cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3590
Views
4
Helpful
5
Replies

ip source route

xine xine
Level 1
Level 1

Hi,

I'm working on network hardening...

I see if it's not use ip source route should be disable.... I would like to understand this to be able to know if it's used in our environnement or not...

Based on my read... it's look like have some relation to : "Local Source-Route Bridging", "Source-Route Translational Bridging", "Configuring Transparent Bridging" etc... (http://www.cisco.com/en/US/tech/tk331/tk660/tk610/tsd_technology_support_sub-protocol_home.html) but I'm not sure... can someone help me ?

1 Accepted Solution

Accepted Solutions

Usage of IP source routing is described in RFC791. Cisco supports setting this header option in extended ping/traceroute, see http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080093f22.shtml#ext_troute. Neither of these documents might make it clear why you want to do this. Don't have a good suggestion for a document that explains "why".

"Do you know, if some of those product need "IP source route" ? "

Sorry, don't know.

View solution in original post

5 Replies 5

andrew.prince
Level 10
Level 10

The above url is for token ring technologies - do you have token ring?

Yes we have a small network where token ring is running.... source route bridging is use on this network... I would like if source route brindging is related to "ip source route" ?

Second if the answer is yes... the token ring is behind a firewall, the command "ip source route" we would like to disable is running in core devices.... I would like lto know if we can still disable "ip source route" in core or if we can't !

To doing this I have to be able to explain correctly to the security team what is "ip source route" excatly and how is it work to know if it is currently permit through there firewall (by default) or not !

Joseph W. Doherty
Hall of Fame
Hall of Fame

The "ip source route" option is whether a router will honor explicit routing hops contained within an IP packet or not. This is different from source-route you're reading in references to Token Ring.

IP source routing can be used for some advanced network debugging; somewhat like "ping" is also used for network debugging. Deactivation of this capability normally doesn't impact routine traffic, although it disables some IP debugging capability.

Hi Joseph,

do you have a document which explain how "IP source route" works exactly and what debugging capability use this fonctionnality exactly....

I see on other documentation this feature is used by some management tool, we are using CiscoWorks (LMS 3.0) and Network Node Manager and OVO 7.5 (and next years will migrate to version 8.0 for both product) both from HP. Do you know, if some of those product need "IP source route" ?

thanks a lot !

Usage of IP source routing is described in RFC791. Cisco supports setting this header option in extended ping/traceroute, see http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080093f22.shtml#ext_troute. Neither of these documents might make it clear why you want to do this. Don't have a good suggestion for a document that explains "why".

"Do you know, if some of those product need "IP source route" ? "

Sorry, don't know.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: