See comments inline.
----- Original Message -----
From: Kane, Christopher A.
To: '[EMAIL PROTECTED]'
Sent: Friday, February 23, 2001 10:38 AM
Subject: IP Protocol 89?
>In trying to understand OSPF in much more detail, I am reading RFC 2328.
>Several times Mr. Moy refers to OSPF as " IP Protocol 89". I checked the
>"RFC/Port Number" page that I reference often
>(http://www.networksorcery.com/enp/default0301.htm) and found that indeed
>OSPF is IP Protocol 89. I have not seen this before. Sure, I've worked with
>TCP/UDP port numbers, but this is the first time I've paid attention to the
>fact that the protocols themselves have numbers too. This is interesting.
>Should I look at 89 as a number that can be manipulated as I would 23
>(telnet) or 69 (tftp)?
Sure. You can filter on them, let them through, whatever. However, keep
reading.
>Can someone explain where these numbers are used? Are
>they found in headers?
Yep. Consider the frame as it goes up the stack. The type field says
"0800," so it gets handed up to IP. IP has its own protocol field - it will
*typically* be 6 or 17 (TCP or UDP respectfully, I think), and will be
handed up to TCP or UDP accordingly. From there, the port number will be
looked at - and will be 23 for Telnet, 69 for TFTP, as you mentioned.
In the case of OSPF, the IP protocol number is 89 - neither TCP (6) nor UDP
(17), but rather OSPF. It's sometimes referred to as "its own Layer 4
protocol."
>As networkers, are we concerned with these numbers?
Absolutely.
>Does anyone commonly filter based on a protocol's number?
Sure. Imagine you want to filter everything except for OSPF traffic. You'd
have to have a permit statement which allows IP protocol 89 - it wouldn't be
accurate to allow TCP or UDP port number 89 - that'd be something different
(and I'm too lazy to look up what it would be, if it even exists ;-).
>Or is getting this
>granular an exercise in futility for a network engineer?
You know, that's something I struggle with a lot. Does it really matter to
me how many bytes PPP multilink adds to a frame as it goes across a serial
link? Maybe someone else has a better answer, but in my experience it
hasn't mattered. But in this case, it will matter *if* you're running OSPF
and *if* you're doing a lot of heavy filtering.
>Thanks,
>Chris
More than welcome. :-)
Bradley J. Wilson
CCNP as of Monday, CCDP as of this morning, NNCSS, MCSE, CNX, MCT, CTT
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
