From: Lachlan Kidd (lkidd@xxxxxxxxxxxxxxxxxxx)
Date: Sun Aug 05 2001 - 20:39:42 GMT-3
Hi Doug,
Yes the effect is the same but be carefull. When using any of the
icanreach/icannotreach commands, the information is communicated at peer
establishment time. The remote peers do not need to send explorers as they
already know how to find the resource in question, if you come from the land
of Microsoft it's a bit like putting static WINS entries into the lmhosts.
file. The machine then does not need to broadcast to find the resource it
simply consults the file.
An access expression is just a 'dumb' filter. Any packets that try to cross
the interface to which it is applied are permitted or denied based on the
list.
HTH,
Lachlan
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Douglas M. Boreham
Sent: Monday, 6 August 2001 4:21 AM
To: ccielab@groupstudy.com
Subject: DLSW icanreach exclusive VS. interface filter Question
DLSW icanreach exclusive VS. interface filter Question:
By using DLSW icanreach exclusive does this have the same net effect as a
local interface filter/access expression? If explorers are being suppressed
for a specific resource that are not listed under "icanreach exclusive" do
this not mean that that resource is not reachable?
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/ibm_r
/brprt2/brdlsw.htm#xtocid2671112
dlsw icanreach
Use the dlsw icanreach global configuration command to configure a resource
that is locally reachable by this router. Use the no form of this command to
remove the resource.
dlsw icanreach {mac-exclusive | netbios-exclusive [remote] | mac-address
mac-addr [mask mask] | netbios-name name | saps}
no dlsw icanreach {mac-exclusive | netbios-exclusive [remote] | mac-address
mac-add [mask mask] | netbios-name name | saps}
Usage Guidelines
This command can be entered at any time. It causes a capabilities exchange
to relay the information to all active peers. By specifying resource names
or MAC addresses in this command, you can avoid broadcasts from remote peers
that are looking for this resource. By specifying "exclusive" you can avoid
broadcasts to this router or any resources. For example, you could configure
the front-end processor (FEP) MAC address or corporate site LAN servers in
central site routers to avoid any broadcasts over the WAN for these
resources.
Configuring the remote keword allows roving workstations to access remote
servers. With the remote keyword specified, all local NetBIOS stations will
be able to make outgoing connections regardless of whether their own NetBIOS
name is configured in the icanreach netbios-name list. Incoming connections
will be limited to those with a destination name that is specified in the
list.
In the default case (where the remote keyword is not specified), a local
Netbios station that is not configured in the icanreach netbios-name list
will not be able to make a connection in this router over DLSw+, whether
incoming or outgoing.
Regards,
-Doug
**Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:31:45 GMT-3