RE: DLSw+ and SNA frame...?

From: Asbjorn Hojmark (Asbjorn@xxxxxxxxxxx)
Date: Sat Dec 01 2001 - 10:20:38 GMT-3

• Next message: Denis Popovski: "removing subinterface from IOS"
• Previous message: Harris, Joe F: "RE: OT: Disabling of Password Recovery Is Cracked, Without Loosin g Co nfig...."
• Next in thread: Chua, Parry: "RE: DLSw+ and SNA frame...?"
• Maybe reply: Chua, Parry: "RE: DLSw+ and SNA frame...?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
> I just want to transfer about SNA frame type 0x04, 0x08, 0x0c
> and their reply frame on the DLSw+ link ... However, I want to
> deny other...

4, 8 and C (hex) can be written as:
 00000100 (0x04)
 00001000 (0x08)
 00001100 (0x0c)

So your wildcard (dont't care) should be:
 00001100 (0x0c)

Since command/response is the last bit, replys would be:
 00000101 (0x05)
 00001001 (0x09)
 00001101 (0x0d)

And you'd have to change the mask to
 00001101 (0x0d)

So this boils down to:
 access-list 201 permit 0x0000 0x0d0d

But using 0x00 with mask 0x0d would also allow SAP 0x00/0x01, so
if you explicitly want to allow only the three SAPs mentioned,
then I guess you'll have to stick with three commands and not
summarize:

 access-list 201 permit 0x0404 0x0101
 access-list 201 permit 0x0808 0x0101
 access-list 201 permit 0x0c0c 0x0101

Comments anyone?

-A

--
Heroes: Vint Cerf & Bob Kahn, Leonard Kleinrock, Robert Metcalfe
Links : http://www.hojmark.org/networking/

• Next message: Denis Popovski: "removing subinterface from IOS"
• Previous message: Harris, Joe F: "RE: OT: Disabling of Password Recovery Is Cracked, Without Loosin g Co nfig...."
• Next in thread: Chua, Parry: "RE: DLSw+ and SNA frame...?"
• Maybe reply: Chua, Parry: "RE: DLSw+ and SNA frame...?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:32:35 GMT-3