The icmp ttl-exceeded send command enables an interface to send ICMP Time Exceeded messages.
The undo icmp ttl-exceeded send command disables an interface from sending ICMP Time Exceeded messages.
By default, an interface is disabled to send ICMP Time Exceeded messages.
By default, an interface replies with an ICMP Time Exceeded message after it receives a message with TTL 1. The interface adds its IP address as the source IP address in the ICMP Time Exceeded message, exposing the interface itself to attackers. In addition, after being attacked, the interface replies with numerous ICMP Time Exceeded messages, consuming CPU resources and degrading system performance. To resolve these problems, run the undo icmp ttl-exceeded send command to disable the interface from replying with ICMP Time Exceeded messages.