What is Dec MOP and how to disable it?

  • Performing a packet capture I keep seeing strange "DEC MOP Remote Console" frames:

    No.     Time        Source                Destination           Protocol Info
        141 83.557841   Cisco_57:62:a0        DEC-MOP-Remote-Console 0x6002   DEC DNA Remote Console
    
    Ethernet II, Src: Cisco_57:62:a0 (00:0d:bc:57:62:a0), Dst: DEC-MOP-Remote-Console (ab:00:00:02:00:00)
        Destination: DEC-MOP-Remote-Console (ab:00:00:02:00:00)
            Address: DEC-MOP-Remote-Console (ab:00:00:02:00:00)
            .... ...1 .... .... .... .... = IG bit: Group address (multicast/broadcast)
            .... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
        Source: Cisco_57:62:a0 (00:0d:bc:57:62:a0)
            Address: Cisco_57:62:a0 (00:0d:bc:57:62:a0)
            .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
            .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        Type: DEC DNA Remote Console (0x6002)
    

    The source mac address is one from a Cisco router. However Decnet is disabled on the router and transport input set to telnet:

    router# show decnet 
    % DECnet is not enabled
    
    router# show run | begin line vty
    line vty 0 4
       transport input telnet
    

    How can I prevent this router to send these remote console frames?

    Just a quick FYI - the autosecure command disables MOP on all interfaces, amongst a lot of other things.

    Did any answer help you? if so, you should accept the answer so that the question doesn't keep popping up forever, looking for an answer. Alternatively, you could provide and accept your own answer.

    Did any answer help you? If so, you should accept the answer so that the question doesn't keep popping up forever, looking for an answer. Alternatively, you can post and accept your own answer.

  • Decnet Maintenance Operation Protocol (MOP) is an ancient protocol that was used to administrate remote systems, and provided tools such as remote console or network bootstrap.

    However, as of now this is still enabled by default on all Cisco IOS Releases from 9.0 to recent 15.x.

    To disable MOP on the router it has to be done on a per-interface basis:

    router# conf t
    router(configure)# interface fastethernet0/0
    router(configure-if)# no mop enabled
    
    router# sh run int f0/0 | include mop
     no mop enabled
    

    MOP will be disabled even though the router still shows MOP as protocol on the interface:

    router# show int f0/0 count prot status 
    Protocols allocated:
     FastEthernet0/0: Other, IP, DEC MOP, ARP, CDP, IPv6
    
  • DECnet MOP for some reason is still enabled in Enterprise trains. I've seen it get silently enabled after an IOS upgrade because it included a switch from advipservices. Unfortunately it is hard to get Cisco to change a default, no ip directed-broadcast has basically been the operator community's only success story (highest on my list to go is proxy arp).

License under CC-BY-SA with attribution


Content dated before 7/24/2021 11:53 AM

Tags used