Re: DLSw SNA filters

From: Nick Shah (nshah@connect.com.au)
Date: Sun Oct 13 2002 - 02:04:05 GMT-3

• Next message: Chris Hugo: "Re: NLSP/IPXWAN and IP---Big time issue for Pre-November folks"
• Previous message: Tim Ross: "ISDN Dialer Profile problem"
• Maybe in reply to: Umair Hoodbhoy: "DLSw SNA filters"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Umair,

If you see most common SNA saps are in multiples of 4, so its 0x04, 0x08,
0x0C
while the responses are 0x05, 0x09, 0x0D etc.
My idea is that if you advertise that you advertise that you cannot reach
SNA path control than you are effectively blocking SNA traffic.

Once again, I am no expert in SNA, but this was my understanding. I have
also read about this elsewhere( prolly in DLSW design guide on CCO), so I
assume that the info is correct.

rgds
Nick
----- Original Message -----
From: Umair Hoodbhoy <umair@cisco.com>
To: <ccielab@groupstudy.com>
Sent: Sunday, October 13, 2002 2:27 PM
Subject: RE: DLSw SNA filters

> Thanks Nick but I still don't quite follow this. At
http://www.cisco.com/warp/public/473/111_12.html, several SNA SAPs are
listed. 04 is assigned to IBM SNA Path Control (Individual). But there are
other SNA SAPs in that list. And they don't seem to be multiples of 0x04.
>
> -- Umair
>
>
>
> -----Original Message-----
> From: Nick Shah [mailto:nshah@connect.com.au]
> Sent: Saturday, October 12, 2002 20:13
> To: Umair Hoodbhoy; ccielab@groupstudy.com
> Subject: Re: DLSw SNA filters
>
>
> Umair
>
> The remote router can also advertise unreachability of SAPS, this way the
> local router will not send any explorers for those SAPS.
>
> Like RTA advertises dlsw icannotreach saps f0, to RTB, advertising that it
> doesnt want netbios traffic. Similarly for SNA the saps would be 04
>
> rgds
> Nick
> ----- Original Message -----
> From: Umair Hoodbhoy <umair@cisco.com>
> To: <ccielab@groupstudy.com>
> Sent: Sunday, October 13, 2002 12:45 PM
> Subject: DLSw SNA filters
>
>
> > The lab I'm doing says there are 2 ways to filter SNA traffic through
> DLSw. One way I know is through lsap-output-list. Like:
> >
> > !
> > dlsw remote-peer 0 tcp <IP> lsap-output-list 200
> > !
> > access-list 200 permit 0x0000 0x0D0D
> > access-list 200 deny 0x0000 0xFFFF
> > !
> >
> > What's another way? As I understand it, SNA SAPs range from 0x00 to 0xFF
> in multiples of 0x04. If I'm correct and that's the case, then there would
> be too many 'dlsw icanreachsaps' statements. There must be an easier way.
> >
> > -- Umair

• Next message: Chris Hugo: "Re: NLSP/IPXWAN and IP---Big time issue for Pre-November folks"
• Previous message: Tim Ross: "ISDN Dialer Profile problem"
• Maybe in reply to: Umair Hoodbhoy: "DLSw SNA filters"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Nov 05 2002 - 08:35:45 GMT-3