From: CCIE2B (sumit.kumar@comcast.net)
Date: Mon May 31 2004 - 14:46:14 GMT-3
Check out the Dlsw filtering doc at
http://www.netmasterclass.net/site/lib.php#
It will answer your first question.
For second question DLSW is peer relationship based protocol, with
access-lists and SAP filters you are providing /blocking access of remote
DLSW peer to local resources. You may block certain resources like netbios
SAPS to a peer and allow to others. Somewhat like bgp ---neighbors.
----- Original Message -----
From: "Tomasz Szymanski" <tomasz.szymanski@trecom.pl>
To: <ccielab@groupstudy.com>
Sent: Monday, May 31, 2004 12:20 PM
Subject: Netbios access lists /DLSW
> Hi All,
>
> I would like to ask if someon can give me clear answers to 2 questions:
>
> 1. In netbios access-list how should I permit any host?
>
> netbios access-list host test permit *
>
> or
>
> netbios access-list host test permit ?*
>
> Somewhere I saw that * cannot be used at the beginning of host name. Is
> that true?
>
>
> 2. When there is a task to block Netbios traffic on the router what
> would be the correct solution
>
> a) dlsw icannotreach saps F0
>
> b) dlsw icannotreach saps F0
> + lsap-output-list denying netbios
>
> for example:
> dlsw remote-peer 0 tcp x.x.x.x lsap-output-list 200
> access-list 200 deny 0xF0F0 0x0101
> access-list 200 permit 0x0000 0xFFFF
>
> My question is:
> Does "dlsw icannotreach saps F0" block outgoing netbios traffic also?
>
> _______________________________________________________________________
> Please help support GroupStudy by purchasing your study materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Wed Jun 02 2004 - 11:12:19 GMT-3