From: Lupi, Guy (Guy.Lupi@xxxxxxxxxxxxx)
Date: Thu Apr 18 2002 - 11:07:31 GMT-3
That is an interesting statement, but I believe that any dlsw
filtering/dynamic peering that is mac based should be in non canonical
format. The dlsw router will convert the mac back to canonical for
transmission to the endstation (I believe it has to), but filtering or
dynamic peering is done on the non-canonical address. I have tested this
with dynamic peers and Mamoor's dspu setup, when specifying the canonical
mac address as the dest-mac for the peer, it never comes up. As soon as you
change it to non-canonical, it works, I tested it between 2 ethernet peers.
Now, I am no dlsw guru, so I could be wrong here, but from all the testing I
have done this is what I have found. In the event that you are filtering on
the interface for the bridge group, I believe the filter would use the
canonical address. I will test it later and let you know.
~-----Original Message-----
~From: Frank B [mailto:frank@buff-net.com]
~Sent: Wednesday, April 17, 2002 7:29 PM
~To: Lupi, Guy; 'CCIE Groupstudy'
~Subject: RE: bitflipping in dlsw - when?
~
~
~If you filter this mac address somehwere in the path between the two
~Ethernet segments (after it's picked up by DLSW) you're correct.
~
~But DLSW coverts the mac back to canonical if the destination is an
~Ethernet segment. So, "what if" you were filtering traffic inbound to
~the destination segment from a DLSW peer connection across a WAN such
~as:
~
~router(config-if)#bridge-group 2 input-address-list 700
~
~Is the conversion back to canonical made at point this already? What
~would be the proper address format for access-list 700? Does anyone
~know? Please copy me on the reply if you do.
~
~Frank
~
~-----Original Message-----
~From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
~Lupi, Guy
~Sent: Wednesday, April 17, 2002 11:07 AM
~To: 'Adam Atkinson'; CCIE Groupstudy
~Subject: RE: bitflipping in dlsw - when?
~
~Someone will correct me if I am wrong I am sure, but I believe
~that even
~if
~the filtering is ethernet to ethernet the mac address must be swapped.
~When
~looking at an ethernet router that has dlsw configured, even the local
~mac
~addresses that it picks up will be shown in non-canonical
~format. So if
~your workstation has mac address 1111.1111.1111, it will appear on the
~local
~dlsw router as 8888.8888.8888. So if filtering for a mac address that
~is on
~an Ethernet segment, you always bitswap it when you put it in the
~filter.
~Below is an example of what I am talking about, r2 is a dlsw router and
~r8
~is on the Ethernet segment. R8's show interface is below, notice the
~mac
~address, and then look at the dlsw reach information on r2.
~R2 has that
~mac
~address in non canonical format.
~
~r8#sh int e0/0
~Ethernet0/0 is up, line protocol is up
~ Hardware is AmdP2, address is 0002.16d9.c460 (bia 0002.16d9.c460)
~
~r2----E0----r8
~
~r2#sh dlsw reach
~DLSw Local MAC address reachability cache list
~Mac Addr status Loc. port rif
~0040.689b.2306 FOUND LOCAL TBridge-001 --no rif--
~
~DLSw Remote MAC address reachability cache list
~Mac Addr status Loc. peer
~
~DLSw Local NetBIOS Name reachability cache list
~NetBIOS Name status Loc. port rif
~
~DLSw Remote NetBIOS Name reachability cache list
~NetBIOS Name status Loc. peer
~
~r2#
~
~
~
~-----Original Message-----
~From: Adam Atkinson [mailto:ghira@mistral.co.uk]
~Sent: Wednesday, April 17, 2002 2:55 PM
~To: CCIE Groupstudy
~Subject: bitflipping in dlsw - when?
~
~
~I'm feeling less than clear on _when_ I need to to bitflip the MAC
~address I'm given in a dlsw-related assignment.
~
~If the mac address is from an ethernet segment, and I'm
~filteing on a TR
~segment, I bitflip.
~
~Are there other situations where I'd need to do this?
~
~--
~Adam Atkinson (ghira@mistral.co.uk)
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:58:12 GMT-3