From: Ahmed Mamoor Amimi (mamoor@xxxxxxxx)
Date: Fri Mar 22 2002 - 03:52:00 GMT-3
i also tried different combination but the simplest is :
0x4242 mask 0x0000
0x4E4E mask 0x0000
or there will be 3 or 4 permit and deny statements
-Mamoor
----- Original Message -----
From: Nicolai Gersbo Solling <nicolai@cisco.com>
To: CCIE <ccielab@groupstudy.com>
Sent: Thursday, March 21, 2002 4:27 PM
Subject: SAP Filtering
> Hi there hot shot SAP'ers
>
> I am sitting here going through the maths behind filtering saps, and that
> seems a bit (or should i say a hex) problematic!
> It is not that I don't understand it, some of what is happening is just a
> bit unclear to me!
>
> For instance can you make SAP filer, which permits or deny's more then sap
> at a time (I know that you can for SNA SAPS - that os 0x0000 0x0d0d) - But
> is this approach to filter as many saps at one time not sometimes a bit
> wrong...
>
> Let me axplain:
>
> For instance i wan't to filter these 2 saps:
> 42 IEEE 802.1 Bridge Spanning Tree Protocol
> 4E EIA RS-511 Manufacturing Message Service
>
> The filter in order to match those 2 saps would look like this
>
> 0x4242 mask 0x0C0C
>
> Or in binary:
>
> 0100 0010
> 0000 1100
>
> This would allow:
> 0100 0010 = 42
> 0100 0110 = 46
> 0100 1010 = 4A
> 0100 1110 = 4E
>
> So my point is: If I had made this sap filter more restrictive I would not
> have been able to match both sap 42 and 4E, but my mask allows also 46 and
> 4A - I know that on the Cisco SAP's page it does not say that these saps
are
> used for anything, but anyway...
>
> Would it not have been better to make a sap filter for these 2 saps like
> this?
> 0x4242 mask 0x0000
> 0x4E4E mask 0x0000
>
> Any thoughts - Is my understanding of saps totally wrong?
>
> Nic
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:57:17 GMT-3