From: kongck (kongck@xxxxxxxxxxxxxx)
Date: Fri Jun 16 2000 - 03:40:16 GMT-3
I think should use non_canonical format and the dmac-output-lists can
only filte output destination mac addresses,not the source.
----- Original Message -----
From: kody
To: ccielab@groupstudy.com
Sent: Friday, June 16, 2000 1:16 PM
Subject: dlsw mac filtering question
Hi?
I know that dlsw network uses non-canonical mac address format.
If we have an Ethernet to Ethernet dlsw network
and want to prevent packets generated by one specific ethernet mac
address
from being forwarded to remote dlsw peer router or ethernet.
I think 'dlsw remote-peer ... dmac-output-list' command is the
possible solution.
But, my question is that when we make MAC addr access-list, what
format should I use? canonical or non-canonical?
For example, the ethernet mac address that should be filtered is
'0101.0101.0101'(canonical format).
Then, Should I write down as
access-list 700 deny 0101.0101.0101 0000.0000.0000
access-list 700 permit 0000.0000.0000 ffff.ffff.ffff
or
access-list 700 deny 8080.8080.8080 8000.0000.0000 (non-canonical
foramt conversion)
access-list 700 permit 0000.0000.0000 ffff.ffff.ffff (Is it right?
permit all in non-canonical format)
Thank you!
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:23:42 GMT-3