Re: tcp ports for dlsw+ traffic

From: David FAHED (dfahed@xxxxxxxxxxxx)
Date: Sun Feb 25 2001 - 23:30:49 GMT-3

• Next message: Feliz, Edgar (CRTRES-NY): "RE: Call foir Help !! Crunch Time for March 7-8 Lab ..."
• Previous message: Devender Singh: "WHAT do we in LAB - eigrp and split- horizon"
• Maybe in reply to: Ron: "tcp ports for dlsw+ traffic"
• Next in thread: Ron: "Re: tcp ports for dlsw+ traffic"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
My english is not perfect but I will try to explain you.
Router 3 have a bigger ip address than router r1. So when R1 try to make a
connection to R3 (it's ok for your access-list), but R3 tear down the tcp
connection on its local port 2065. Then R3 try to make the connection (no
problem with your accesss-list for R3->R1 eth0 in ) but when the packet come
back R1 to R3 the packet has a tcp source of 2065 and a tcp dest >1023 (you
have a problem with your access-list).
Try this I can't test it now but I think it will work :
interface e0
ip access-group 120 in
access-list 120 permit tcp any eq 2065 any
access-list 120 permit tcp any eq 2067 any <- I don't think you need this.
Don't forget to add port 1981 1982 1983 you use priority with DLSW.
Try this link to know the port DLSW use...
http://127.0.0.1:8080/cc/td/doc/product/software/ios120/12cgcr/ibm_c/bcprt2/bcd
lsw.htm#15211

Ron wrote:

> Hi, all,
>
> Besides tcp 2065 and tcp 2067, Is there any more ports for dlsw+ =
> traffic? I checked Cisco CD and got no answer. Before I put the =
> access-list 120 in the R2. The dlsw+ is working. If I put the =
> access-list, the dlsw+ peers are lost.
>
> Here is a scenario: R1 (fa0/0) .........(e0, access-list 120 in ) R2 =
> (s1)...........(s1)R3
> Required: only permit dlsw+ traffic pass through R2
> My configs:
> *************
> R1:
> dlsw local-peer peer-id 138.10.4.1
> dlsw remote-peer 0 fst 138.10.25.3=20
> dlsw bridge-group 1
>
> R2:
> interface e0
> ip access-group 120 in
> access-list 120 permit tcp any any eq 2065
> access-list 120 permit tcp any any eq 2067
>
> R3:
> dlsw local-peer peer-id 138.10.25.3
> dlsw remote-peer 0 fst 138.10.4.1
> dlsw bridge-group 1
>
> r1#sh dlsw peers
>
> Peers: state pkts_rx pkts_tx type drops ckts TCP =
> uptime
>
> FST 138.10.25.3 DISCONN 0 0 conf 0 - - =
> -
>
> Expected: 0 Next Send: 0 Seq errors: 0
> Total number of connected peers: 0
> Total number of connections: 0
>
> ********************
>
> Thanks for any help,
>
> Ron
>

• Next message: Feliz, Edgar (CRTRES-NY): "RE: Call foir Help !! Crunch Time for March 7-8 Lab ..."
• Previous message: Devender Singh: "WHAT do we in LAB - eigrp and split- horizon"
• Maybe in reply to: Ron: "tcp ports for dlsw+ traffic"
• Next in thread: Ron: "Re: tcp ports for dlsw+ traffic"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:29:01 GMT-3