RE: CAT3550: ACLs concepts

From: Brian Dennis (brian@labforge.com)
Date: Sat Jul 05 2003 - 18:09:12 GMT-3

• Next message: Brian McGahan: "RE: OSPF Demand Circuit"
• Previous message: Brian McGahan: "RE: OSPF Demand Circuit"
• Maybe in reply to: Emad : "CAT3550: ACLs concepts"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

You should get a sniffer and then capture a fragmented TCP/UDP session.
It will answer all your questions ;-) Below is a fragmented TFTP packet
I captured. Check and see what is missing and how what is missing would
be effected by an ACL.

IP: Continuation of frame 3
IP: ----- IP Header -----
IP:
IP: Version = 4, header length = 20 bytes
IP: Type of service = 00
IP: 000. .... = routine
IP: ...0 .... = normal delay
IP: .... 0... = normal throughput
IP: .... .0.. = normal reliability
IP: .... ..0. = ECT bit - transport protocol will ignore the CE bit
IP: .... ...0 = CE bit - no congestion
IP: Total length = 68 bytes
IP: Identification = 1
IP: Flags = 2X
IP: .0.. .... = may fragment
IP: ..1. .... = more fragments
IP: Fragment offset = 288 bytes
IP: Time to live = 255 seconds/hops
IP: Protocol = 17 (UDP)
IP: Header checksum = 3F74 (correct)
IP: Source address = [172.16.1.250]
IP: Destination address = [172.16.1.245]
IP: No options
IP:
IP: [48 bytes of continuation data]
IP:
ADDR HEX ASCII
0000: 00 e0 81 21 62 48 00 e0 1e 68 35 d3 08 00 45 00 | .`!bH.`.h5S..E.
0010: 00 44 00 01 20 24 ff 11 3f 74 ac 10 01 fa ac 10 | .D.. $.?t..z.
0020: 01 f5 37 32 2e 31 36 2e 31 2e 32 35 30 20 32 35 | .u72.16.1.250 25
0030: 35 2e 32 35 35 2e 32 35 35 2e 30 0a 20 69 70 20 | 5.255.255.0. ip
0040: 6d 74 75 20 36 38 0a 21 0a 69 6e 74 65 72 66 61 | mtu 68.!.interfa
0050: 63 65 | ce

Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Emad
Sent: Saturday, July 05, 2003 12:56 PM
To: ccielab@groupstudy.com
Subject: CAT3550: ACLs concepts

Folks,
I was reading this part in the DOC CD but I really get confused , can
anybody understands it help me!

http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/12113ea1/3550s
cg/swacl.htm#1102021

it is concerning handling fragments and non-fragments packets under ACLs

Thanx in advance

• Next message: Brian McGahan: "RE: OSPF Demand Circuit"
• Previous message: Brian McGahan: "RE: OSPF Demand Circuit"
• Maybe in reply to: Emad : "CAT3550: ACLs concepts"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Wed Aug 06 2003 - 06:52:25 GMT-3