>--- "Buri, Heather H" <[EMAIL PROTECTED]> wrote:
>> Chris,
>>
>> I believe all the routing protocols have their own unique port
>> identifiers.
>
>Close. IP routing protocols *may* use layer 4 sockets for data. But for
>identification is the IP protocol type.
Don't even restrict it to IP protocol type:
BGP runs over TCP
RIP runs over UDP
OSPF, IGRP, and EIGRP run directly over IP
IS-IS runs directly over data link.
There's no question that there are policies that restrict, in
particular, ICMP or UDP, so that's a common application of protocol
numbers. In access-list statements, TCP, UDP, ICMP, etc., are
macros for the protocol type number, just as telnet, http, etc., are
macros for port numbers.
Before filtering routing protocol packets, especially with access
lists that operate on protocol type rather than distribute lists or
route maps, know exactly what you are doing -- in particular, when
working with OSPF. Link state protocols, as implemented today,
generally need to flood in an area, and filtering them may break the
routing system.
>
>> I am reading Doyle's Routing TCP/IP Vol 1 right now and it discusses all
>> of
>> the routing protocols in some detail. RIP uses port 520, IGRP/EIGRP use
>> protocol 9. Doyle does give examples of packet captures on each of the
>> different protocols and the port/protocol does indeed show up in the
>> routing
>> protocol packet header. Overall, I am finding this an extremely good
>> book.
>> I can see now why so many recommend it.
>>
>> I don't have a lot of experience manipulating the routing protocols in
>> such
>> a way as you mention below but I don't see why it could not be done
>> based on
>> the fact that they do use known port/protocol id's.
>>
>> Someone else may be able to shed some additional light on this for you.
>>
> > Heather Buri
>>
>
> > In trying to understand OSPF in much more detail, I am reading RFC 2328.
>> Several times Mr. Moy refers to OSPF as " IP Protocol 89".
John is a mathematician by background. Figures. :-)
>I checked the
>> "RFC/Port Number" page that I reference often
>> (http://www.networksorcery.com/enp/default0301.htm) and found that
>> indeed
>> OSPF is IP Protocol 89. I have not seen this before. Sure, I've worked
>> with
>> TCP/UDP port numbers, but this is the first time I've paid attention to
>> the
>> fact that the protocols themselves have numbers too. This is
>> interesting.
>
>read RFC 1700
>
>IP header has an 8 bit protocol type field
>
>
>> Should I look at 89 as a number that can be manipulated as I would 23
>> (telnet) or 69 (tftp)? Can someone explain where these numbers are used?
>
>Define manipulate?
>
>> Are
> > they found in headers? As networkers, are we concerned with these
>> numbers?
>> Does anyone commonly filter based on a protocol's number? Or is getting
>> this
> > granular an exercise in futility for a network engineer?
I suppose it depends how granular the problem is.
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
