SR/TLB with Access Filtering Example | Cisco Systems BC-109 specification

SR/TLB with Access Filtering Example

Once you have determined the ring number and the bridge number, you can add the source-bridge transparent command to the file, including these two values as parameters for the command. The following partial configuration includes this source-bridge transparent entry:

!

source-bridge ring-group 10 source-bridge transparent 10 3 1 1

!

interface tokenring 0 source-bridge 1 1 10

!

interface tokenring 1 source-bridge 2 1 10

!

interface ethernet 0 bridge-group 1

!

interface ethernet 1 bridge-group 1

!

bridge 1 protocol dec

SR/TLB with Access Filtering Example

In the example shown in Figure 63, you want to connect only a single machine, Host E, on an

Ethernet to a single machine, Host R, on the Token Ring.

Figure 63 Example of a Bit-Swapped Address

Source-route

bridged domain

Token

Ring

Host R

MAC Addr:

0110.1234.5678

	Transparent
	bridging domain


Router	Host E
running SR/TLB	MAC Addr:
	0110.2222.3333
			S1110a

You want to allow only these two machines to communicate across the router. Therefore, you might create the following configuration to restrict the access. However, this configuration will not work, as explained in the paragraph following the sample configuration file.

Note For readability, the commands that control bridging are not shown here, just the commands that control the filtering.

interface tokenring 0 access-expression output smac(701)

!

interface ethernet 0

bridge-group 1 input-address-list 701

!

access-list 701 permit 0110.2222.3333

Configuring Source-Route Bridging BC-155

Image 47

Cisco Systems BC-109 manual SR/TLB with Access Filtering Example, Example of a Bit-Swapped Address

Contents

SRB Configuration Task List Configuring Source-Route Bridging Configure a Dual-Port Bridge Configure Source-Route Bridging Multiple Dual-Port Bridges Configure a Multiport Bridge Using a Virtual Ring No source-bridge ring-group ring-group Define a Ring Group in SRB ContextSource-bridge ring-group ring-group Source-bridge route-cache cbus Configure SRB over FddiEnable SRB and Assign a Ring Group to an Interface Interface fddi slot/port Configure SRB over Frame Relay Configure Fast-Switching SRB over Fddi Enable the Automatic Spanning-Tree Function Limit the Maximum SRB Hops Enable Use of the RIF Configure Bridging of Routed Protocols Configure the RIF Timeout Interval Configure a Static RIF Entry Overview of SR/TLB Following notes and caveats apply to all uses of SR/TLB No source-bridge transparent ring-group fastswitch Enable Bridging between Transparent Bridging and SRBDisable Fast-Switched SR/TLB Enable Translation Compatibility with IBM 8209 Bridges Source-bridge sap-80d5 dsap Enable Token Ring LLC2-to-Ethernet ConversionEnable 0x80d5 Processing Enable Standard Token Ring LLC2-to-Ethernet LLC2 Conversion Configure NetBIOS Support Source-bridge proxy-netbios-only Specify Timeout and Enable NetBIOS Name Caching Specify Dead-Time Intervals for NetBIOS Packets Configure the NetBIOS Cache Name LengthEnable NetBIOS Proxying Create Static Entries in the NetBIOS Name Cache Netbios name-cache recognized-timeout seconds Configure LNM SupportNetbios name-cache query-timeout seconds LNM Linking to a Source-Route Bridge on Each Local Ring LAN Network Manager Monitoring and Translating How a Router Works with LNM Disable LNM Functionality Enable Other LRMs to Change Router Parameters Disable Automatic Report Path Trace Function Change Reporting Thresholds Apply a Password to an LNM Reporting LinkEnable LNM Servers Lnm softerr milliseconds Change an LNM Reporting IntervalMonitor LNM Operation Secure the SRB Network Configure NetBIOS Access FiltersConfigure NetBIOS Access Filters Using Station Names Netbios input-access-filter bytes name Configure NetBIOS Access Filters Using a Byte OffsetNetbios access-list host name permit deny pattern Netbios access-list bytes name permit deny offset Filter Frames by Protocol Type Configure Administrative Filters for Token Ring TrafficNetbios output-access-filter bytes name Filter Destination Addresses Filter Frames by Vendor CodeFilter Source Addresses Access Expression Example Optimize Access Expressions Configure Access Expressions Tune the SRB Network Alter Access Lists Used in Access Expressions Enable or Disable the Source-Route Fast-Switching Cache Optimize Explorer Processing Enable or Disable the SSEEstablish the Connection Timeout Interval Controlling Explorer Storms in Redundant Network Topologies Mac-address ieee-address Configure Proxy ExplorersEstablish SRB Interoperability with TI MAC Firmware Monitor and Maintain the SRB Network Report Spurious Frame-Copied Errors Source-bridge tcp-queue-max number SRB Configuration Examples Basic SRB with Spanning-Tree Explorers Example Dual-Port Source-Route Bridge Configuration SRB-Only Example Optimized Explorer Processing Configuration Example Multiport SRB Example SRB and Routing Certain Protocols Example SRB with Multiple Virtual Ring Groups Example Configuration for Router a Router a SRB over Fddi Configuration ExamplesSRB over Fddi Fast-Switching Example Configuration for Router B Frad Using SRB over Frame Relay to Connect to a Cisco Router SRB over Frame Relay Configuration Example Adding a Static RIF Cache Entry Example Configuration of Router aConfiguration on Router B Configuration on Router C SR/TLB for a Simple Network Example Adding a Static RIF Cache Entry for a Two-Hop Path Example BC-154Bridging and IBM Networking Configuration Guide Example of a Bit-Swapped Address SR/TLB with Access Filtering Example Specifying a Static Entry NetBIOS Support with a Static NetBIOS Cache Entry Example LNM for a Simple Network Example Wayfarer# show lnm config LNM for a More Complex Network Example NetBIOS Access Filters Example Filtering Bridged Token Ring Packets to IBM Machines Example Shows a router connecting four Token Rings Following access expression would result Creating Access Filters Example Fast-Switching Example Access Filters Example Autonomous Switching Example