Cisco Systems BC-23 manual Filtering by Protocol Type, BC-48

Page 26

Configuring Transparent Bridging

Transparent and SRT Bridging Configuration Task List

Command

Purpose

 

 

bridge-group bridge-groupinput-address-list

Assigns an access list to an interface for filtering by MAC source

access-list-number

addresses.

 

 

bridge-group bridge-group

Assigns an access list to an interface for filtering by the MAC

output-address-list access-list-number

destination addresses.

 

 

Filtering by Protocol Type

You can filter by protocol type by using the access-list mechanism and specifying a protocol type code. To filter by protocol type, perform the first task and one or more of the other tasks that follow:

Establish a protocol type access list

Filter Ethernet- and SNAP-encapsulated packets on input

Filter Ethernet- and SNAP-encapsulated packets on output

Filter IEEE 802.2-encapsulated packets on input

Filter IEEE 802.2-encapsulated packets on output

Note It is a good idea to have both input and output type code filtering on different interfaces.

The order in which you enter access-listcommands affects the order in which the access conditions are checked. Each condition is tested in succession. A matching condition is then used to execute a permit or deny decision. If no conditions match, a “deny” decision is reached.

Note Protocol type access lists can have an impact on system performance; therefore, keep the lists as short as possible and use wildcard bit masks whenever possible.

Access lists for Ethernet- and IEEE 802.2-encapsulated packets affect only bridging functions. It is not possible to use such access lists to block frames with protocols that are being routed.

You can establish protocol type access lists. Specify either an Ethernet type code for Ethernet-encapsulated packets or a DSAP/SSAP pair for 802.3 or 802.5-encapsulated packets. Ethernet type codes are listed in the “Ethernet Type Codes” appendix of the Cisco IOS Bridging and IBM Networking Command Reference, Volume I.

To establish protocol type access lists, use the following command in global configuration mode:

Command

Purpose

 

 

access-list access-list-number{permit

Prepares access control information for filtering frames by protocol

deny} type-code wild-mask

type.

 

 

You can filter Ethernet- and SNAP-encapsulated packets on input. For SNAP-encapsulated frames, the access list you create is applied against the two-byte TYPE field given after the DSAP/SSAP/OUI fields in the frame. The access list is applied to all Ethernet and SNAP frames received on that interface prior to the bridge learning process. SNAP frames also must pass any applicable IEEE 802.2 DSAP/SSAP access lists.

You can also filter Ethernet- and SNAP-encapsulated packets on output. The access list you create is applied just before sending out a frame to an interface.

Cisco IOS Bridging and IBM Networking Configuration Guide

BC-48

Page 25 Page 27
Image 26
Page 25 Page 27
Contents Transparent and SRT Bridging BC-23BC-24 Transparent Bridging FeaturesIntegrated Routing and Bridging Bridge-Group Virtual Interface BC-25BC-26 Bridge-Group Virtual Interface in the RouterBC-27 SRT Bridging FeaturesOther Considerations Transparent and SRT Bridging Configuration Task List BC-28As Ieee 802.1D standard, DEC or Vlan bridge Configuring Transparent Bridging and SRT BridgingAssigning Each Network Interface to a Bridge Group BC-29Choosing the OUI for Ethernet Type II Frames Command PurposeTransparently Bridged VLANs for ISL BC-30BC-31 Transparently Bridged VLANs on an Fddi BackboneRouting between ISL VLANs BC-32Same bridge group Specifies a subinterfaceSubinterface with the Vlan BC-33Configuring Fast-Switched Transparent Bridging over ATM Configuring a Subscriber Bridge GroupConfiguring Transparent Bridging over WANs BC-34Defining the Protocols to Bridge Configuring Transparent Bridging over DDRCommand Specifying the Bridging ProtocolConfiguring an Interface for Bridging Configuring Transparent Bridging over Frame RelayDetermining Access for Bridging Fast-Switched Transparent BridgingBridging in a Frame Relay Network with Multicasts Configuring Transparent Bridging over Multiprotocol LapbBridging in a Frame Relay Network with No Multicasts BC-37Specifies IP-to-X.121 mapping Configuring Transparent Bridging over SmdsConfiguring Transparent Bridging over BC-38Specifies a protocol to be routed on a bridge group Configuring Concurrent Routing and BridgingConfiguring Integrated Routing and Bridging BC-39Enabling Integrated Routing and Bridging Configuring InterfacesConfiguring the Bridge-Group Virtual Interface BC-40Configuring Protocols for Routing or Bridging BC-41BC-42 Configuring Transparent Bridging OptionsDisabling IP Routing BC-43 Configuring LAT CompressionEnabling Autonomous Bridging BC-44 Establishing Multiple Spanning-Tree DomainsEstablishes a multiple spanning-tree domain Forwarding Multicast Addresses Configuring Bridge Table Aging TimeFiltering Transparently Bridged Packets BC-45Setting Filters at the MAC Layer BC-46Ethernet-ordered MAC address Filters particular MAC-layer station addressesFiltering by Vendor Code BC-47BC-48 Filtering by Protocol TypeType Interface Defining and Applying Extended Access ListsConfiguration mode BC-49BC-50 BC-51 Filtering LAT Service AnnouncementsEnabling LAT Group Code Service Filtering Adjusting Spanning-Tree Parameters BC-52Adjusting Bpdu Intervals Setting the Bridge PrioritySetting an Interface Priority Assigning Path CostsDisabling the Spanning Tree on an Interface Adjusting the Interval between Hello BPDUsDefining the Forward Delay Interval Defining the Maximum Idle IntervalBC-55 Configuring the PA-12E/2FE Port Adapter BC-56Monitoring and Maintaining the PA-12E/2FE Port Adapter BC-57BC-58 BC-59 Configuring Circuit Groups BC-60Distributes base load on the source MAC address only Configuring Constrained Multicast FloodingConfigures a transmission pause interval BC-61BC-62 Basic Bridging Example BC-63Concurrent Routing and Bridging Example BC-64Basic Integrated Routing and Bridging Example BC-65Complex Integrated Routing and Bridging Example BC-66Transparently Bridged VLANs Configuration Example BC-67BC-68 Router OneRouter Two Router Three BC-69BC-70 Routing between VLANs Configuration ExampleEthernet-to-FDDI Transparent Bridging Example BC-71 Ethernet Bridging ExampleRouter/Bridge in Building SRT Bridging Example BC-72Multicast or Broadcast Packets Bridging Example Configuration for the New York City RouterConfiguration for the Thule, Greenland Router BC-73BC-74 Configuration for BridgeTransparent Bridging Example BC-75 Frame Relay Transparent Bridging ExamplesBridging in a Frame Relay Network with No Multicasts BC-76 Transparent Bridging over Multiprotocol Lapb ExampleBridging in a Frame Relay Network with Multicasts Transparent Bridging over DDR Examples BC-77BC-78 Fast-Switched Transparent Bridging over Smds ExampleComplex Transparent Bridging Network Topology Example BC-79 Bridged Subnetworks with DomainsConfiguration for Router a BC-80Configuration for Router D Configuration for Router BConfiguration for Router C BC-81BC-82 Fast Ethernet Subscriber Port, Frame Relay Trunk ExampleATM Subscriber Ports, ATM Trunk Example BC-83 Configuration of IRB for PA-12E/2FE Port Adapter Example BC-84

BC-23 specifications

Cisco Systems has long been a leader in the networking industry, and its BC-23 model exemplifies the company's commitment to innovation and performance. Aimed at enhancing business operations, the BC-23 is tailored for organizations looking for robust solutions that support their digital transformation efforts.

One of the standout features of the Cisco BC-23 is its advanced networking capabilities. It supports high-speed data transmission, enabling seamless communication across networks. With multi-gigabit Ethernet ports, the BC-23 facilitates faster data rates, accommodating the increasing bandwidth demands of modern applications. This feature is particularly beneficial for businesses that rely heavily on cloud services, video conferencing, and data-heavy applications.

Security is a top priority, and the Cisco BC-23 incorporates cutting-edge security measures. Integrated threat detection and prevention systems help safeguard sensitive data from cyber threats. Additionally, the device supports secure access protocols, ensuring that only authorized users can connect to the network. This multi-layered security approach not only protects the network infrastructure but also secures the integrity of the data being transmitted.

Another significant characteristic of the BC-23 is its support for software-defined networking (SDN). This technology allows businesses to manage their networks through centralized software applications, facilitating real-time adjustments and optimizations. The flexibility afforded by SDN is especially advantageous in dynamic environments where network demands can shift rapidly.

The Cisco BC-23 also offers enhanced management features, allowing IT teams to monitor network performance and analytics effectively. This visibility into network operations enables organizations to identify potential issues before they escalate, minimizing downtime and keeping business processes smooth.

Furthermore, the BC-23 is designed for scalability. As organizations grow, their networking needs evolve, and the BC-23 can easily adapt to these changes. Businesses can add additional devices and capabilities without the need for a complete overhaul of their existing infrastructure.

With its combination of speed, security, and scalability, the Cisco Systems BC-23 is an invaluable asset for modern businesses. It stands out not just as a networking device but as a comprehensive solution that meets the demands of today's fast-paced, technology-driven environment. As companies continue to leverage digital tools for growth and efficiency, the BC-23 will undoubtedly play a significant role in their success.
Top Page Image Contents