From: Chris Lewis \(chrlewis\) (chrlewis@cisco.com)
Date: Wed Jun 15 2005 - 10:55:33 GMT-3
Yes,
For DLSw to occur between two routers, two TCP connections are
necessary, port 2065 is the read port number and 2067 is the write port
number. The peer may show up, but the host will not be able to write
data to its peer.
Chris
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
gladston@br.ibm.com
Sent: Wednesday, June 15, 2005 8:36 AM
To: ccielab@groupstudy.com
Subject: DLSW 2067
Hi,
Port 2067 is part of DLSW protocol, but blocking it does not affect the
state of the peer (they connect).
Is anything missed if this port is blocked?
Rack2R4(config)#do sh access-list 165
Extended IP access list 165
10 permit ip 142.20.47.0 0.0.0.255 142.20.56.0 0.0.0.255
20 permit ip 142.20.44.0 0.0.0.255 142.20.28.0 0.0.0.255
30 deny udp host 142.20.4.1 eq ntp any eq ntp (42 matches)
40 permit ospf any any (149 matches)
50 permit tcp host 142.20.4.1 eq 2065 host 142.20.5.1 (239 matches)
60 permit tcp host 142.20.4.1 host 142.20.5.1 eq 2065 (64 matches)
70 deny ip any any log-input (6 matches)
*Mar 1 01:51:57: %SEC-6-IPACCESSLOGP: list 165 denied udp 142.20.4.1(0)
-> 142.20.5.1(2067), 1 packet Rack2R4(config)# Rack2R4(config)#do sh dl
pe
Peers: state pkts_rx pkts_tx type drops ckts TCP
uptime
TCP 142.20.5.1 CONNECT 10 19 conf 0 0 0
00:04:10
Total number of connected peers: 1
Total number of connections: 1
This archive was generated by hypermail 2.1.4 : Wed Jul 06 2005 - 14:43:41 GMT-3