What two ICMP types should never be blocked?

What two ICMP types should never be blocked?

# Q: What two ICMP types should never be blocked?


# A: ICMP type 3, Destination Unreachable, especially code 4,
"fragmentation needed but don't fragment bit set" (necessary for path MTU
discovery) and ICMP type 11, time exceeded (so you can use traceroute from
inside the network and get replies).

powered by performancing firefox