From: Jeff K. (jeffbk@xxxxxxxxxxxxx)
Date: Mon Apr 30 2001 - 15:30:52 GMT-3
Yes, that will do it, but remember that bootp will not be forwarded unless
you have an ip helper-address configured on the interface. If you have the
helper address, then you probably want to have it forwarded. If you don't,
but you need the helper-address for other ports, use the 'no ip
forward-protocol bootp' to remove it from the list of protocols that the
helper-address forwards and it won't be an issue. I guess it's just
different ways to reach the same goal. Seems like it would be less on the
router to just not forward it at all.
-Jeff
----- Original Message -----
From: "DuBell, Robert ITC J633CT1" <dubell@jfcom.mil>
To: "'Tarun Pahuja'" <tpahuja@hotmail.com>; <ccielab@groupstudy.com>
Sent: Monday, April 30, 2001 1:15 PM
Subject: BLOCKING BOOTP ON AN INDIVIDUAL INTERFACE
> Real life situation here. If I apply the following access list on a
> interface, will it block bootp from being distrubuted throughout the
> network. Or is there a better way to block bootp from specific interfaces
> ??/...Thanks
>
> access-list 101 deny udp any any eq 67
> access-list 101 deny udp any any eq 68
> access-list 101 permit any
>
>
>
> ITC(SW) Robert L. DuBEll
> Chief Network Engineer
> dubell@jfcom.mil
> commercial 757-836-6129
> DSN - 836-6129
>
> -
> **Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:30:02 GMT-3