From: gladston@br.ibm.com
Date: Tue May 31 2005 - 11:43:12 GMT-3
Trying to understand what is going on (if it is a common behavior).
Access-list applyed to ethernet denying ping from R4 to itself
r4#p 172.16.48.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.48.4, timeout is 2 seconds:
*Mar 1 02:28:49.919: %SEC-6-IPACCESSLOGDP: list 101 denied icmp 172.16.48.4 -> 172.16.
48.4 (8/0), .....
Success rate is 0 percent (0/5)
r4#sh run int fa 0/0
Building configuration...
Current configuration : 146 bytes
!
interface FastEthernet0/0
ip address 172.16.48.4 255.255.255.0
ip access-group 101 in
ip pim sparse-dense-mode
end
r4#sh access-list 101
Extended IP access list 101
10 permit tcp 172.16.48.0 0.0.0.255 host 172.16.48.4 eq telnet
20 permit ospf any any (1005 matches)
30 permit pim any any (342 matches)
40 permit igmp any any (161 matches)
50 Dynamic mytestlist permit ip any any
60 permit icmp host 172.16.48.8 any echo-reply (2474 matches)
70 permit icmp host 172.16.48.8 any echo
80 permit icmp host 172.16.8.1 any echo
90 permit icmp host 172.16.8.1 any echo-reply (21 matches)
100 permit icmp host 172.16.18.8 any echo-reply (16 matches)
110 permit icmp host 172.16.18.8 any echo
120 deny ip any any log (453 matches)
Any feedback appreciated.
This archive was generated by hypermail 2.1.4 : Fri Jun 03 2005 - 10:12:03 GMT-3