From: love cisco (love_cisco@hotmail.com)
Date: Sat Jan 11 2003 - 01:52:02 GMT-3
Hi, Fred
Thank you very much for you explanation. Excellent!! Excellent!!
It took me a quite time to figure out your answer. Excellent!!!!
Love
>From: "Fred Ingham" <fingham@cox.net>
>Reply-To: "Fred Ingham" <fingham@cox.net>
>To: "Scott Morris" <swm@emanon.com>, "'love cisco'"
<love_cisco@hotmail.com>, <ccielab@groupstudy.com>
>Subject: Re: Dlsw+ access-list filter for MAC address
>Date: Fri, 10 Jan 2003 00:08:18 -0500
>
>To filter canonical MACs from ab12.cd34.ef56 to ab12.cd34.f082
>you would use:
>dlsw icanreach mac-add d548.b32c.0700 ffff.ffff.0700 or
>access-list 700 permit d548.b32c.0700 0000.0000.f8ff
>
>This filters more than desired but cannot be avoided, e.g.
>the first byte of the last 16 bits will be either ef or f0, converting to
>non-canonical this is f7 or 0f - you have to allow all bits for the first
>nibble and a wildcard of (binary) 0111/1000 for the second nibble. The
>second byte will go from 56 to 82 canonical but will contain all hex
values
>in either nibble, i.e. look at the transition efff - f000 so all bits must
>be allowed.
>
>The filter allows canonical MACs ab12.cd34.ef00 thru ab12.cd34.f0ff. The
>original requirement covered 0x12d hosts
>(301), the resulting filter allows 0x200 hosts (512). You gotta love hex.
>
>Cheers, Fred
>----- Original Message -----
>From: "Scott Morris" <swm@emanon.com>
>To: "'love cisco'" <love_cisco@hotmail.com>; <ccielab@groupstudy.com>
>Sent: Thursday, January 09, 2003 9:37 PM
>Subject: RE: Dlsw+ access-list filter for MAC address
>
>
> > The mask will work the same as before. You just have to be aware which
> > bits you're planning to allow or not allow! It may require some extra
> > thought.
> >
> > Scott
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> > love cisco
> > Sent: Thursday, January 09, 2003 5:13 PM
> > To: swm@emanon.com; ccielab@groupstudy.com
> > Subject: RE: Dlsw+ access-list filter for MAC address
> >
> >
> > Thanks, Scott.
> >
> > How about a range of MAC address. Do I have to do the bit swap on MAC
> > address MASK?
> > For example,
> > One Ethernet canonical MAC address range is from ab12.cd34.ef56 to
> > ab12.cd34.f082. This MAC address range has 300 MAC addresses. So what
is
> > this DLSW filtering could be? dlsw icanreach mac-address 5d84.3bc2.7fa6
> > mask ffff.ffff.f12c or MAC access-list access-list 700 permit
> > 5d84.3bc2.7fa6 0000.0000.012c
> >
> > Am I right?
> >
> > Thanks
> >
> >
> >
> >
> >
> > >From: "Scott Morris" <swm@emanon.com>
> > >Reply-To: "Scott Morris" <swm@emanon.com>
> > >To: "'love cisco'" <love_cisco@hotmail.com>, <ccielab@groupstudy.com>
> > >Subject: RE: Dlsw+ access-list filter for MAC address
> > >Date: Thu, 9 Jan 2003 06:57:23 -0500
> > >
> > >This has been answered a lot in the past few weeks! :)
> > >
> > >YES, you still have to worry about it! Even though both of your
> > >ethernet's don't care, DLSW as a technology talks about things just
> > >like Token Ring does natively. So everything will get bit-swapped
twice
> >
> > >from ethernet into DLSW and then back out again. All filtering needs
> > >to be done in a bit-swapped manner.
> > >
> > >Scott
> > >
> > >-----Original Message-----
> > >From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
Of
> >
> > >love cisco
> > >Sent: Thursday, January 09, 2003 4:22 AM
> > >To: ccielab@groupstudy.com
> > >Subject: Dlsw+ access-list filter for MAC address
> > >
> > >
> > >Hi, friends
> > >
> > >Just want to confirm that since Token Ring is gone in the new lab. So
> > >we
> > >
> > >don't have to worry about convert canonical to no nocanonical for MAC
> > >access-list. Is that right?
> > >
> > >thanks!
> > >
> > >_________________________________________________________________
> > >SkA*;z5DEsSQ=xPP=;Aw#,GkJ9SC MSN Messenger:
http://messenger.msn.com/cn
> >
> > >.
> > _________________________________________________________________
> > OmSCJ@=gIOWn4s5D5gWSSJ<~O5M3!* MSN Hotmail!# http://www.hotmail.com
> > .
>.
This archive was generated by hypermail 2.1.4 : Sat Feb 01 2003 - 07:33:47 GMT-3