When Mac conversion is required?

From: Andrew B. Caslow (abcaslow@netmasterclass.net)
Date: Tue Jun 15 2004 - 18:17:29 GMT-3

Peng,

 

As already mentioned by others, DLSw+ processes all MAC addresses in
non-canonical format. Therefore, if you wanted to specify an Ethernet
originated frame with any DLSw+ command such as an "icanreach" command or a
dmac-output-list referenced in a remote-peer statement, you need to convert
the canonical Ethernet address into a non-canonical format.

 

However, if you wanted to filter an Ethernet frame by MAC address at the
very edge of your DLSw+ configuration, this would be at the Ethernet
interface level with interface configuration commands such as:

 

R1(config-if)#bridge-group 1 input-address-list ?

  <700-799> Ethernet address access list

R1(config-if)#bridge-group 1 output-address-list

 

Then you would not convert the Ethernet MAC address into a non-canonical
format. These commands operate with the transparent bridging process. While
the Ethernet frames are being processed by the transparent bridging process,
their address formats are still interpreted in a canonical format. It is
when the Ethernet frames are transferred to the DLSw+ process that they are
interpreted in a non-canonical format.

 

To better understand this, compare an Ethernet MAC address that is processed
in a DLSw+ configuration with the following two show commands generated on
the same router:

 

************************

R1#sh bridge

 

Total of 300 station blocks, 299 free

Codes: P - permanent, S - self

 

Bridge Group 1:

 

    Address Action Interface Age RX count TX count

0000.861f.6892 forward Ethernet0 0 24 0

 

************************

 

R1#sh dlsw reach

DLSw Local MAC address reachability cache list

Mac Addr status Loc. port rif

0000.61f8.1649 FOUND LOCAL TBridge-001 --no rif--

 

************************

 

Again, these two commands should be performed on the same router. The router
is an edge DLSw+ device connecting an Ethernet segment configured with
transparent bridging to a locally configured DLSw+ process.

 

With the "show bridge command", the Ethernet MAC address is still
represented in a canonical format. This is because the MAC address is still
being processed by the router's transparent bridging module. With the "show
dlsw reachability" command, the Ethernet MAC address has been converted into
a non-canonical format. At this point, the MAC address is now being
processed by the router's DLSw+ module.

 

For more details on DLSw+ filtering, check out the 13 page NetMasterClass
Tech-Note at http://www.netmasterclass.net/site/lib.php

 

The paper is titled "DLSw Filtering". It is loaded with examples and
detailed explanations.

 

HTH,

 

-Bruce Caslow CCIE #3139

 NetMasterClass, LLC

 

 

 

 

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Nigel.Johnson@barclayscapital.com
Sent: Tuesday, June 15, 2004 2:55 AM
To: cccie71@yahoo.com; zpnist@yahoo.com; ccielab@groupstudy.com
Subject: RE: When Mac conversion is required?

 

I would convert both too. DLSW always uses non-canonical addresses.

 

Nigel

 

-----Original Message-----

From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Tom

Rogers

Sent: 15 June 2004 07:00

To: Peng Zheng; ccielab@groupstudy.com

Subject: Re: When Mac conversion is required?

 

 

I would convert in both if the resource is on Ethernet.

 

Peng Zheng <zpnist@yahoo.com> wrote:Hi,

 

For dlsw config with only Ethernet, when should I

convert the cannonical to non-cannonical address?

 

Do I need to convert in

 

dlsw icanreach max-address

 

and

 

dmac-output-list?

 

Thanks.

 

 

 

 

__________________________________

Do you Yahoo!?

Friends. Fun. Try the all-new Yahoo! Messenger. http://messenger.yahoo.com/

 

o!?

Friends. Fun. Try the all-new Yahoo! Messenger. http://messenger.yahoo.com/

 

 

 

            

---------------------------------

Do you Yahoo!?

Friends. Fun. Try the all-new Yahoo! Messenger

 

 

 

------------------------------------------------------------------------

For more information about Barclays Capital, please

visit our web site at http://www.barcap.com.

 

 

Internet communications are not secure and therefore the Barclays

Group does not accept legal responsibility for the contents of this

message. Although the Barclays Group operates anti-virus programmes,

it does not accept responsibility for any damage whatsoever that is

caused by viruses being passed. Any views or opinions presented are

solely those of the author and do not necessarily represent those of the

Barclays Group. Replies to this email may be monitored by the Barclays

Group for operational or business reasons.

 

------------------------------------------------------------------------

This archive was generated by hypermail 2.1.4 : Sat Jul 03 2004 - 19:40:41 GMT-3