Skip to main content
NetApp Response to Russia-Ukraine Cyber Threat
In response to the recent rise in cyber threat due to the Russian-Ukraine crisis, NetApp is actively monitoring the global security intelligence and updating our cybersecurity measures. We follow U.S. Federal Government guidance and remain on high alert. Customers are encouraged to monitor the Cybersecurity and Infrastructure Security (CISA) website for new information as it develops and remain on high alert.
NetApp Knowledge Base

What are the effects of options ip.ping_throttle.drop_level 0 on system environment?

Last Updated:

Applies to

  •  Data ONTAP 8 7-Mode    
  •  ONTAP 9 


What are the effects of options ip.ping_throttle.drop_level 0 on system environment?

The ping throttling mechanism was introduced to mitigate risks from denial of service attacks based on the ICMP protocol. The existing ping throttling mechanism uses the value stored in the option ip.ping_throttle.drop_level option to obtain a threshold of packets to accept before dropping packets, in a one second interval. NetApp does not currently have a recommended value to set ip.ping_throttle.drop_level. The default value is 150. The value can be increased to a higher value.

The option ip.ping_throttle.drop_level setting is not as per client; however, it is for all clients. The max limit is 4294967295.

The reason that NetApp does not recommend any value in environments with many CIFS clients because a threshold exceeds easily. As a result, CIFS clients experience temporary to persistent unavailability of the appliance. Set  ip.ping_throttle.drop_level option  between 50 to 150 and increase if issue arises.

To allow clients to send more than 16 packets per second, disable ping throttling. Run the following command to disable this option:
options ip.ping_throttle.drop_level 0

After ONTAP 9.3+, the node shell command was deprecated for this new clustersell option:
::> network tuning icmp

Additional Information

Related links:


Scan to view the article on your device