Re: Ethertype for mac access-list on DocCD

From: Gregory Gombas (ggombas@gmail.com)
Date: Thu Aug 09 2007 - 22:02:34 ART

• Next message: James MacDonald: "OSPF Summarization question"
• Previous message: Antonio Soares: "RE: getting a CCIE job in Europe"
• Maybe in reply to: ISolveSystems: "Ethertype for mac access-list on DocCD"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Thanks guys.

I did some more reading on LSAP types. Type 0xAAAA represents the SNAP
sub-header itself, but it says nothing about the protocol
type/discriminator.

How can you get your ACL to match only RSTP+ type snap headers without
matching other snap frames?

http://www.wildpackets.com/support/compendium/manual_appendices/nxA1_packets/printable

"802.2 SNAP ids
When both the DSAP and SSAP are set to 0xAA, the type is interpreted
as a protocol not defined by IEEE and the LSAP is referred to as
SubNetwork Access Protocol (SNAP).

In SNAP, the 5 bytes that follow the DSAP, SSAP, and control byte are
called the Protocol Discriminator.

In EtherPeek, protocol type specifications found in this optional
5-byte SNAP section of the 802.2 header are referred to as 802.2 SNAP
IDs. The following figure shows an example of an 802.2 header with a
SNAP ID.
"

On 8/9/07, CCIE 19999 <ccie@iprimus.com.au> wrote:
> I have read this from one of the forums:
> To find the frame types, run a debug of spanning tree and the frame type can
> be located in there, See below:
>
> CAT1#debug spanning-tree all
> 19:23:45: STP: VLAN0060 rx BPDU: config protocol = ieee, packet from
> FastEthernet0/14 , linktype SSTP , enctype 3, encsize 22
> 19:23:45: STP: enc 01 00 0C CC CC CD 00 0B FD AF 99 8E 00 32 AA AA 03 00 00
> 0C 01 0B
> 19:23:45: STP: Data
> 0000000000803C000BFDAF998000000000803C000BFDAF9980800E0000140002000F00
> 19:23:45: STP: VLAN0060 Fa0/14:0000 00 00 00 803C000BFDAF9980 00000000
> 803C000BFDAF9980 800E 0000 1400 0200 0F00
> 19:23:45: STP(60) port Fa0/14 supersedes 0
> 19:23:45: STP: opt: VLAN0060: get ports: chunk 0 allocated
> 19:23:45: STP: opt: VLAN0060: freeing opt chunk 0
> 19:23:45: STP SW: PROC RX: 0100.0ccc.cccd<-000b.fdaf.998e type/len 0032
> 19:23:45: encap SNAP linktype sstp vlan 700 len 64 on v700 Fa0/14
> 19:23:45: AA AA 03 00000C 010B SSTP
> 19:23:45: CFG P:0000 V:00 T:00 F:00 R:82BC 000b.fdaf.9980 00000000
> 19:23:45: B:82BC 000b.fdaf.9980 80.0E A:0000 M:1400 H:0200 F:0F00
> 19:23:45: T:0000 L:0002 D:02BC
>
> Look for the encapsulation, it says SNAP..... AA AA
>
> By the way, I believe you must have memorized the frame type for SNAP, LSAP
> and ARP already :)
>
> HTH,
> Shine
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Antonio Soares
> Sent: Friday, 10 August 2007 5:54 AM
> To: 'Gregory Gombas'; 'Ben'
> Cc: 'ISolveSystems'; 'Cisco certification'
> Subject: RE: Ethertype for mac access-list on DocCD
>
> STP don't use Ethernet II frames. It uses 802.3 SNAP Frames.
>
> IEEE STP uses Ethernet SNAP Frames with DSAP=SSAP=0x42 which means
> LSAP=0x4242.
> Cisco's PVST+ uses Ethernet SNAP Frames with DSAP=SSAP=0xAA which means
> LSAP=0xAAAA.
>
>
> Regards,
>
> Antonio Soares
> CCIE #18473, CCNP, CCIP
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Gregory Gombas
> Sent: quinta-feira, 9 de Agosto de 2007 18:24
> To: Ben
> Cc: ISolveSystems; Cisco certification
> Subject: Re: Ethertype for mac access-list on DocCD
>
> Great question!
>
> I see arp on there:
> 0806 - Address Resolution Protocol (for IP and CHAOS)
>
> I don't see PVST+ on there? I thought it was 0x4242 but it appears to be
> assigned to PCS Basic Block Protocol?
>
> Also is the PVST+ ethertype different from IEEE?
>
> On 8/9/07, Ben <bmunyao@gmail.com> wrote:
> > http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cr/
> > hbr_r/br_aph.htm
> >
> > HTH
> > Ben
> >
> >
> > On 8/9/07, ISolveSystems <support@isolvesystems.com> wrote:
> > >
> > > Experts,
> > >
> > > May I know if I can find a list of ethertype in DocCD?
> > >
> > > The question asks to permit IP only traffic. I saw that I have to
> > > permit ip any any as well as ip arp and PVSTPLUS.
> > >
> > > It's easier if ethertype is avai. in DocCD than memorizing...
> > >
> > > Cheers and Behappy!
> > >
> > > ____________________________________________________________________
> > > ___ Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> >
> > ______________________________________________________________________
> > _ Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: James MacDonald: "OSPF Summarization question"
• Previous message: Antonio Soares: "RE: getting a CCIE job in Europe"
• Maybe in reply to: ISolveSystems: "Ethertype for mac access-list on DocCD"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Sep 01 2007 - 11:32:10 ART