Cisco Systems BC-109 manual Filtering Bridged Token Ring Packets to IBM Machines Example

Page 52

SRB Configuration Examples

Access lists are scanned in order. In the following example, the first list denies all entries beginning with the letters ABC, including one named ABCD. This voids the second command, because the entry permitting a name with ABCD comes after the entry denying it.

netbios access-list host marketing deny ABC* netbios access-list host marketing permit ABCD

Filtering Bridged Token Ring Packets to IBM Machines Example

The example in Figure 67 disallows the bridging of Token Ring packets to all IBM workstations on Token Ring 1.

Figure 67 Router Filtering Bridged Token Ring Packets to IBM Machines

T2

Token Ring 2

3174

 

3174

 

 

 

 

Token

 

 

 

 

 

 

 

 

 

 

 

T1

Ring 1

 

 

 

 

 

 

 

 

 

 

 

 

 

 

3174

 

 

 

 

 

 

 

S1276a

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

This example assumes that all hosts on Token Ring 1 have Token Ring addresses with the vendor code 1000.5A00.0000. The first line of the access list denies access to all IBM workstations, while the second line permits everything else. The access list is assigned to the input side of Token Ring 1.

! deny access to all

IBM workstations

 

access-list 700

deny

1000.5A00.0000

8000.00FF.FFFF

! permit all other traffic

 

access-list 700

permit 0000.0000.0000

FFFF.FFFF.FFFF

!

 

 

 

interface token

ring

1

 

!apply access list 700 to the input side of Token Ring 1 source-bridge input-address-list 700

BC-160Bridging and IBM Networking Configuration Guide

Page 51 Page 53
Image 52
Page 51 Page 53
Contents Configuring Source-Route Bridging SRB Configuration Task ListConfigure Source-Route Bridging Configure a Dual-Port BridgeConfigure a Multiport Bridge Using a Virtual Ring Multiple Dual-Port BridgesSource-bridge ring-group ring-group Define a Ring Group in SRB ContextNo source-bridge ring-group ring-group Configure SRB over Fddi Enable SRB and Assign a Ring Group to an InterfaceInterface fddi slot/port Source-bridge route-cache cbusConfigure Fast-Switching SRB over Fddi Configure SRB over Frame RelayEnable the Automatic Spanning-Tree Function Limit the Maximum SRB Hops Configure Bridging of Routed Protocols Enable Use of the RIFConfigure a Static RIF Entry Configure the RIF Timeout IntervalOverview of SR/TLB Following notes and caveats apply to all uses of SR/TLB Enable Bridging between Transparent Bridging and SRB Disable Fast-Switched SR/TLBEnable Translation Compatibility with IBM 8209 Bridges No source-bridge transparent ring-group fastswitchEnable Token Ring LLC2-to-Ethernet Conversion Enable 0x80d5 ProcessingEnable Standard Token Ring LLC2-to-Ethernet LLC2 Conversion Source-bridge sap-80d5 dsapConfigure NetBIOS Support Specify Timeout and Enable NetBIOS Name Caching Source-bridge proxy-netbios-onlyConfigure the NetBIOS Cache Name Length Enable NetBIOS ProxyingCreate Static Entries in the NetBIOS Name Cache Specify Dead-Time Intervals for NetBIOS PacketsNetbios name-cache query-timeout seconds Configure LNM SupportNetbios name-cache recognized-timeout seconds LNM Linking to a Source-Route Bridge on Each Local Ring How a Router Works with LNM LAN Network Manager Monitoring and TranslatingDisable LNM Functionality Disable Automatic Report Path Trace Function Enable Other LRMs to Change Router ParametersEnable LNM Servers Apply a Password to an LNM Reporting LinkChange Reporting Thresholds Monitor LNM Operation Change an LNM Reporting IntervalLnm softerr milliseconds Configure NetBIOS Access Filters Using Station Names Configure NetBIOS Access FiltersSecure the SRB Network Configure NetBIOS Access Filters Using a Byte Offset Netbios access-list host name permit deny patternNetbios access-list bytes name permit deny offset Netbios input-access-filter bytes nameNetbios output-access-filter bytes name Configure Administrative Filters for Token Ring TrafficFilter Frames by Protocol Type Filter Source Addresses Filter Frames by Vendor CodeFilter Destination Addresses Access Expression Example Configure Access Expressions Optimize Access ExpressionsAlter Access Lists Used in Access Expressions Tune the SRB NetworkEnable or Disable the Source-Route Fast-Switching Cache Establish the Connection Timeout Interval Enable or Disable the SSEOptimize Explorer Processing Controlling Explorer Storms in Redundant Network Topologies Establish SRB Interoperability with TI MAC Firmware Configure Proxy ExplorersMac-address ieee-address Report Spurious Frame-Copied Errors Monitor and Maintain the SRB NetworkSRB Configuration Examples Source-bridge tcp-queue-max numberDual-Port Source-Route Bridge Configuration Basic SRB with Spanning-Tree Explorers ExampleOptimized Explorer Processing Configuration Example SRB-Only ExampleSRB and Routing Certain Protocols Example Multiport SRB ExampleConfiguration for Router a SRB with Multiple Virtual Ring Groups ExampleSRB over Fddi Configuration Examples SRB over Fddi Fast-Switching ExampleConfiguration for Router B Router aSRB over Frame Relay Configuration Example Frad Using SRB over Frame Relay to Connect to a Cisco RouterConfiguration of Router a Configuration on Router BConfiguration on Router C Adding a Static RIF Cache Entry ExampleAdding a Static RIF Cache Entry for a Two-Hop Path Example SR/TLB for a Simple Network ExampleBC-154Bridging and IBM Networking Configuration Guide SR/TLB with Access Filtering Example Example of a Bit-Swapped AddressNetBIOS Support with a Static NetBIOS Cache Entry Example Specifying a Static EntryWayfarer# show lnm config LNM for a Simple Network ExampleLNM for a More Complex Network Example NetBIOS Access Filters Example Filtering Bridged Token Ring Packets to IBM Machines Example Shows a router connecting four Token Rings Creating Access Filters Example Following access expression would resultAccess Filters Example Fast-Switching ExampleAutonomous Switching Example
Top Page Image Contents