From: Niall El-Assaad (nelassaa@xxxxxxxxx)
Date: Mon Apr 30 2001 - 17:01:32 GMT-3
By enabling udp forwarding you automatically enable it for a number of
services.
What you need to do is turn the other ones off with no ip forward-protocol
udp.
A list of the defaults are here:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/np1_r
/1rprt2/1ripadr.htm#xtocid1229218
=======================================================
Niall El-Assaad, Systems Engineer
EMEA-UK Retail Finance North
C i s c o S y s t e m s Mobile: +44 (0)772 088 4650
VMail: +44 (0)208 734 4206
| | Fax: +44 (0)161 864 4508
| |
||| |||
.:|||||:..:|||||:. E-mail: nelassaa@cisco.com
------------------ Web : http://www.cisco.com
Crescent House, Towers Business Park, Wilmslow Road,
Didsbury, Manchester M20 2JE, United Kingdom
========================================================
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
David Siwula
Sent: 30 April 2001 20:42
To: DuBell, Robert ITC J633CT1; ccielab@groupstudy.com
Subject: RE: BLOCKING BOOTP ON AN INDIVIDUAL INTERFACE
If I have ip helper-address configured on an interface, what kind
unnecessary traffic will be forwarded? I was told that since I have
this enabled I am overloading the network with a lot of uneccessary
netbios/udp traffic.
Thanks, Dave
-----Original Message-----
From: DuBell, Robert ITC J633CT1 [mailto:dubell@jfcom.mil]
Sent: Monday, April 30, 2001 12:02 PM
To: ccielab@groupstudy.com
Subject: RE: BLOCKING BOOTP ON AN INDIVIDUAL INTERFACE
Got it ...thanks......Bob
-----Original Message-----
From: Jeff K. [mailto:jeffbk@austin.rr.com]
Sent: Monday, April 30, 2001 2:31 PM
To: DuBell, Robert ITC J633CT1; 'Tarun Pahuja'; ccielab@groupstudy.com
Subject: Re: BLOCKING BOOTP ON AN INDIVIDUAL INTERFACE
Yes, that will do it, but remember that bootp will not be forwarded
unless
you have an ip helper-address configured on the interface. If you have
the
helper address, then you probably want to have it forwarded. If you
don't,
but you need the helper-address for other ports, use the 'no ip
forward-protocol bootp' to remove it from the list of protocols that the
helper-address forwards and it won't be an issue. I guess it's just
different ways to reach the same goal. Seems like it would be less on
the
router to just not forward it at all.
-Jeff
----- Original Message -----
From: "DuBell, Robert ITC J633CT1" <dubell@jfcom.mil>
To: "'Tarun Pahuja'" <tpahuja@hotmail.com>; <ccielab@groupstudy.com>
Sent: Monday, April 30, 2001 1:15 PM
Subject: BLOCKING BOOTP ON AN INDIVIDUAL INTERFACE
> Real life situation here. If I apply the following access list on a
> interface, will it block bootp from being distrubuted throughout the
> network. Or is there a better way to block bootp from specific
interfaces
> ??/...Thanks
>
> access-list 101 deny udp any any eq 67
> access-list 101 deny udp any any eq 68
> access-list 101 permit any
>
>
>
> ITC(SW) Robert L. DuBEll
> Chief Network Engineer
> dubell@jfcom.mil
> commercial 757-836-6129
> DSN - 836-6129
>
> -
> **Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:30:02 GMT-3