Verifying Ip Options Packets; Configuration Examples For Ip Options Selective Drop; Dropping Ip Options Packets: Example - Cisco 10000-2P2-2DC Software Configuration Manual

Chapter 26 Protecting the Router from DoS Attacks
DETAILED STEPS
Command or Action
Step 1
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
ip options drop
Example:
Router(config)# ip options drop

Verifying IP Options Packets

Use the show ip traffic command to verify that the router drops all the packets received with IP options.
Configuration Examples for
This section provides the following configuration examples:
•
•

Dropping IP Options Packets: Example

The following sample configuration shows how to configure the router (and downstream routers) to drop
all the packets with IP options that enter the network:
Router(config)# ip options drop
% Warning:RSVP and other protocols that use IP Options packets may not function in drop or
ignore modes.
end
OL-2226-23
Dropping IP Options Packets: Example, page 26-3
Verifying IP Options Handling: Example, page 26-4

Configuration Examples for IP Options Selective Drop

Purpose
Enables privileged EXEC mode.
Enter your password if prompted.
•
Enters global configuration mode.
Turns IP options processing off. The router drops all the
packets received with IP options.
Note To resume normal options processing, use the no
form of the command: no ip options.
IP Options Selective Drop
Cisco 10000 Series Router Software Configuration Guide
26-3