On 05/12/2023 23:44, Gert Doering wrote:
D'Wayne Saunders already pointed at this most likely being fragments -
large packet reflections, and all non-initial fragments being reported by
IOS* as "port 0" (so you should see 1500 byte regular UDP as well, with
a non-0 port number)
IOS XR syntax for fragment blocking is
deny ipv4 any any fragments
gert
To both D'Wayne and Gert - thx!
Regards,
Hank
_______________________________________________
cisco-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
