From: Brian S turner (brian@xxxxxxxxxxxxxxxxx)
Date: Tue Aug 15 2000 - 11:23:26 GMT-3
This is what I like about this group all Information posted incorrectly
usually gets beaten to death by the correctness patrol... I was in error on
my posting the real deal is the following (once I consulted my actuall notes
and not simply my memory of them)
access-list 200 permit 0x0000 0x0D0D permits only SNA
access-list 200 permit 0xF0F0 0x0101 permits Netbios, because netbios uses
F0 as its SSAP and DSAP, and as we all know you
could have a 1 added
to your ssap or dsap to denote a response.(I think.. here comes
the
correctness patrol!!)
Here is a link to clerify the 0D0D thing for anyone who is still in doubt.
http://www.cisco.com/cgi-bin/Support/OpenForum/dispnewqa.pl/5881
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Kevin Baumgartner
Sent: Monday, August 14, 2000 4:32 PM
To: Dayong Gan
Cc: ccielab@groupstudy.com
Subject: RE: How to find the Type-Code in Cisco CD?
No should be "access-list 200 permit 0x0000 0x0d0d"
This will permit SNA traffic SAPS of 04,05,08,09,0C and Od.
If you work through the mask it makes sense.
Remember that the mask works the same as IP access-list.
A 0 bit is a direct match, a 1 is don't care.
So with a mask of 0d0d
it will match 0404, 0505, 0808,0909,0c0c and 0d0d which are
the one that you want to match on to deny all the commonly used
SNA SAPs. And for example will not match on 0202, or 0606.
Your example of "access-list 200 permit 0x0d0d 0x0000" will
only permit a SAP of 0d0d and nothing else. (remember 0 in mask
has is a direct match).
Kevin
At 03:15 PM 8/14/00 -0400, you wrote:
>hi, Jamie.
>
>access-list 200 permit 0x0000 0x0D0D
>
>This command does not make sense. 0x0000 is the type code? 0x0D0D is the
mask?
>
>It should be "access-list 200 permit 0x0D0D 0x0000" ?
>
>
>Dayong
>
> -----Original Message-----
>From: James Brogdon, Jr. [mailto:jbrogdon@mentortech.com]
>Sent: Saturday, August 12, 2000 12:52 AM
>To: 'Dayong Gan'
>Subject: RE: How to find the Type-Code in Cisco CD?
>Dayong,
>
>The NetBIOS LSAPs are:
>F0
>F1
>
>The SNA LSAPs are:
>04
>05
>08
>09
>0C
>0D
>
>To permit all NetBIOS Traffic use:
>
>access-list 200 permit 0xF0F0 0x0101
>
>To permit all SNA Traffic:
>
>access-list 200 permit 0x0000 0x0D0D
>
>
>Let me know if this helps.
>
>Thanks,
>Jamie Brogdon
>Consultant
>Mentor Technologies
>(443) 621-6734 (cell)
>jbrogdon@mentortech.com
>
>-----Original Message-----
>From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Dayong Gan
>Sent: Friday, August 11, 2000 2:38 PM
>To: Ccielab (E-mail)
>Subject: How to find the Type-Code in Cisco CD?
>
>Hi, everybody.
>
>How can I find out the type codes when config access-list 200-299?
>
>DLSW Design Guide (cisco) says
>to permit NetBIOS not SNA
>access-list 200 permit 0x0F0F 0x0101
>
>FatKid ---411 advanced dlsw+ Hint 11---says
>SNA (0x0F0F)
>Netbios (0x0D0D)
>
>
>Which one is corect? I can not find a full list of type-code on cisco cd.
Who can help me?
>
>Best regards,
>Dayong Gan
>Network Engineer
>Nuvo Network Management Inc.
>260-2650 Queensview Drive, Ottawa. Canada K2B 8H6
>Tel:(613)721-6886 ext. 149
>Fax:(613)721-1399
>Email: dgan@nuvo.com
><http://www.nuvo.com/>http://www.nuvo.com
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:24:26 GMT-3