From: Ralph (Mandela@myrealbox.com)
Date: Thu Nov 10 2005 - 10:31:03 GMT-3
Can also use MQC Policing to DROP any ospf packet out the router interface to the vlan.
Ralph
-----Original Message-----
From: "De Witt, Duane" <duane.dewitt@siemens.com>
To: "Jaycee Cockburn - BCX SS" <Jaycee.Cockburn@bcx.co.za>, "Leigh Harrison" <ccileigh@gmail.com>
Date: Thu, 10 Nov 2005 14:58:44 +0200
Subject: RE: OSPF Hello's
So we're back to one solution which is the access-list on SW2. Thanks
for the clarification :)
-----Original Message-----
From: Jaycee Cockburn - BCX SS [mailto:Jaycee.Cockburn@bcx.co.za]
Sent: 10 November 2005 01:48 PM
To: De Witt, Duane; Leigh Harrison
Cc: Cisco certification
Subject: RE: OSPF Hello's
Importance: High
Hi All,
Bad news, database-filter doesn't filter hello packets, only LSA's...
You can test it quickly, enable it on an ethernet and check the neighbor
relations go down and then up again...
Sorry, but good thought process!
Had me thinking too....
Cheers
JC
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
De Witt, Duane
Sent: 10 November 2005 01:25 PM
To: Leigh Harrison
Cc: Cisco certification
Subject: RE: OSPF Hello's
Hi
Thanks. I think that the database-filter would be better than setting
non-broadcast, but the access-list is probably the best way. At least I
know a few ways of doing this now :)
-----Original Message-----
From: Leigh Harrison [mailto:ccileigh@gmail.com]
Sent: 10 November 2005 01:20 PM
To: De Witt, Duane
Cc: Cisco certification
Subject: Re: OSPF Hello's
Hey there Duane,
There are 2 ways of doing this (actually, there are probably loads, but
2 that I know of) on a switch.
Use an access-list to stop the packets going through.
Use "ip ospf database-filter all out"
Have a crack at setting it to non-broadcast though - that /should/ do
it.
LH
De Witt, Duane wrote:
>Hi Group
>
>
>
>In IEWB V2 Lab4 5.13-15:
>
>
>
>Do not allow hosts in VLAN3 to intercept R3's OSPF hello packets and do
>not use passive-interface.
>
>
>
>The suggested solution is an access-list on SW2 to deny OSPF on R3's
>interface.
>
>
>
>Would another solution be to set the FE interface on R3 to
>non-broadcast?
>
>
>
>Regards
>
>Duane
>
>
>
>____________________________________________
>SIEMENS Siemens Business Services
> Siemens Service Center
>
>126 14th Road
>
>Erand Gardens
>
>Midrand
>
>South Africa
>
>
>
>* +27 11 5452555
>* +27 83 4452768
>* +27 11 5415219
>* duane.dewitt@siemens.com <mailto:duane.dewitt@siemens.com>
>
>_______________________________________________________________________
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Thu Dec 01 2005 - 09:12:06 GMT-3