From: Jon B (cciestudy@xxxxxxxxxxxxxxx)
Date: Mon Dec 03 2001 - 19:20:32 GMT-3
Hi
If the 'priority' keyword is used, take care of the other ports as well:
Valid TCP port numbers are the following:
High-2065
Medium-1981
Normal-1982
Low-1983
More information in the command lookup for 'dlsw remote-peer tcp'
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ibm_
r/brprt2/br1ddlsw.htm#1018855
About 2067: Never seen it used or mentioned in any docs, and I don't have
any "real world" experience, so I don't know. The 1981-3 ports are assigned
to other protocols than DLSW, according to IANA.
IANA:
http://www.iana.org/assignments/port-numbers
dlsrpn 2065/tcp Data Link Switch Read Port Number
dlsrpn 2065/udp Data Link Switch Read Port Number
dlswpn 2067/tcp Data Link Switch Write Port Number
dlswpn 2067/udp Data Link Switch Write Port Number
Best regard,
Jon
----- Original Message -----
From: "Waters, Kivas (UK72)" <Kivas.Waters@Honeywell.com>
To: "fwells12" <fwells12@hotmail.com>; "Hotmail" <jthao1@hotmail.com>;
<ccielab@groupstudy.com>
Sent: Monday, December 03, 2001 9:06 PM
Subject: RE: Blocking DLSW with IP Extended Access-list
> I agree, blocking TCP port 2065 is a good answer and I think will be
> adequate. While we're on the subject, what about blocking TCP port 2067
as
> well. Most documentation I've read seems to concentrate on explaining the
> operation of the DLSw TCP port 2065, but I have read that TCP port 2067 is
> also used, was it for DLSw data transfer? An access list between a DLSw
> peering I think should permit TCP port 2065 and 2067 (assuming the DLSw
SAP
> priority feature is not used) to allow DLSw to function properly.
>
> Does anyone confirm or disagree with this?
>
> regards
>
> Ki
>
>
>
>
> -----Original Message-----
> From: fwells12 [mailto:fwells12@hotmail.com]
> Sent: 03 December 2001 05:52
> To: Hotmail; ccielab@groupstudy.com
> Subject: Re: Blocking DLSW with IP Extended Access-list
>
>
> Block port 2065. That ought to take care of it.
>
> ----- Original Message -----
> From: "Hotmail" <jthao1@hotmail.com>
> To: <ccielab@groupstudy.com>
> Sent: Sunday, December 02, 2001 9:25 PM
> Subject: Blocking DLSW with IP Extended Access-list
>
>
> > Hello Group,
> >
> > How do you block(or permit) DLSW from entering an interface using an
> > Extended IP Access list and the 'IP Access-group in' command on the
> > interface? The idea is to block DLSW while permitting other TCP traffic
> in.
> > I know DLSW uses a TCP connection buy I don't know what the protocol
> number
> > is.
> >
> > I've tried to research this buy I couldn't find the answer. Any help or
> > insight would be appreciated.
> >
> > Joseph
> >
> >
> > ----- Original Message -----
> > From: "Sukhdev" <sukhdev@first-engr.com.sg>
> > To: < >
> > Sent: Sunday, December 02, 2001 10:58 PM
> > Subject: Blocking egress numbers on AS5300 (OT)
> >
> >
> > > Hi Guys,
> > >
> > > Apologies as this question is a little OT. I have an AS5300 that is
only
> > > terminating traffic into a particular city. The machine is not
connected
> > to a
> > > billing sytem, Gatekeeper or authentication server. In other word, its
> > just
> > > connected raw to the Internet. A remote softswitch from US directs
calls
> > to
> > > this gateway. The question I have is how can I block a telephone
number
> > from
> > > being called (citywide) from the gateway, if I dont have access to the
> > remote
> > > softswitch nor the remote billing system. Is there an access list or
> > something
> > > equivalent that can be used for blocking telephone numbers on the
> AS5300.
> > >
> > > Appreciate your responses.
> > >
> > >
> > > Regards,
> > >
> > > S Dave
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:32:36 GMT-3