[EMAIL PROTECTED] wrote:
ip address (access-lists): 199
^^^
Extended IP access list 181
^^^
Did you mean to have a mismatch between the numbers?
Or is there some magic configuration detail that links
the two together that I haven'
rface Null0
!
route-map nachi-worm permit 10
match length 92
set interface Null0
!
Good luck, tell me how it works.
Luckas.-
-Mensaje original-
De: Geo. [mailto:[EMAIL PROTECTED]
Enviado el: Viernes, 22 de Agosto de 2003 01:17 p.m.
Para: [EMAIL PROTECTED]
Asunto: Cisco filter que
CKHOLE
Michel.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Geo. Sent: Friday, August 22, 2003 9:17 AM
To: [EMAIL PROTECTED]
Subject: Cisco filter question
Perhaps one of you router experts can answer this question. When using
the cisco specified filter
Geo,
OK Time for me to get coffee I missed the "not stop".
it might not stop a packet if the route-map isn't applied to the
interface.
Pablo
On Fri, 2003-08-22 at 12:58, Paul A. Bradford wrote:
> Geo,
>Not sure if I want to answer. is this OT for NANOG? :)
>
>the key is:
>
>point a route to null0 and set the next hop to be down that route
makes no difference, the problem isn't that the packets aren't being routed
to null0, the problem is that the packets don't match the route-map for some
reason. Only difference I see is the fragment flag is set to allow fragment
o
Geo,
Not sure if I want to answer. is this OT for NANOG? :)
the key is:
IP: Total Length = 92 (0x5C)
normal ICMP packets are not 92 bytes in length our friend Nachi does
use 92 byte packets.
BTW: good luck trying the route-map on 2948G-L3s... ;)
Thanks,
Paul
On Fri, 2003-08-22 a
AIL PROTECTED]
Subject: Cisco filter question
Perhaps one of you router experts can answer this question. When using the cisco
specified filter
access-list 199 permit icmp any any echo
access-list 199 permit icmp any any echo-reply
route-map nachi-worm permit 10
! --- match I
point a route to null0 and set the next hop to be down that route
On Fri, 22 Aug 2003, Jack Bates wrote:
>
> Scott McGrath wrote:
>
> >
> > Geo,
> >
> > Look at your set interface Null0 command the rest is correct
> > you want to set the next hop to be Null0. How to do this is left as an
Scott McGrath wrote:
Geo,
Look at your set interface Null0 command the rest is correct
you want to set the next hop to be Null0. How to do this is left as an
exercise for the reader.
Interface Null0 works fine. Here's a quick check.
Inbound (from peers) policy matches
route-map nachi-worm, pe
Geo,
Look at your set interface Null0 command the rest is correct
you want to set the next hop to be Null0. How to do this is left as an
exercise for the reader.
Scott C. McGrath
On Fri, 22 Aug 2003, Geo. wrote:
>
> Perhaps one of you router experts can answer t
Perhaps one of you router experts can answer this question. When using the cisco
specified filter
access-list 199 permit icmp any any echo
access-list 199 permit icmp any any echo-reply
route-map nachi-worm permit 10
! --- match ICMP echo requests and replies (type 0 & 8)
11 matches
Mail list logo
