A TCP segment consists of a segment header and a data section. The TCP header contains 10 mandatory fields, and an optional extension field.

Options have up to three fields:

1. Option-Kind (1 byte)

2. Option-Length (1 byte)

3. Option-Data (variable)

The ACL IP Options Selective Drop feature allows a router to filter IP options packets, thereby mitigating the effects of these packets on a router and downstream routers, and perform the following actions:

● Drop all IP options packets that it receives and prevent options from going deeper into the network. ● Ignore IP options packets destined for the router and treat them as if they had no IP options. The following example shows how to configure the router (and downstream routers) to drop all options packets that enter the network:

Router( config)# ip options drop

show ip traffic command can be used to verify the actual IP options drop statistics.

