Cisco Systems BC-109 manual SR/TLB with Access Filtering Example, Example of a Bit-Swapped Address

Page 47

SR/TLB with Access Filtering Example

Once you have determined the ring number and the bridge number, you can add the source-bridge transparent command to the file, including these two values as parameters for the command. The following partial configuration includes this source-bridge transparent entry:

!

source-bridge ring-group 10 source-bridge transparent 10 3 1 1

!

interface tokenring 0 source-bridge 1 1 10

!

interface tokenring 1 source-bridge 2 1 10

!

interface ethernet 0 bridge-group 1

!

interface ethernet 1 bridge-group 1

!

bridge 1 protocol dec

SR/TLB with Access Filtering Example

In the example shown in Figure 63, you want to connect only a single machine, Host E, on an

Ethernet to a single machine, Host R, on the Token Ring.

Figure 63 Example of a Bit-Swapped Address

Source-route

bridged domain

Token

Ring

Host R

MAC Addr:

0110.1234.5678

 

Transparent

 

bridging domain

 

 

 

 

 

 

Router

Host E

running SR/TLB

MAC Addr:

 

0110.2222.3333

 

 

 

S1110a

You want to allow only these two machines to communicate across the router. Therefore, you might create the following configuration to restrict the access. However, this configuration will not work, as explained in the paragraph following the sample configuration file.

Note For readability, the commands that control bridging are not shown here, just the commands that control the filtering.

interface tokenring 0 access-expression output smac(701)

!

interface ethernet 0

bridge-group 1 input-address-list 701

!

access-list 701 permit 0110.2222.3333

Configuring Source-Route Bridging BC-155

Page 46 Page 48
Image 47
Page 46 Page 48
Contents SRB Configuration Task List Configuring Source-Route BridgingConfigure a Dual-Port Bridge Configure Source-Route BridgingMultiple Dual-Port Bridges Configure a Multiport Bridge Using a Virtual RingNo source-bridge ring-group ring-group Define a Ring Group in SRB ContextSource-bridge ring-group ring-group Source-bridge route-cache cbus Configure SRB over FddiEnable SRB and Assign a Ring Group to an Interface Interface fddi slot/portConfigure SRB over Frame Relay Configure Fast-Switching SRB over FddiEnable the Automatic Spanning-Tree Function Limit the Maximum SRB Hops Enable Use of the RIF Configure Bridging of Routed ProtocolsConfigure the RIF Timeout Interval Configure a Static RIF EntryOverview of SR/TLB Following notes and caveats apply to all uses of SR/TLB No source-bridge transparent ring-group fastswitch Enable Bridging between Transparent Bridging and SRBDisable Fast-Switched SR/TLB Enable Translation Compatibility with IBM 8209 BridgesSource-bridge sap-80d5 dsap Enable Token Ring LLC2-to-Ethernet ConversionEnable 0x80d5 Processing Enable Standard Token Ring LLC2-to-Ethernet LLC2 ConversionConfigure NetBIOS Support Source-bridge proxy-netbios-only Specify Timeout and Enable NetBIOS Name CachingSpecify Dead-Time Intervals for NetBIOS Packets Configure the NetBIOS Cache Name LengthEnable NetBIOS Proxying Create Static Entries in the NetBIOS Name CacheNetbios name-cache recognized-timeout seconds Configure LNM SupportNetbios name-cache query-timeout seconds LNM Linking to a Source-Route Bridge on Each Local Ring LAN Network Manager Monitoring and Translating How a Router Works with LNMDisable LNM Functionality Enable Other LRMs to Change Router Parameters Disable Automatic Report Path Trace FunctionChange Reporting Thresholds Apply a Password to an LNM Reporting LinkEnable LNM Servers Lnm softerr milliseconds Change an LNM Reporting IntervalMonitor LNM Operation Secure the SRB Network Configure NetBIOS Access FiltersConfigure NetBIOS Access Filters Using Station Names Netbios input-access-filter bytes name Configure NetBIOS Access Filters Using a Byte OffsetNetbios access-list host name permit deny pattern Netbios access-list bytes name permit deny offsetFilter Frames by Protocol Type Configure Administrative Filters for Token Ring TrafficNetbios output-access-filter bytes name Filter Destination Addresses Filter Frames by Vendor CodeFilter Source Addresses Access Expression Example Optimize Access Expressions Configure Access ExpressionsTune the SRB Network Alter Access Lists Used in Access ExpressionsEnable or Disable the Source-Route Fast-Switching Cache Optimize Explorer Processing Enable or Disable the SSEEstablish the Connection Timeout Interval Controlling Explorer Storms in Redundant Network Topologies Mac-address ieee-address Configure Proxy ExplorersEstablish SRB Interoperability with TI MAC Firmware Monitor and Maintain the SRB Network Report Spurious Frame-Copied ErrorsSource-bridge tcp-queue-max number SRB Configuration ExamplesBasic SRB with Spanning-Tree Explorers Example Dual-Port Source-Route Bridge ConfigurationSRB-Only Example Optimized Explorer Processing Configuration ExampleMultiport SRB Example SRB and Routing Certain Protocols ExampleSRB with Multiple Virtual Ring Groups Example Configuration for Router aRouter a SRB over Fddi Configuration ExamplesSRB over Fddi Fast-Switching Example Configuration for Router BFrad Using SRB over Frame Relay to Connect to a Cisco Router SRB over Frame Relay Configuration ExampleAdding a Static RIF Cache Entry Example Configuration of Router aConfiguration on Router B Configuration on Router CSR/TLB for a Simple Network Example Adding a Static RIF Cache Entry for a Two-Hop Path ExampleBC-154Bridging and IBM Networking Configuration Guide Example of a Bit-Swapped Address SR/TLB with Access Filtering ExampleSpecifying a Static Entry NetBIOS Support with a Static NetBIOS Cache Entry ExampleLNM for a Simple Network Example Wayfarer# show lnm configLNM for a More Complex Network Example NetBIOS Access Filters Example Filtering Bridged Token Ring Packets to IBM Machines Example Shows a router connecting four Token Rings Following access expression would result Creating Access Filters ExampleFast-Switching Example Access Filters ExampleAutonomous Switching Example
Top Page Image Contents