vlan-map filters

From: ccie2be (ccie2be@nyc.rr.com)
Date: Tue Aug 10 2004 - 12:37:36 GMT-3

• Next message: Larry Metzger: "RE: spanning-tree portfast trunk"
• Previous message: Richard Dumoulin: "RE: Regarding "ip pim nbma-mode""
• Next in thread: Koen Peetermans: "RE: vlan-map filters"
• Maybe reply: Koen Peetermans: "RE: vlan-map filters"
• Maybe reply: Koen Peetermans: "RE: vlan-map filters"
• Maybe reply: ccie2be: "Re: vlan-map filters"
• Maybe reply: Ryan, Jeff: "RE: vlan-map filters"
• Maybe reply: Marvin Greenlee: "Re: vlan-map filters"
• Maybe reply: Brian McGahan: "RE: vlan-map filters"
• Maybe reply: ccie2be: "Re: vlan-map filters"
• Maybe reply: ccie2be: "Re: vlan-map filters"
• Maybe reply: Brian McGahan: "RE: vlan-map filters"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi guys,

From IE lab 11, task 1.16 and 1.17

Problem:

Allow only ip traffic on vlan 56, however, if other behind the scenes traffic
is NOT allowed, there'll be big trouble in Cisco lab city.

Solution:

ip access-list extended IPONLY
permit ip any any
!
mac access-list extended IP_ARP
permit any any 0x806 0x0 < --- Can this found on Doc CD?

mac access-list extended IS-IS
permit any any lsap 0xFEFE 0x0 < ---- Can this found on Doc CD?

mac access-list extended IEEE-STP
permit any any lsap 0x4242 0x0 < ---- Can this found on Doc CD?
!
vlan access-map IPONLY 10
action forward
match ip address IPONLY

vlan access-map IPONLY 20
action forward
match mac address IP_ARP

vlan access-map IPONLY 30
action forward
match mac address IS-IS

vlan access-map IPONLY 40
action forward
match mac address IEEE-STP

vlan access-map IPONLY 50
action drop
vlan filter IPONLY vlan-list 56

vlan filter IPONLY vlan-list 56

Question: Does anybody know where on the Doc-CD the codes used match these
traffic types can be found? I've looked but came up empty.

Also, cdp traffic will be dropped by the above vlan filter. Is that a good
idea?

Thanks, Tim

• Next message: Larry Metzger: "RE: spanning-tree portfast trunk"
• Previous message: Richard Dumoulin: "RE: Regarding "ip pim nbma-mode""
• Next in thread: Koen Peetermans: "RE: vlan-map filters"
• Maybe reply: Koen Peetermans: "RE: vlan-map filters"
• Maybe reply: Koen Peetermans: "RE: vlan-map filters"
• Maybe reply: ccie2be: "Re: vlan-map filters"
• Maybe reply: Ryan, Jeff: "RE: vlan-map filters"
• Maybe reply: Marvin Greenlee: "Re: vlan-map filters"
• Maybe reply: Brian McGahan: "RE: vlan-map filters"
• Maybe reply: ccie2be: "Re: vlan-map filters"
• Maybe reply: ccie2be: "Re: vlan-map filters"
• Maybe reply: Brian McGahan: "RE: vlan-map filters"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Sep 03 2004 - 07:02:36 GMT-3