Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

ip source route

Hi,

I'm working on network hardening...

I see if it's not use ip source route should be disable.... I would like to understand this to be able to know if it's used in our environnement or not...

Based on my read... it's look like have some relation to : "Local Source-Route Bridging", "Source-Route Translational Bridging", "Configuring Transparent Bridging" etc... (http://www.cisco.com/en/US/tech/tk331/tk660/tk610/tsd_technology_support_sub-protocol_home.html) but I'm not sure... can someone help me ?

1 ACCEPTED SOLUTION

Accepted Solutions
Super Bronze

Re: ip source route

Usage of IP source routing is described in RFC791. Cisco supports setting this header option in extended ping/traceroute, see http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080093f22.shtml#ext_troute. Neither of these documents might make it clear why you want to do this. Don't have a good suggestion for a document that explains "why".

"Do you know, if some of those product need "IP source route" ? "

Sorry, don't know.

5 REPLIES

Re: ip source route

The above url is for token ring technologies - do you have token ring?

New Member

Re: ip source route

Yes we have a small network where token ring is running.... source route bridging is use on this network... I would like if source route brindging is related to "ip source route" ?

Second if the answer is yes... the token ring is behind a firewall, the command "ip source route" we would like to disable is running in core devices.... I would like lto know if we can still disable "ip source route" in core or if we can't !

To doing this I have to be able to explain correctly to the security team what is "ip source route" excatly and how is it work to know if it is currently permit through there firewall (by default) or not !

Super Bronze

Re: ip source route

The "ip source route" option is whether a router will honor explicit routing hops contained within an IP packet or not. This is different from source-route you're reading in references to Token Ring.

IP source routing can be used for some advanced network debugging; somewhat like "ping" is also used for network debugging. Deactivation of this capability normally doesn't impact routine traffic, although it disables some IP debugging capability.

New Member

Re: ip source route

Hi Joseph,

do you have a document which explain how "IP source route" works exactly and what debugging capability use this fonctionnality exactly....

I see on other documentation this feature is used by some management tool, we are using CiscoWorks (LMS 3.0) and Network Node Manager and OVO 7.5 (and next years will migrate to version 8.0 for both product) both from HP. Do you know, if some of those product need "IP source route" ?

thanks a lot !

Super Bronze

Re: ip source route

Usage of IP source routing is described in RFC791. Cisco supports setting this header option in extended ping/traceroute, see http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080093f22.shtml#ext_troute. Neither of these documents might make it clear why you want to do this. Don't have a good suggestion for a document that explains "why".

"Do you know, if some of those product need "IP source route" ? "

Sorry, don't know.

2792
Views
4
Helpful
5
Replies
CreatePlease to create content