Re: DLSW

From: Earl Aboytes (earl@xxxxxxxxxxxx)
Date: Sun Jan 30 2000 - 03:37:07 GMT-3

• Next message: Dave Gahm: "ANEW2"
• Previous message: zhencai: "RE: redistribution help"
• Maybe in reply to: Ben Rife: "DLSW"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
   I found this on Cisco's open Q & A
   Question: Data-link switching (DLSw) permit only Systems Network
   Architecture (SNA) traffic through and deny NetBios.
   I wanted to double-check the configuration for permitting only SNA
   traffic in
   the DLSw.
        access-list 202 permit 0x0404 0x0001
        access-list 202 permit 0x0004 0x0001
        dlsw remote-peer 0 tcp 1.1.1.1 lsap-output-list 202
        int tok 0
        source-bridge spanning
        source-bridge input-lsap-list 202
   Answer:
   Permit SNA Traffic
   First we assume all SNA traffic uses service access point (SAP) 4, 8
   or C.
        binary Hex
        0000 0100 04
        0000 1000 08
        0000 1100 0c
   Low order bit of destination service access point (DSAP) (first bit on
   wire when transmitted) may be used to indicate an individual/group
   address.
   Low order bit of source service access point (SSAP) (first bit on wire
   when
   transmitted) may be used to indicate command/response.
   If we define a mask that also allows these bits to be set, it
   will look like the following:
        Binary Hex
        0000 0101 05
        0000 1001 09
        0000 1101 0D
   All of these bit values use a subset of the bits set for the hex
   value 0D, so we can define an access list that says the following:
        access-list 202 permit 0x0000 0x0d0d
        dlsw remote-peer 0 tcp 1.1.1.1 lsap-output-list 202
   The access-list uses an 0x0d0d mask to set don't care bits for all the
   bits that could be set when representing the SNA SAPs of 04/05,
   08/09, and 0C/0D. All other bits must be set to 0 or this filter will
   not be matched.
   It is not necessary to apply this to both the Token Ring and the peer.
   At 11:26 PM 1/29/00 -0500, Ben Rife wrote:
   
     Question:
     
     R1-----R2-----R3
     
     I want to configure dlsw such that Netbios only is allowed between
     R1 and R2 and SNA only between R2 and R3.
     
     R2 is a border for the group R1 connects to R2 and R3 connects to
     R2.
     
     I know that I need an lsap-output-list (access-list 200) to specify
     the protocol type-code right?
     
     Where do you find the sytax for this command/function? Am I on the
     right track? Can someone help me?
     
     Thanks, Ben
     

• Next message: Dave Gahm: "ANEW2"
• Previous message: zhencai: "RE: redistribution help"
• Maybe in reply to: Ben Rife: "DLSW"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:22:46 GMT-3