[c-nsp] what the heck is "ip forward-protocol nd" good for

Nick Cutting ncutting at edgetg.co.uk
Thu Apr 7 08:06:28 EDT 2016

The whizzkids often used a connection to the super-unprotected LAN to get themselves out of a locked room while they were being held captive by white collar criminals.
Those 80's protocols got them out of numerous Jams.

-----Original Message-----
From: cisco-nsp [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Phil Mayers
Sent: 07 April 2016 13:03
To: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] what the heck is "ip forward-protocol nd" good for

On 06/04/16 17:16, Sebastian Beutel wrote:

> What do you think: Is this a bug?

As others have said: IOS defaults are, largely, insane for 2016.

We have:

no ip forward-protocol nd
no ip forward-protocol udp tftp
no ip forward-protocol udp nameserver
no ip forward-protocol udp domain
no ip forward-protocol udp time
no ip forward-protocol udp netbios-ns
no ip forward-protocol udp netbios-dgm
no ip forward-protocol udp tacacs

...amongst other things in our standard IOS config.

It's one more tedious part of modern IT - reaping the "benefits" of compatibility with the very best the 1980s had to offer.

cisco-nsp mailing list  cisco-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list