From: Kenneth Wygand (KWygand@customonline.com)
Date: Wed Aug 06 2003 - 12:12:46 GMT-3
When denying EIGRP traffic as interesting on an ISDN line, if you simply
put:
Access-list 100 deny eigrp any any
Does this block eigrp at the protocol field level, as opposed to a
packet destination IP address of 224.0.0.10?
If so, then this access list should also block unicast updates as per
neighbor statements in the EIGRP process configuration as well.
Furthermore, declaring an interface passive appears to only block
multi/broadcast network advertisements from leaving that interface, but
specific neighbors can still be specified with neighbor statements and
protocol updates will then flow via unicast instead, independent of the
"passive-interface" command.
Can anyone confirm these thoughts?
Kenneth E. Wygand
Systems Engineer, Project Services
CISSP #37102, CCNP, CCDP, MCP 2000, CNA 5.1, Network+, A+
Custom Computer Specialists, Inc.
"It's not just about ending up where you want to be, it's about making
the most of the trip there."
-Anonymous
This archive was generated by hypermail 2.1.4 : Tue Sep 02 2003 - 18:53:54 GMT-3