08-17-2016 12:47 PM
Dear,
I want to block traffic to be routed through same interface it got in my router. Is it possible?
Ideas maybe? Please
Thanks
08-18-2016 12:06 AM
I think that this is exactly thing which ICMP redirect does.
So just enable this feature (I think that it is enabled by default).
Or if you want to discard traffic (not redirect to another gateway), then use extended ACL.
Let say that you use network 192.168.1.0/24
then create extended ACL with rules:
deny ip 192.168.1.0 0.0.0.255 192.168.1.0 0.0.0.255
permit ip any any
And apply on interface with command:
ip access-group ACL_NAME out
Now all outbound traffic on interface from same network will be dropped.
But situation described by you shouldn´t happened.
Please correct me someone if I am wrong.
08-24-2016 10:51 AM
Thanks Milos.
One problem with ICMP redirects, first packet is forwarded independently of existency of a better route. Next packets will use ICMP redirect's information.
I think that, cisco should have a simple command to avoid this scene.
Greetings...!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide