From: Scott (scpage@cisco.com)
Date: Thu Dec 05 2002 - 00:28:57 GMT-3
hmm, I thought sna traffic saps would be 0x0000 0x0d0d and netbios would be
0xF0F0 0x0101
link...
http://www.cisco.com/warp/public/698/acl200.html
Am i missing something??
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Joe Chang
Sent: Wednesday, December 04, 2002 8:29 PM
To: ccielab@groupstudy.com
Subject: Re: about dlsw
> ccielab#,Dz:C#!
>
> problem following for please help
>
> 1) vlan 2 have host with mac address 1234.4356 on router RA, RF
don't
> send explore and other traffic will be not affected ?
Lets see if I can do this without looking at my notes =)
On RA:
dlsw remote-peer 0 tcp <RF> icanreach mac-address 1234.4356.0000
0000.0000.FFFF
Other traffic may be affected because "icanreach" implicitly denies all
other traffic to RA.
> 2) R2 ONLY device with mac address 1233.4444 can access whole
network
> ,can't use layer2 filter.
On all the peers of R2 configure this:
dlsw remote-peer 0 tcp <R2> dmac-output-list 700
access-list 700 permit 0x1234.4444.0000 0x0000.0000.FFFFF
There is no one-liner that can be configured on R2 to acheive the same thing
.
> 3) only sna packet permit
dlsw remote-peer 0 tcp <ip> lsap-output-list 200
access-list 200 permit 0x0D0D 0x0000
> 4) switch : mac 01-02-03-04-05-06 and ip 11.1.1.1 binding.
>
Don't know about this one.
Had to peek at my notes. I guess I'm not ready yet....
This archive was generated by hypermail 2.1.4 : Fri Jan 17 2003 - 17:21:39 GMT-3