Re: Router trick - how to allow only one single packet

Hi Tyson,

Thanks for your offer but all that is changing is a field that is
quite random with some timing information that is encoded. So I
cannot calculate the value for this field for the first packet or
subsequent packets.

I seem to have a hack that is working ( a few static routes going to
nirvana). So I have per packet load balancing enabled and the EEM
(ACL didn't seem much faster than shutting down the interface).
Anyway that kicks in fast enough by the time the round robin of static
routes has completed.

Rgds,
Rich

On Tue, Nov 9, 2010 at 9:31 PM, Tyson Scott <tscott_at_ipexpert.com> wrote:
> Rich,
>
> You said there is some distinguishable information in the retries. If you
> use 15 Mainline you can look anywhere in the packet for information and
> match based on that criteria.
>
> If you give us some detail I can tell you how to do this.
>
> Jay,
>
> Flexible Packet Matching is a topic within scope of the lab, but is more
> heavily a security topic
>
> Regards,
>
> Tyson Scott - CCIE #13513 R&S, Security, and SP
> Managing Partner / Sr. Instructor - IPexpert, Inc.
> Mailto: tscott_at_ipexpert.com
>
>
>
> -----Original Message-----
> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of Jay
> McMickle
> Sent: Saturday, November 06, 2010 7:28 PM
> To: Ck
> Cc: Yaser; Marko Milivojevic; Rich Collins; Cisco certification
> Subject: Re: Router trick - how to allow only one single packet
>
> Marko-
> I read up on FPM. how is it any different than QoS? Your using the
> pre-loaded traffic signatures and marking packets to be actioned upon.
>
> Is this something we should expect on the Lab exam?
>
> Thanks in advance for the info!
>
> Regards,
> Jay McMickle- CCNP,CCSP,CCDP
> Sent from my iPhone
> http://mycciepursuit.wordpress.com
>
>
> On Nov 6, 2010, at 1:10 PM, Ck <chella2ck_at_yahoo.co.in> wrote:
>
>> Flexible Packet Matching (FPM)
>> :)
>> Kumar
>>
>> On 11/6/10 11:35 PM, "Yaser"
>> <yasser.alyusuf_at_gmail.com> wrote:
>>
>> What is FPM ?
>>
>> On Thu, Nov 4, 2010 at 7:54
>> PM, Marko Milivojevic <markom_at_ipexpert.com>wrote:
>>
>> If the retries are somehow
>> distinguishable from the original requests,
>> you may want to consider using
>> FPM.
>>
>> --
>> Marko Milivojevic - CCIE #18427
>> Senior Technical Instructor -
>> IPexpert
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Wed Nov 10 2010 - 16:31:09 ART