Re: Router trick - how to allow only one single packet

If it was an isolated environment, and maybe even not then, you could do
something like this:

Create a trigger:
Turn on 'debug ip packet detail'
or
Use an access list with a 'log' statement

Write an EEM script to trigger when something in the log matches either the
packet details or the log statement
Have the EEM script write an ACL to block the rest of the packets

At that point I would probably manually disable to ACL to re-test. You
could get fancy and write a watchdog EEM to do this as well.

-nick

On Thu, Nov 4, 2010 at 3:27 PM, Jay McMickle <jay.mcmickle_at_yahoo.com> wrote:

> What about VACL's or MACL's? You could block this at the layer 2 frame.
>
>
> Regards,
> Jay McMickle- CCNP, CCSP, CCDP, MCSE
> http://mycciepursuit.wordpress.com/
>
>
>
>
>
> ________________________________
> From: Rich Collins <nilsi2002_at_gmail.com>
> To: Cisco certification
> <ccielab_at_groupstudy.com>
> Sent: Thu, November 4, 2010 9:48:37 AM
> Subject:
> Router trick - how to allow only one single packet
>
> Hi all,
>
> I am trying to
> test a client application in the lab and need a method
> to block subsequent
> requests to a server. The retries (UDP packets
> with same length, port number)
> etc. from this client should not reach
> the server. The retries occur less
> than a second later and continue.
>
> Limiting by CAR would still pass some of
> the requests a few seconds
> later. I can't record and spoof this first packet
> because of the
> encoding in the packet.
>
> I was also thinking of load balancing
> by packet and creating numerous
> sinkholes at dummy destinations.
>
> Any ideas or
> EEM?
>
> Thanks
> Rich
>
>
>
> On Fri, Sep 24, 2010 at 1:15 PM, Jason Morris
> <mcnever_at_gmail.com> wrote:
> > I think I scheduled my flights all before 6pm.
> >
> > And just an FYI, I can't vouch for any other hotels in RTP but, the
> Wingate
> > on cisco's site runs a shuttle to the airport to pick you up, one to
> Cisco
> >
> in the morning and then will even come back and pick you up at Cisco and
> >
> take you to the airport after the lab. That helped cut a lot of time,
> >
> stress money out of the trip for me.
> >
> > Make sure you call them before you
> actually get to RTP to make sure they're
> > still doing that and to let them
> know you'll need the shuttle.
> >
> > Thanks
> > Jason
> >
> >
> >
> >
> >
> > On Thu, Sep 23,
> 2010 at 6:34 PM, Rich Collins <nilsi2002_at_gmail.com> wrote:
> >>
> >> I usually go
> for 7pm and that has always been plenty of time to return
> >> the rental car
> and checkin (no luggage).
> >>
> >> -Rich
> >>
> >>
> >> Blogs and organic groups at
> http://www.ccie.net
> >>
> >>
> _______________________________________________________________________
> >>
> Subscription information may be found at:
> >>
> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at
> http://www.ccie.net
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Thu Nov 04 2010 - 20:44:18 ART