Hi, When I read the OP I figured he was talking about automatically generated ICMP messages (e.g. unreachables, source quench), not pings send for administrative purposes (or IP SLAs or whatever).
I don't personally know of an elegant way to achieve this. One potentially undesirable option might be to disable unreachables ("no ip unreachables") on the privately-addressed interfaces. Why are the messages being generated anyway? no route? ACL violation? Sending the messages sourced with an address of anything but the interface where the packet landed probably violates some RFC. I _can_ see why you (Mike) want to do this. Such packets (sourced with RFC1918 addresses) should be explicitly nailed at the perimeter anyway. cheers, Dale On Fri, Feb 6, 2009 at 3:19 PM, Hill, Matt W <hill.mat...@edumail.vic.gov.au> wrote: > Hi Mike, > > Try this: > > Ping ip > <follow prompts> > Extended commands <- press "y" > > Then you can specify the source. > > Cheers, > Matt > > -- > Matt Hill > CCIE #22386 > p: +61 3 9637 3509 | m: +61 4 1330 3635 | f: +61 3 96372600 | e: > hill.mat...@edumail.vic.gov.au > Data Communications Consultant | Infrastructure Engineering | ITD | DEECD > Level 2 East, 2 Treasury Place, East Melbourne, Victoria, Australia, 3002 > > > -----Original Message----- > From: cisco-nsp-boun...@puck.nether.net > [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Mike > Sent: Friday, 6 February 2009 3:08 PM > To: cisco-nsp@puck.nether.net > Subject: [c-nsp] setting source address for icmp messages > > Hello, > > I'm trying to learn how to get my 7204vxr to not send icmp messages with > the source ip of interface the message is being sent out. I have a > public ip on my loopback and thought this was what ios preferred if it > exists? I have some other interfaces which have 10.x.x.x addresses and > icmp messages like host unreachable and such are sourced from this which > is undesirable due to inbound filtering at many sites at their gateways > for rfc1918 and other bogon addresses. > > Am I being silly to want this or is there something I can do to get my > way here? > > Tks. > > Mike- _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/