
Router(config)# ip options drop
% Warning:RSVP and other protocols that use IP Options packets may not function in drop or
ignore modes.
end
Command or Action Purpose
Step 1
enable
Example:
Router> enable
Enables privileged EXEC mode.
• Enter your password if prompted.
Step 2
configure terminal
Example:
Router# configure terminal
Enters global configuration mode.
Step 3
ip options drop
Example:
Router(config)# ip options drop
Turns IP options processing off. The router drops all the
packets received with IP options.
Note To resume normal options processing, use the no
form of the command: no ip options.