DLSW 2067

From: gladston@br.ibm.com
Date: Wed Jun 15 2005 - 10:36:29 GMT-3

• Next message: Amit Jain: "Re: SNMP Query"
• Previous message: Orhan Osmanov: "PIX and Microsoft IAS authorization"
• Next in thread: Chris Lewis \(chrlewis\): "RE: DLSW 2067"
• Maybe reply: Chris Lewis \(chrlewis\): "RE: DLSW 2067"
• Maybe reply: Scott Morris: "RE: DLSW 2067"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi,
Port 2067 is part of DLSW protocol, but blocking it does not affect the state of the peer (they connect).
Is anything missed if this port is blocked?

Rack2R4(config)#do sh access-list 165
Extended IP access list 165
    10 permit ip 142.20.47.0 0.0.0.255 142.20.56.0 0.0.0.255
    20 permit ip 142.20.44.0 0.0.0.255 142.20.28.0 0.0.0.255
    30 deny udp host 142.20.4.1 eq ntp any eq ntp (42 matches)
    40 permit ospf any any (149 matches)
    50 permit tcp host 142.20.4.1 eq 2065 host 142.20.5.1 (239 matches)
    60 permit tcp host 142.20.4.1 host 142.20.5.1 eq 2065 (64 matches)
    70 deny ip any any log-input (6 matches)

*Mar 1 01:51:57: %SEC-6-IPACCESSLOGP: list 165 denied udp 142.20.4.1(0) -> 142.20.5.1(2067), 1 packet
Rack2R4(config)#
Rack2R4(config)#do sh dl pe
Peers: state pkts_rx pkts_tx type drops ckts TCP uptime
 TCP 142.20.5.1 CONNECT 10 19 conf 0 0 0 00:04:10
Total number of connected peers: 1
Total number of connections: 1

• Next message: Amit Jain: "Re: SNMP Query"
• Previous message: Orhan Osmanov: "PIX and Microsoft IAS authorization"
• Next in thread: Chris Lewis \(chrlewis\): "RE: DLSW 2067"
• Maybe reply: Chris Lewis \(chrlewis\): "RE: DLSW 2067"
• Maybe reply: Scott Morris: "RE: DLSW 2067"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Wed Jul 06 2005 - 14:43:41 GMT-3