Re: IPV6 ACL for RIPng

From: Frank (ocsic@web.de)
Date: Fri Oct 13 2006 - 02:23:20 ART

• Next message: Arun Arumuganainar: "Re: no ip pim dm-fallback"
• Previous message: loke: "Re: My regrade status"
• Maybe in reply to: Frank: "IPV6 ACL for RIPng"
• Next in thread: Alexei Monastyrnyi: "Re: IPV6 ACL for RIPng"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

srdja blagojevic schrieb:

But makes not sense, eh? Filter ipv4 rip with an ipv6 access list.

Frank
> Hi Frank,
>
> >From the output below, you can see that rip is abervation for port 520 (not
> 521).
>
> R1(config)#ipv6 access-list test
> R1(config-ipv6-acl)#permit udp any any eq ?
> <0-65535> Port number
> biff Biff (mail notification, comsat, 512)
> bootpc Bootstrap Protocol (BOOTP) client (68)
> bootps Bootstrap Protocol (BOOTP) server (67)
> discard Discard (9)
> dnsix DNSIX security protocol auditing (195)
> domain Domain Name Service (DNS, 53)
> echo Echo (7)
> isakmp Internet Security Association and Key Management Protocol
> (500)
> mobile-ip Mobile IP registration (434)
> nameserver IEN116 name service (obsolete, 42)
> netbios-dgm NetBios datagram service (138)
> netbios-ns NetBios name service (137)
> netbios-ss NetBios session service (139)
> non500-isakmp Internet Security Association and Key Management Protocol
> (4500)
> ntp Network Time Protocol (123)
> pim-auto-rp PIM Auto-RP (496)
> rip Routing Information Protocol (router, in.routed, 520)
> snmp Simple Network Management Protocol (161)
> snmptrap SNMP Traps (162)
> sunrpc Sun Remote Procedure Call (111)
> syslog System Logger (514)
> tacacs TAC Access Control System (49)
> talk Talk (517)
> tftp Trivial File Transfer Protocol (69)
> time Time (37)
> who Who service (rwho, 513)
> xdmcp X Display Manager Control Protocol (177)
>
> HTH,
> Srdja
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Frank
> Sent: Thursday, October 12, 2006 15:22
> To: Ivan; Cisco certification
> Subject: Re: IPV6 ACL for RIPng
>
> Ivan schrieb:
>
> Yes, i have seen that. But why uses the ipv6 access-list UDP port 520?
>
> When i configure "permit udp any eq rip any eq rip" it's filtering udp port
> 520 and not 521.
>
>
> Frank
>
>> RIPng - use 521 UDP port, but RIP - use 520
>>
>>
>>
> http://www.cisco.com/en/US/products/hw/routers/ps331/products_command_refere
> nce_chapter09186a008007c752.html#xtocid179522
>
>> On Thursday 12 October 2006 15:55, Frank wrote:
>>
>>
>>> Hi everybody,
>>>
>>> i can create an acl fpr ipv6 and just want to permit rip. Does this not
>>> implicitly mean i want to
>>> enable RIPng? So this would mean i want to enable rip udp port 521.
>>> But when is use:
>>>
>>> ipv6 access-list ACL_IPV6
>>> permit udp any eq rip any eq rip
>>>
>>>
>>> This is for ports udp 520. I had to use:
>>>
>>> ipv6 access-list ACL_IPV6
>>> permit udp any eq 521 any eq 521
>>>
>>>
>>> Is this a Bug?
>>>
>>>
>>> Frank
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Arun Arumuganainar: "Re: no ip pim dm-fallback"
• Previous message: loke: "Re: My regrade status"
• Maybe in reply to: Frank: "IPV6 ACL for RIPng"
• Next in thread: Alexei Monastyrnyi: "Re: IPV6 ACL for RIPng"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Wed Nov 01 2006 - 07:29:05 ART