From: Fred Ingham (fningham@xxxxxxxxxxxxxxxx)
Date: Sun Apr 08 2001 - 14:09:37 GMT-3
Andres: If you are running DLSW+ between r1 and r2 and want to filter
an Ethernet address of a host on r2, you would convert the Ethernet
address to non-canonical when applying the filter. For Example, you
have an Ethernet host on r2 with the MAC address 0040.0515.c1ec running
NetBIOS. You want to filter it from connections originating on r1 hosts
but not from other possible peers. The configurations are:
r1:
dlsw local-peer peer-id 172.16.10.1
dlsw remote-peer 0 tcp 172.16.10.2 dmac-output-list 700
dlsw bridge-group 1
!
int s 0
ip address 172.16.10.1 255.255.255.0
!
int e 0
bridge-group 1
!
bridge 1 protocol ieee
!
access-list 700 deny 0002.a0a8.8337 0000.0000.0000
access-list 700 permit 0000.0000.0000 ffff.ffff.ffff
r2:
dlsw local-peer peer-id 172.16.10.2
dlsw remote-peer 0 tcp 172.16.10.1
dlsw bridge-group 2
!
int s 0
ip address 172.16.10.2 255.255.255.0
!
int e 0
description host has MAC of 0040.0515.c1ec
bridge-group 2
!
bridge 2 protocol ieee
HTH, Fred.
Andres Zeller wrote:
>
> Convert host ethernet addresses when?
>
> Fred Ingham wrote:
>
> > David: MAC filters in DLSW always use the non-canonical form. This is
> > the address you would see in the reachability cache. Convert host
> > ethernat addresses, don't convert host token-ring addresses.
> >
> > Cheers, Fred
> >
> > David Anderson wrote:
> > >
> > > I have my lab in a couple of weeks and just wanted to make sure I am clea
r
> > > on something...
> > > I understand how to convert canonical to noncanonical and vice versa. I
> > > just want to make sure that the time to use this is when DLSW automatical
ly
> > > converts mac addresses to noncanonical form. You want to make sure you a
re
> > > filtering for the actual mac address vs. the DLSW converted mac address,
or
> > > the other way around ....well you know what I mean.....am I right??
> > > Thanks,
> > > David
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:29:42 GMT-3