Re: dlsw - mac reachability

From: Fred Ingham (fingham@cox.net)
Date: Thu Aug 07 2003 - 14:51:10 GMT-3

• Next message: ccie2be: "Re: dlsw - mac reachability"
• Previous message: Joe Martin: "RE: Etherchannel"
• Maybe in reply to: ccie2be: "dlsw - mac reachability"
• Next in thread: ccie2be: "Re: dlsw - mac reachability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

!
!
!
When you use the dest-mac address you are specifying the remote mac address.
Explorers will
only be forwarded when this is the destination address. So configuring
dest-mac on r1 is
configuring a filter that will only pass traffic from r1 to 4000.4000.4000
on a remote peer. If
you have more than one mac-address you would use a 700 series access-list
and dmac-output-list.

When you use the icanreach mac-address you are specifying locally attached
mac-addresses. These
addresses are advertised to connected peers in the capabilities exchange and
will appear on the peers
when you do a show dlsw capab. Packets will only be forwarded to the peer
advertising local
mac-addresses when those addresses are the destination. The mac-exclusive
says that these are
the only two addresses that are locally reachable.

You should be able to test this without token-ring in your setup. Configure
the statements on
r1 or r5 and then look at the dlsw capabilities for r1/r5 on another peer or
do a show dlsw cap local
on the peer you configured. You should see the mac-addresses and the
mac-exclusive flag set in the
capabilities.

In the example I suspect that token-ring is only mentioned to indicate that
the addresses are
in non-canonical format and do not have to be bit-swapped. The first 4
indicates that the
address is a locally administered address.

Cheers, Fred
----- Original Message -----
From: "ccie2be" <ccie2be@nyc.rr.com>
To: "Group Study" <ccielab@groupstudy.com>
Sent: Thursday, August 07, 2003 11:46 AM
Subject: dlsw - mac reachability

> good morning everyone,
>
> I had practice lab requirement as follows:
>
> Assume that only mac 4000.4000.4000 and 4000.4000.4001 exist on the T/R
> between R1 and R5. Configure R1 and/or R5 such that explorer traffic is
> limited to only the mac address:
>
>
> I thought I could fulfill this requirement with the following command on
R1
>
> dlsw remote-peer 0 tcp 192.168.3.3 dest-mac 4000.4000.4000
>
> and a similar command on R5.
>
> But, the solution used:
>
> Dlsw icanreach mac-exclusive
> Dlsw icanreach mac-address 4000.4000.4000 mask ffff.ffff.fffe
>
> I don't have T/R in my lab so I can't test this but I'm wondering what's
the
> difference between these 2 techniques?
>
> Any advice or insight is greatly appreciated. Thanks, dt
>
>
> _______________________________________________________________________
> You are subscribed to the GroupStudy.com CCIE R&S Discussion Group.
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: ccie2be: "Re: dlsw - mac reachability"
• Previous message: Joe Martin: "RE: Etherchannel"
• Maybe in reply to: ccie2be: "dlsw - mac reachability"
• Next in thread: ccie2be: "Re: dlsw - mac reachability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Sep 02 2003 - 18:53:55 GMT-3