What are the effects of options ip.ping_throttle.drop_level 0 on system environment?
Applies to
- Data ONTAP 8 7-Mode
- ONTAP 9
Answer
What are the effects of options ip.ping_throttle.drop_level 0
on the system environment?
- The ping throttling mechanism was introduced to mitigate risks from denial of service attacks based on the ICMP protocol.
- The existing ping throttling mechanism uses the value stored in the
option ip.ping_throttle.drop_level
option to obtain a threshold of packets to accept before dropping packets, in a one-second interval. - NetApp does not currently have a recommended value to set
ip.ping_throttle.drop_level
. - The default value is 150. The value can be increased to a higher value.
- The
option ip.ping_throttle.drop_level
setting is not as per client; however, it is for all clients. The max limit is 4294967295. - The reason that NetApp does not recommend any value in environments with many CIFS clients is that a threshold exceeds easily.
- As a result, CIFS clients experience temporary to persistent unavailability of the appliance.
- Set
ip.ping_throttle.drop_level
option between 50 to 150 and increase if an issue arises. - To allow clients to send more than 16 packets per second, disable ping throttling. Run the following command to disable this option:
options ip.ping_throttle.drop_level 0
- After ONTAP 9.3+, the node shell command was deprecated for this new cluster-sell option:
::> network tuning icmp
Additional Information
Related links:
- For more information about ping throttling, see page 148 of Data ONTAP 8.2 Network Management Guide.
- For more information about this feature go to MAN PAGE: network tuning icmp modify.