From: Wollmann, Bruno RQHR (Bruno.Wollmann@rqhealth.ca)
Date: Sat Jan 05 2008 - 12:48:10 ARST
Hello,
I'm trying to compile a list of IOS commands that affect outgoing,
locally generated router traffic. This is what I have so far.
1) an outbound access-list does not prevent locally generated traffic
from leaving the router. I.E. I have an outbound access-list applied to
an interface that denies icmp, telnet and rip. When I ping from this
router I receive replies, when I ping through the router I do not.
Telnet and RIP also still work.
2) I then tried MQC and defined a class-map that matches the same
access-l from example 1 and then drop this traffic in a policy-map
applied outbound on an interface. This traffic is dropped for transit
traffic and locally generated traffic. I.E. I can not ping or telnet
from this router and RIP updates are also blocked from being sent out.
3) How do I test the Frame-relay DE-list command? I tried some debugs
but I can't find any output that indicates whether the DE bit is set or
not. Does this command work for locally generated traffic or just
transit traffic?
4) What if I set the DE bit in MQC? What affect does this have on
locally generated traffic.
5) Policy routing only works on locally generated traffic when using the
"ip local policy" command.
Any input is appreciated.
thanks
Bruno
This archive was generated by hypermail 2.1.4 : Fri Feb 01 2008 - 10:37:57 ARST