From: Amit Jain (netsteps@rediffmail.com)
Date: Fri Jul 08 2005 - 03:52:35 GMT-3
Thanks Scott. It helped.
Amit
----- Original Message -----
From: "Scott Morris" <swm@emanon.com>
To: "'Amit Jain'" <netsteps@rediffmail.com>; "'Schulz, Dave'"
<DSchulz@dpsciences.com>; "'Group Study'" <ccielab@groupstudy.com>
Sent: Friday, July 08, 2005 10:18 AM
Subject: RE: protocol type-code information on DocCD
> If it's something passed BETWEEN the DLSW peers, then I would use an LSAP
> output list which would be looking for the 04 values (SNA on Ethernet SAP
> code). The ethertype values would not get filtered by applying it in that
> manner. Since it's an "LSAP" output list, it is looking for SAP values
not
> the ethertypes.
>
> If the ACL was applied inbound to the ethernet interface, then you could
use
> it that way.
>
> For using LSAPs, it is a little tricky and there will be some
memorization.
> There are examples on the DocCD using the 0xF0F0 with a mask of 0x0101
which
> is for Netbios. (F0 and F1 entries in both DSAP and SSAP fields)
>
> For many DLSW filters, you'll see 0x0000 with a mask of 0x0D0D on the
DocCD.
> This is way overkill for an ethernet-only lab, but it's a defendable
> position since it's the prime example on the DocCD. 04 and 05 are really
> the values that you'll see in Ethernet. 08, 09, 0C and 0D you MAY see
with
> specific PDU controllers, but not with pure routers. 00 is for explorer
> packets which aren't likely without SRB run. And 01 doesn't exist. So,
> while it's overkill (best IMHO is 0x0404 with a mask of 0x0001), as stated
> it's able to be found on the DocCD and therefore a defendable position.
>
> I wouldn't spend a lot of my brain cycles memorizing those things. I
would
> just be comfortable in looking it up and finding an example to refresh my
> memory.
>
> HTH,
>
> Scott
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Amit
> Jain
> Sent: Friday, July 08, 2005 12:28 AM
> To: swm@emanon.com; 'Schulz, Dave'; 'Group Study'
> Subject: Re: protocol type-code information on DocCD
>
> Scott
>
> This question is in referance to a lab requirement where you only want a
> certain type of traffic like SNA or Netbios to be passed between DLSW
peers.
> The link sent by Sila Moni
http://www.cisco.com/warp/public/698/acl200.html
> is useful but I dont think it would be accessible from lab as the article
is
> not specifically under DocCD domain. So I guess I have to memorize the
most
> common codes. :-)
>
> Amit Jain
> ----- Original Message -----
> From: "Scott Morris" <swm@emanon.com>
> To: "'Amit Jain'" <netsteps@rediffmail.com>; "'Schulz, Dave'"
> <DSchulz@dpsciences.com>; "'Group Study'" <ccielab@groupstudy.com>
> Sent: Friday, July 08, 2005 8:08 AM
> Subject: RE: protocol type-code information on DocCD
>
>
> > It's a stretch...
> >
> > First, per the DocCD:
> > "Usage Guidelines
> >
> > Type-code access lists can have negatively affect system performance;
> > therefore, keep the lists as short as possible and use wildcard bit
masks
> > whenever possible.
> >
> > Access lists are evaluated according to the following algorithm:
> >
> > .If the packet is Ethernet Type II or SNAP, the type-code field is used.
> >
> > .If the packet is another type, then the LSAP is used."
> >
> > So with a valuer of 80D5, I can tell you right away that's not a SAP
code.
> > It's an ethertype code. I haven't got a clue of the context of the lab,
> but
> > ethertype code 0x80D5 is used to indicate IBM/SNA traffic (NOTE: NOT
> > specifically DLSW, but native SNA) within a SNAP type ethernet header.
I
> > haven't found a great reference of ethertypes on the DocCD other than
> random
> > ones in different places.
> >
> > If you want more esoteric things to look up like that, check out:
> >
> > http://www.netwho.com/frame/ethertype.htm
> >
> > HTH,
> >
> > Scott
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Amit
> > Jain
> > Sent: Thursday, July 07, 2005 1:39 PM
> > To: Schulz, Dave; Group Study
> > Subject: Re: protocol type-code information on DocCD
> >
> > Hey Dave
> >
> > The list no doubt looks useful, but I am still nowhere. In an IE example
> we
> > needed to permit SNA traffic. Answer says:
> > access-list 200 permit 0x0000 0x0D0D
> > but the list you mentioned says SNA type code as 80D5. What is the part
of
> > puzzle I am missing?
> > Also I could not look for Netbios type code in list.
> >
> > Amit
> > ----- Original Message -----
> > From: "Schulz, Dave" <DSchulz@dpsciences.com>
> > To: "Amit Jain" <netsteps@rediffmail.com>; "Group Study"
> > <ccielab@groupstudy.com>
> > Sent: Thursday, July 07, 2005 8:29 PM
> > Subject: RE: protocol type-code information on DocCD
> >
> >
> > Amit -
> >
> > The type codes can be found under volume 1 of 2 (Cisco IOS Bridging and
> > IBM Networking Command Reference, Volume 1 of 2: Bridging, Release 12.3)
> > of the configuration document CD.....
> >
> >
>
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/ibm_
> > r1/index.htm
> >
> > Does this help?
> >
> >
> > Dave Schulz
> >
> > Email: dschulz@dpsciences.com
> >
> >
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> > Amit Jain
> > Sent: Thursday, July 07, 2005 7:42 AM
> > To: Group Study
> > Subject: protocol type-code information on DocCD
> >
> > Hi
> >
> > In the DLSW examples where we have to permit/deny traffic based on
> > protocol
> > type-code, I am have difficulty figuring out the correct type-code. Can
> > somebody help me locate the same on DocCd ?
> >
> > Amit
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sun Sep 04 2005 - 17:00:29 GMT-3