Cisco Systems BC-109 manual Configure Administrative Filters for Token Ring Traffic

Page 27

Configure Administrative Filters for Token Ring Traffic

Command	Purpose
netbios output-access-filter bytes name	Specify a byte-based access filter on
	outgoing messages.

Configure Administrative Filters for Token Ring Traffic

Source-route bridges normally filter frames according to the routing information contained in the frame. That is, a bridge will not forward a frame back to its originating network segment or any other network segment that the frame has already traversed. This section describes how to configure another type of filter—the administrative filter.

Administrative filters can filter frames based on the following methods:

•

•

•

•

Protocol type—IEEE 802 or Subnetwork Access Protocol (SNAP)

Token Ring vendor code

Source address

Destination address

Whereas filtering by Token Ring address or vendor code causes no significant performance penalty, filtering by protocol type significantly affects performance. A list of SNAP (Ethernet) type codes is provided in the “Ethernet Type Codes” appendix in the Bridging and IBM Networking Command Reference.

Filter Frames by Protocol Type

You can configure administrative filters by protocol type by specifying protocol type codes in an access list. You then apply that access list to either IEEE 802.2 encapsulated packets or to SNAP-encapsulated packets on the appropriate interface.

The order in which you specify these elements affects the order in which the access conditions are checked. Each condition is tested in succession. A matching condition is then used to execute a permit or deny decision. If no conditions match, a deny decision is reached.

Note If a single condition is to be denied, there must be an access-listcommand that permits everything as well, or all access is denied.

To filter frames by protocol type, use the following command in global configuration mode:

Command	Purpose
access-listaccess-list-number {permit deny} {type-code	Create an access list for filtering
wild-mask address mask}	frames by protocol type.

You can filter IEEE 802-encapsulated packets on either input or output. The access list you specify is the one you created that includes the protocol type codes.

Configuring Source-Route Bridging BC-135

Image 27

Contents SRB Configuration Task List Configuring Source-Route BridgingConfigure a Dual-Port Bridge Configure Source-Route BridgingMultiple Dual-Port Bridges Configure a Multiport Bridge Using a Virtual RingDefine a Ring Group in SRB Context Source-bridge ring-group ring-groupNo source-bridge ring-group ring-group Source-bridge route-cache cbus Configure SRB over FddiEnable SRB and Assign a Ring Group to an Interface Interface fddi slot/portConfigure SRB over Frame Relay Configure Fast-Switching SRB over FddiEnable the Automatic Spanning-Tree Function Limit the Maximum SRB Hops Enable Use of the RIF Configure Bridging of Routed ProtocolsConfigure the RIF Timeout Interval Configure a Static RIF EntryOverview of SR/TLB Following notes and caveats apply to all uses of SR/TLB No source-bridge transparent ring-group fastswitch Enable Bridging between Transparent Bridging and SRBDisable Fast-Switched SR/TLB Enable Translation Compatibility with IBM 8209 BridgesSource-bridge sap-80d5 dsap Enable Token Ring LLC2-to-Ethernet ConversionEnable 0x80d5 Processing Enable Standard Token Ring LLC2-to-Ethernet LLC2 ConversionConfigure NetBIOS Support Source-bridge proxy-netbios-only Specify Timeout and Enable NetBIOS Name CachingSpecify Dead-Time Intervals for NetBIOS Packets Configure the NetBIOS Cache Name LengthEnable NetBIOS Proxying Create Static Entries in the NetBIOS Name CacheConfigure LNM Support Netbios name-cache query-timeout secondsNetbios name-cache recognized-timeout seconds LNM Linking to a Source-Route Bridge on Each Local Ring LAN Network Manager Monitoring and Translating How a Router Works with LNMDisable LNM Functionality Enable Other LRMs to Change Router Parameters Disable Automatic Report Path Trace FunctionApply a Password to an LNM Reporting Link Enable LNM ServersChange Reporting Thresholds Change an LNM Reporting Interval Monitor LNM OperationLnm softerr milliseconds Configure NetBIOS Access Filters Configure NetBIOS Access Filters Using Station NamesSecure the SRB Network Netbios input-access-filter bytes name Configure NetBIOS Access Filters Using a Byte OffsetNetbios access-list host name permit deny pattern Netbios access-list bytes name permit deny offsetConfigure Administrative Filters for Token Ring Traffic Netbios output-access-filter bytes nameFilter Frames by Protocol Type Filter Frames by Vendor Code Filter Source AddressesFilter Destination Addresses Access Expression Example Optimize Access Expressions Configure Access ExpressionsTune the SRB Network Alter Access Lists Used in Access ExpressionsEnable or Disable the Source-Route Fast-Switching Cache Enable or Disable the SSE Establish the Connection Timeout IntervalOptimize Explorer Processing Controlling Explorer Storms in Redundant Network Topologies Configure Proxy Explorers Establish SRB Interoperability with TI MAC FirmwareMac-address ieee-address Monitor and Maintain the SRB Network Report Spurious Frame-Copied ErrorsSource-bridge tcp-queue-max number SRB Configuration ExamplesBasic SRB with Spanning-Tree Explorers Example Dual-Port Source-Route Bridge ConfigurationSRB-Only Example Optimized Explorer Processing Configuration ExampleMultiport SRB Example SRB and Routing Certain Protocols ExampleSRB with Multiple Virtual Ring Groups Example Configuration for Router aRouter a SRB over Fddi Configuration ExamplesSRB over Fddi Fast-Switching Example Configuration for Router BFrad Using SRB over Frame Relay to Connect to a Cisco Router SRB over Frame Relay Configuration ExampleAdding a Static RIF Cache Entry Example Configuration of Router aConfiguration on Router B Configuration on Router CSR/TLB for a Simple Network Example Adding a Static RIF Cache Entry for a Two-Hop Path ExampleBC-154Bridging and IBM Networking Configuration Guide Example of a Bit-Swapped Address SR/TLB with Access Filtering ExampleSpecifying a Static Entry NetBIOS Support with a Static NetBIOS Cache Entry ExampleLNM for a Simple Network Example Wayfarer# show lnm configLNM for a More Complex Network Example NetBIOS Access Filters Example Filtering Bridged Token Ring Packets to IBM Machines Example Shows a router connecting four Token Rings Following access expression would result Creating Access Filters ExampleFast-Switching Example Access Filters ExampleAutonomous Switching Example