Cisco Systems 15454 13.5 External Firewalls

13-25

Cisco ONS 15454 Reference Manual, R7.0

78-17191-01

Chapter 13 Management Network Connectivity

13.5 13.5 External Firewalls

Entry 1 shows the following:

• Destination (0.0.0.0) is the default route entry. All undefined destination network or host entries on

this routing table are mapped to the default route entry.

• Mask (0.0.0.0) is always 0 for the default route.

• Gateway (172.20.214.1) is the default gateway address. All outbound traffic that cannot be found in

this routing table or is not on the node’s local subnet is sent to this gateway.

• Interface (motfcc0) indicates that the ONS 15454 Ethernet interface is used to reach the gateway.

Entry 2 shows the following:

• Destination (172.20.214.0) is the destination network IP address.

• Mask (255.255.255.0) is a 24-bit mask, meaning all addresses within the 172.20.214.0 subnet can

be destinations.

• Gateway (172.20.214.92) is the gateway address. All outbound traffic belonging to this network is

sent to this gateway.

• Interface (motfcc0) indicates that the ONS 15454 Ethernet interface is used to reach the gateway.

Entry 3 shows the following:

• Destination (172.20.214.92) is the destination host IP address.

• Mask (255.255.255.255) is a 32 bit mask, meaning that only the 172.20.214.92 address is a

destination.

• Gateway (127.0.0.1) is a loopback address. The host directs network traffic to itself using this

address.

• Interface (lo0) indicates that the local loopback interface is used to reach the gateway.

Entry 4 shows the following:

• Destination (172.20.214.93) is the destination host IP address.

• Mask (255.255.255.255) is a 32 bit mask, meaning that only the 172.20.214.93 address is a

destination.

• Gateway (0.0.0.0) means the destination host is directly attached to the node.

• Interface (pdcc0) indicates that a DCC interface is used to reach the destination host.

Entry 5 shows a DCC-connected node that is accessible through a node that is not directly connected:

• Destination (172.20.214.94) is the destination host IP address.

• Mask (255.255.255.255) is a 32-bit mask, meaning that only the 172.20.214.94 address is a

destination.

• Gateway (172.20.214.93) indicates that the destination host is accessed through a node with IP

address 172.20.214.93.

• Interface (pdcc0) indicates that a DCC interface is used to reach the gateway.

13.5 External Firewalls

This section provides sample access control lists (ACLs) for external firewalls. Table 13-9 lists the ports

that are used by the TCC2/TCC2P card.