Re: Match Protocol or Match ip address

From: k c (jwongccie@yahoo.com.hk)
Date: Thu May 12 2005 - 12:07:38 GMT-3

• Next message: James Matrisciano: "RE: neighbor priority on NBMA"
• Previous message: Oliver Grenham: "Re: neighbor priority on NBMA"
• Maybe in reply to: k c: "Match Protocol or Match ip address"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Sean & Group,
 
I want to clarify again. I use Ethereal to capture the dlsw packets and find that only 2065 is used. In searching DLSW using 2067 port, I find in new RFC 2166 that new enhancement (new single session bi-directional TCP/IP connection) using tcp port 2067. I wonder whether Cisco has implemented this and whether in exam, we need to include tcp 2067 port.
 
http://www.potaroo.net/ietf/idref/rfc2166/
   In RFC 1795, single session TCP/IP connections are accomplished by
   first establishing two uni-directional TCP connections, exchanging
   capabilities, and then bringing down one of the connections. In
   order to avoid the unnecessary flows and time delays associated with
   this process, a new single session bi-directional TCP/IP connection
   establishment algorithm is defined.

6.2.1.1 TCP Port Numbers

   DLSws implementing these enhancements will use a TCP destination port
   of 2067 (as opposed to RFC 1795 which uses 2065) for single session
   TCP connections. The source port will be a random port number using
   the established TCP norms which exclude the possibility of either
   2065 or 2067.

Regards.

Sean C <Upp_and_Upp@hotmail.com> <6<g:
Hi K C,

I can't validate if this is still true or not, but I remember a valuable
discussion on this topic from GroupStudy last year:

http://www.groupstudy.com/archives/ccielab/200407/threads.html#00564

Also, you may want to consider matching on source and destination port 2067
as well as 2065.

HTH,
Sean
----- Original Message -----
From: "k c"
To:
Sent: Sunday, May 08, 2005 10:52 AM
Subject: Match Protocol or Match ip address

> Hi Group,
>
> In order to classify dlsw packets, which one is preferred in the lab:
>
> class-map match-all dlsw
> match protocol dlsw
>
> or using access-list:
>
> class-map match-all DLSW
> match access-group 150
> access-list 150 permit tcp any any eq 2065
> access-list 150 permit tcp any eq 2065 any
>
> Also in priority list:
> priority-list 1 protocol ip high tcp 2065
> or
> priority-list 1 protocol dlsw high
>
> Thanks.
>
>
>
> ---------------------------------
> 7Q'Y.I&,(l7s email 3q*>!H
> $U8| Yahoo! Messenger
> http://messenger.yahoo.com.hk
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: James Matrisciano: "RE: neighbor priority on NBMA"
• Previous message: Oliver Grenham: "Re: neighbor priority on NBMA"
• Maybe in reply to: k c: "Match Protocol or Match ip address"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Jun 03 2005 - 10:11:57 GMT-3