Geo, OK Time for me to get coffee.... I missed the "not stop".
it might not stop a packet if the route-map isn't applied to the interface..... Pablo On Fri, 2003-08-22 at 12:58, Paul A. Bradford wrote: > Geo, > Not sure if I want to answer. is this OT for NANOG? :) > > the key is: > > IP: Total Length = 92 (0x5C) > > normal ICMP packets are not 92 bytes in length.... our friend Nachi does > use 92 byte packets. > > BTW: good luck trying the route-map on 2948G-L3s... ;) > > Thanks, > Paul > > > On Fri, 2003-08-22 at 12:55, Jack Bates wrote: > > Scott McGrath wrote: > > > > > > > > Geo, > > > > > > Look at your set interface Null0 command the rest is correct > > > you want to set the next hop to be Null0. How to do this is left as an > > > exercise for the reader. > > > > > > > Interface Null0 works fine. Here's a quick check. > > > > Inbound (from peers) policy matches > > route-map nachi-worm, permit, sequence 10 > > Match clauses: > > ip address (access-lists): 199 > > length 92 92 > > Set clauses: > > interface Null0 > > Policy routing matches: 10921 packets, 1048416 bytes > > > > Outbound (to internal network) accesslist matches > > Extended IP access list 181 > > deny tcp any any eq 135 (1994 matches) > > permit icmp any any echo (757 matches) > > permit icmp any any echo-reply (381 matches) > > permit ip any any (381370 matches) > > > > I cleared 181 first, then cleared route-map counters. I then checked > > route-map counters first before checking access-list counters. This > > means the access-list has more time to accrue maches yet it is > > considerably smaller. The checks were a matter of seconds. I'd say the > > policy is working. The echo/echo-reply could easily be everyday pings > > which are up abit due to various networks having performance issues. > > > > IOS Versioning can sometimes have issues. There's also the question of > > if the packet came in the inbound interface that had the policy applied. > > > > -Jack -- Paul A Bradford Senior Network Engineer Adelphia Cable Communications 814-274-1353