Hi,
(I CC: my reply to the list, as I hope it spurs further ideas)
On Sun, Jun 02, 2002 at 04:58:12PM -0500, Andy Walden wrote:
> The only thing I have ever seen that can apply an L3 ACL to L2 traffic is
> a Riverstone doing L4 bridging. As far as I know, no other vendor's
> standard switch has this capability.
I wouldn't mind doing it on the router :) - but the router can only do L3
filtering, which isn't helpful here either.
> I'm not clear what else is on the subnet, but could you put in a /32 or
> /30 route and turn on RPF which should throw away all the packes that
> didn't adhere to the route?
It's a /24 network, and the machine in question is generating packets
with seemingly random source IPs out of the /24. It's not arping for
them, so it isn't actually interfering with the operation of other
machines in that network (it's even generating packets that seem to be
coming from the router...!) but it's spewing garbage, which I want to
stop.
Unicast RPF blocked the packets that came in with the router's own IP
as a source IP, which is what brought me onto the right track.
Hmmm.
It might be possible to isolate the machine into its own /30, though -
give it its own vlan, and have the router proxy-arp to simulate its
existance on the corresponding "other" vlan. Ugly, but certainly worth
a try. Hmmm. As things happen, the machine has the IP address
<network>.7 - this is going to be tricky...
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert@greenie.muc.de
fax: +49-89-35655025 gert.doering@physik.tu-muenchen.de
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:11:58 EDT