GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
RE: SNA SAP Filter posted 11/23/2003
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


You'll need to permit more than just the one thing...  The first hex
number is the values for the SAP (DSAP/SSAP) field.  The second hex
number is a mask for it.  Think in binary...

That example (all over CCO) is WAY too broad, particularly for
Ethernet-only environments.  But the details of this have been discussed
many times here on groupstudy, so I'd suggest looking through the
archives so I don't sound nearly as long-winded as I typically do on
this subject. :)

Enjoy!

 
Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713,
CISSP, JNCIS, et al.
IPExpert CCIE Program Manager
IPExpert Sr. Technical Instructor
swm@xxxxxxxxxx/smorris@xxxxxxxxxxxx
http://www.ipexpert.net


-----Original Message-----
From: nobody@xxxxxxxxxxxxxx [mailto:nobody@xxxxxxxxxxxxxx] On Behalf Of
Wei Zou (wzou)
Sent: Sunday, November 23, 2003 9:31 AM
To: ccielab@xxxxxxxxxxxxxx
Subject: SNA SAP Filter


Hi :
Could anyone tell me why the syntax to permit all SNA SAP is:

access-list 200 permit 0x0000 0x0D0D
access-list 200 deny   0x0000 0xFFFF

Other than:
access-list 200 permit 0x0D0D 0x0000
access-list 200 deny   0x0000 0xFFFF

I belive 0x0D0D is for SNA SAP.

Thanks
Wei

_______________________________________________________________________
Please help support GroupStudy by purchasing your study materials from:
http://shop.groupstudy.com

Subscription information may be found at: 
http://www.groupstudy.com/list/CCIELab.html