Vlan Map

From: gladston@br.ibm.com
Date: Thu Jul 14 2005 - 12:31:52 GMT-3

• Next message: k c: "IP Multicast helper"
• Previous message: Hooman Parta: "LAB study guide"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi,

The behavior of 3550 Vlan Map is to allow non IP traffic if there is a clause that match IP.

For example, the following config will permit traffic from host A to host B, deny everything else but non-IP.

vlan access-map Vlan-filter 10
 action forward
 match ip address 111
!
access-list 111 permit ip host 148.5.26.100 host 148.5.5.1
access-list 111 permit ip host 148.5.5.1 host 148.5.26.100

As a test, remote router can send IPX:
R8#pi ABCD.0060.5c53.de81
!!!!!

R8#pi 148.5.5.1
!!!!!

R8#pi 148.5.3.1
....

So, I am wondering if a task on the lab say: -"allow traffic from host A to host B denying everything else using Vlan map" - we should explicity deny any other traffic then IP. That would be:

vlan access-map Vlan-filter 20
 action forward
 match mac address Mac-list
!
mac access-list extended Mac-list
 deny an any

R8#pi ABCD.0060.5c53.de81
.....

What do you think?

• Next message: k c: "IP Multicast helper"
• Previous message: Hooman Parta: "LAB study guide"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Sep 04 2005 - 17:00:29 GMT-3