Ipx rip/sap filter precedence, Ipx rip/sap filter precedence -25 – Alcatel Carrier Internetworking Solutions Omni Switch/Router User Manual

Page 813

Advertising
background image

Configuring IPX RIP/SAP Filtering

Page 27-25

As another example, to display a list of all global RIP Input filters, you would enter:

ipxf ri global

A screen similar to the following displays:

Displaying all global RIP INPUT filters:

GP:VL (s/p/vc)

#

Type

Net/Mask

Node/Mask

Svc Md

(Peer ID)

------

------------ ---------------------- -----------------------------------

------ ---- --------------------

3

RIP IN

67/ffffffff

B

global

IPX RIP/SAP Filter Precedence

Whenever you use multiple “allow” filters you must first define a filter to block all RIPs or
SAPs. Then, all of the seceding “allow” filters of the same type must be at least as specific in
all areas in order for the filters to work. Note that filtering precedence is related only to
“allow” filters. Multiple “block” filters can be defined with varying specificity in each of the
areas of the filter. The filtering done by the configurable parameters (Net/Mask, Node/Mask,
Service/Mode) in the “allow” filter must be at least as specific as the filtering defined in the
“block” filter.

As an example, consider a switch that knows of multiple Type 4 SAPs on various networks,
including a network with an address of “40.” The switch also knows of various types of SAPs
on Network 40. For this example, you want to block all SAPs coming from Network 40, but
you want to allow all Type 4 SAPs, including the ones that come from Network 40.

To meet these objectives, you must configure the filters like this:

#

Type

Net/Mask

Node/Mask

Svc

Md GP:VL

------ ------------

---------------------- -------------------------------------------------------

----------

1

SAP IN

40/ffffffff

all nodes

ALL

B

global

2

SAP IN

40/ffffffff

all nodes

4

A

global

The filters shown below will not work for our example because in Filter 2 the type of service
is less specific than the type defined in Filter 1. All Type 4 SAPs will be blocked by the filter.

#

Type

Net/Mask

Node/Mask

Svc

Md GP:VL

------ ------------

---------------------- ---------------------------------------------

------

----

----------

1

SAP IN

All networks

all nodes

4

B

global

2

SAP IN

40/ffffffff

all nodes

ALL

A

global

The following filters will also not work because in Filter 2 the network and netmask are less
specific than the network and netmask defined in Filter 1. All SAPs from Network 40 will be
blocked by the filter.

#

Type

Net/Mask

Node/Mask

Svc

Md GP:VL

------ ------------

---------------------- ---------------------------------------------

------

----

----------

1

SAP IN

40/ffffffff

all nodes

ALL

B

global

2

SAP IN

All networks

all nodes

4

A

global

Advertising
Popular Brands
Popular manuals