[c-nsp] ACL to block udp/0?
Hank Nussbacher
hank at interall.co.il
Wed Dec 6 02:03:33 EST 2023
On 05/12/2023 23:44, Gert Doering wrote:
> D'Wayne Saunders already pointed at this most likely being fragments -
> large packet reflections, and all non-initial fragments being reported by
> IOS* as "port 0" (so you should see 1500 byte regular UDP as well, with
> a non-0 port number)
>
> IOS XR syntax for fragment blocking is
>
> deny ipv4 any any fragments
>
> gert
To both D'Wayne and Gert - thx!
Regards,
Hank
More information about the cisco-nsp
mailing list