From: Scott Morris (swm@emanon.com)
Date: Sun Aug 22 2004 - 16:34:42 GMT-3
Response SAPs are only in the source part, never will exist in destination.
:)
So technically, your mask would be 0x0001. However, being that the docCD is
a defensible position, on the lab do whatever they do.
Following that logic, if you have no commands, you can't possibly have a
response, so your exact match mask would work perfectly fine as well. With
DLSW, you can also use the icannotreach commands to say unavailable.
HTH,
Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, CISSP,
JNCIP, et al.
IPExpert CCIE Program Manager
IPExpert Sr. Technical Instructor
swm@emanon.com/smorris@ipexpert.net
http://www.ipexpert.net
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
k_kaloianov@eircom.net
Sent: Sunday, August 22, 2004 11:13 AM
To: ccielab@groupstudy.com
Subject: Re: NetBIOS and SNA
Hi Georg,
I was wondering the same thing myself but what I found out recently is that:
When using access-lists for you have to consider that a SAP could be either
command or response, which is appointed by a C/R bit in the SSAP, 0 for
commands and 1 for responses, and this will be SSAP 0x5 will be response to
SAP 0x4, which all are included in 0x0d0d. If you want to block everytning
in NETBIOS 0xF1 and 0xF0, your wildcard mask will be 0x0101, and on the
other hand if you want to block just 0xF0F0 then you could use wildcard of
0x0000. This is how I'm trying to explain it to myself, hope it makes sense?
Reg,
Kaloyan
This archive was generated by hypermail 2.1.4 : Fri Sep 03 2004 - 07:02:47 GMT-3