Re: Types of ICMP Used by DC?
- From: "Will" <westes-usc@xxxxxxxxxxxxxx>
- Date: Tue, 25 Sep 2007 22:16:32 -0700
"Ryan Hanisco" <RyanHanisco@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:67019A97-0A96-47BC-9996-35E4A211D225@xxxxxxxxxxxxxxxx
Will,
DCs use ICMP Ping for a number of things and will need the ICMP types that
ping requires. Of course, the most common will be echo and echo reply,
but
the others will be needed for failure or redirect status.
Other than that, you'll see no other "odd" ICMP traffic.
Usually DCs are connected on LAN, WAN, or VPN circuits that are considered
part of the Internal network so so filter very little. If you are
concerned
about blocking specific ICMP types, I would be afraid that you might have
a
bad design on your hands -- or at least an overly complicated one.
Since we are stuck with Windows Firewall, and Windows Firewall by default
does block most types of ICMP, I'm simply asking the question which types
should I unblock.
If your answer is "unblock them all because they all might be used," then
okay.
--
Will
.
- References:
- Types of ICMP Used by DC?
- From: Will
- Re: Types of ICMP Used by DC?
- From: Paul Bergson [MVP-DS]
- Re: Types of ICMP Used by DC?
- From: Will
- Types of ICMP Used by DC?
- Prev by Date: Site Policies and Domain Controllers
- Next by Date: Re: Site Policies and Domain Controllers
- Previous by thread: Re: Types of ICMP Used by DC?
- Next by thread: Re: Types of ICMP Used by DC?
- Index(es):
Relevant Pages
|
