13-25
Cisco ONS 15454 Reference Manual, R8.5.x
78-18106-01
Chapter 13 Management Network Connectivity
13.4 External Firewalls
Mask (255.255.255.255) is a 32 bit mask, meaning that only t he 172.20.214.92 address is a
destination.
Gateway (127.0.0.1) is a loopback address. The host directs network traffic to itself using this
address.
Interface (lo0) indicates that the local loopback interface is used to reach the gateway.
Entry 4 shows the following:
Destination (172.20.214.93) is the destination host IP address.
Mask (255.255.255.255) is a 32 bit mask, meaning that only t he 172.20.214.93 address is a
destination.
Gateway (0.0.0.0) means the destination host is directly attached to the node.
Interface (pdcc0) indicates that a DCC interface is used to reach the destination host.
Entry 5 shows a DCC-connected node that is accessible through a node that is not directly connect ed:
Destination (172.20.214.94) is the destination host IP address.
Mask (255.255.255.255) is a 32-bit mask, meaning that only the 172.20.214.94 address is a
destination.
Gateway (172.20.214.93) indicates that the destination host is ac cessed through a node with IP
address 172.20.214.93.
Interface (pdcc0) indicates that a DCC interface is used to reach the gateway.
13.4 External Firewalls
This section provides sample access control lists (ACLs) for external firewalls. Table 13-6 lists the ports
that are used by the TCC2/TCC2P card.
Table 13-6 Ports Used by the TCC2/TCC2P
Port Function Action1
0Never used D
20 FTP D
21 FTP control D
22 SSH (Secure Shell) D
23 Telnet D
80 HTTP D
111 SUNRPC (Sun Remote Procedure Call) NA
161 SNMP traps destinations D
162 SNMP traps destinations D
513 rlogin D
683 CORBA IIOP2OK
1080 Proxy server (socks) D
2001-2017 I/O card Telnet D
2018 DCC processor on active TCC2/TCC2P D