IS-IS is carried by OSI, not IP; you should try finding the ethertype it's using (maybe 00FE or FEFE) and use a MAC ACL to filter the OSI traffic.
Converting to an IP routerport without IS-IS attached would achieve better isolation, is it possible on this scenario ? We strongly prefer to use routerports on connections to customers/peers/upstreams, and even there we filter IP multicast traffic. Rubens On Jan 18, 2008 9:39 AM, Ulysses Maciel da Costa <[EMAIL PROTECTED]> wrote: > Hi, > > > I have a vlan in my router's switchport, and I receive a link from other > company. Last week my network goes down. I analyze my network and saw a lot > of IS-IS packets. By the way, my routes inside this vlan are static. I've > tried to create an ACL inside my vlan to block these IS-IS packets attached > with his ports(2042,2043), without success. > > > > Someone could help me to do an efficient ACL to block this traffic? > > > > > > _______________________________________________ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/