From: Dave McFetridge (dmcfetridge@xxxxxxxxxx)
Date: Fri Sep 22 2000 - 21:21:40 GMT-3
access-list 201 permit 0x0000 0x0d0d - SNA Only
access-list 202 permit 0xf0f0 0x0101 - NetBios Only
dlsw remote-peer 0 tcp 137.12.32.2 lsap-output-list 201
You should understand how the mask works as well as that can be just as
important as the SAP values. The above SNA statement can be broken down like
this...
mask and SAPs in binary
D - 1101
4 - 0100
8 - 1000
9 - 1001
c - 1100
0's must match, 1's don't care
Also remember if you need to filter to a specific traffic type not a mac
address, you need to apply this filter in both directions. If DLSW is new to
you, You need to spend some quality time reading the config guide for DLSW.
This should be given the same amount of attention as BGP
http://127.0.0.1:8080/cc/td/doc/product/software/ios112/112cg_cr/8cbook/8cdl
sw.htm
Good luck
Dave
-----Original Message-----
From: Eddie Parra [mailto:eparra@telocity.com]
Sent: Thursday, September 21, 2000 11:17 AM
To: CCIE Group Study
Subject: SNA Filtering Question...
I have a SNA question that I don't know enough about the technology to
answer. I have a practice lab that asks to only allow in certain SNA SAP's
and all "return packets"? Could anyone please clarify this?
Less than 48 hours till my CCIE lab in RTP!
-Eddie
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:25:00 GMT-3