I am not aware of any technique like CBAC or Reflexive CAL that can take
care of Trace route.
I dont think CBAC is intelligent enough to keep state information for
outgoing UDP and returing ICMP pkts.
Let me know if i missed something.
-CC13RS
On Fri, May 1, 2009 at 9:17 PM, Dale Shaw <dale.shaw_at_gmail.com> wrote:
>
> I reckon any task that asked you to do that wouldn't actually require
> you to know the range :-)
>
> (in other words, it'd be a reflexive ACL or CBAC task where return
> traffic associated outbound probes would be automagically permitted
> based on a state table entry.)
>
> cheers,
> Dale
>
> On Fri, May 1, 2009 at 1:57 PM, CCIE RS <cc13rs_at_gmail.com> wrote:
> > Thanks for the Link Scott!
> > I am asking this question form the perspective of LAB exam where, If
> asked
> > to configure an ACL (Somewhere in the path), but still allow outgoing
> > traceroute Packets.
> > I know the UDP port range starts form 33434, but I am clueless about the
> > upper limit. :(
> >
> > -CC13RS.
Blogs and organic groups at http://www.ccie.net
Received on Fri May 01 2009 - 21:25:44 ART
This archive was generated by hypermail 2.2.0 : Mon Jun 01 2009 - 07:04:41 ART