From: Teisberg, Evan (eteisbe@qwest.com)
Date: Thu Dec 05 2002 - 11:25:29 GMT-3
The command on RA should be :
dlsw icanreach mac-address 1234.4356.0000
This will will be sent to RF during the capabillities exchange and will
prevent explorers from RF for that mac-address (1234.4356.0000) ONLY.
To prevent all other explorers,
On RA:
dlsw icanreach mac-exclusive
This tell RF that 1234.4356.0000 is the ONLY mac-address that it can reach,
so don't send ANY explorers.
-Evan.
-----Original Message-----
From: Joe Chang [mailto:changjoe@earthlink.net]
Sent: Wednesday, December 04, 2002 7:29 PM
To: ccielab@groupstudy.com
Subject: Re: about dlsw
> ccielab#,Dz:C#!
>
> problem following for please help
>
> 1) vlan 2 have host with mac address 1234.4356 on router RA, RF
don't
> send explore and other traffic will be not affected ?
Lets see if I can do this without looking at my notes =)
On RA:
dlsw remote-peer 0 tcp <RF> icanreach mac-address 1234.4356.0000
0000.0000.FFFF
Other traffic may be affected because "icanreach" implicitly denies all
other traffic to RA.
> 2) R2 ONLY device with mac address 1233.4444 can access whole
network
> ,can't use layer2 filter.
On all the peers of R2 configure this:
dlsw remote-peer 0 tcp <R2> dmac-output-list 700
access-list 700 permit 0x1234.4444.0000 0x0000.0000.FFFFF
There is no one-liner that can be configured on R2 to acheive the same thing
.
> 3) only sna packet permit
dlsw remote-peer 0 tcp <ip> lsap-output-list 200
access-list 200 permit 0x0D0D 0x0000
> 4) switch : mac 01-02-03-04-05-06 and ip 11.1.1.1 binding.
>
Don't know about this one.
Had to peek at my notes. I guess I'm not ready yet....
This archive was generated by hypermail 2.1.4 : Fri Jan 17 2003 - 17:21:39 GMT-3