As the final conclusion in this thread:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120cavs/120m
cavs.htm
Caveats for Cisco IOS 12.0
IP Routing Protocols
CSCdm44976: IP access lists always permit IP fragments. There is no
workaround.
=
> Alex,
> If you are using a Cache engine (Cisco cache engine)
> Go to the interface that is connected to the Internet and
> redirect all http traffic to the interface where your cache
> engine resides.
Yes, I have already done this (I use Squid, but Squid 2.3 supports Cisco
WCCP v.1).
As soon
From: ElephantChild [mailto:[EMAIL PROTECTED]]
>> So IMHO in Cisco IOS ACLs there is an implicit rule like this:
>>
>> access-list 101 permit ip from any to any fragments
>> ! "fragments" is an imaginary option, Cisco doesn't understand it in fact
>>
>> Is it true ?
>It used to be. In late 19
Hello everybody,
I recently faced one strange problem with Ciscos.
If we have extended access-list:
access-list 101 permit tcp from any to any eq 80
access-list 101 deny ip from any to any
how does Cisco router processes fragmented packets ?
The problem is, only the first fragment with offse
Hello everybody,
I recently faced one strange problem with Ciscos.
If we have extended access-list:
access-list 101 permit tcp from any to any eq 80
access-list 101 deny ip from any to any
how does Cisco router processes fragmented packets ?
The problem is, only the first fragment with offse
5 matches
Mail list logo