[c-nsp] Re: Cisco 7600 vs Juniper M7i
Ian Cox
icox at cisco.com
Thu Jun 2 17:21:21 EDT 2005
At 03:20 PM 6/2/2005 -0400, Phil Rosenthal wrote:
>>The system used for the Miercom test did not have a DFCx installed
>>on it.
>
>Do you know what acl's/firewall filter rules were used on both the
>cisco and juniper in that test?
ip access-list extended IPV4_Test
deny udp host 24.249.249.192 host 180.239.109.86 eq 2267
deny ip host 209.243.28.227 host 49.173.154.114
deny udp host 225.97.152.157 host 153.173.39.103 eq 1127
deny ip host 194.9.57.153 host 49.89.36.122
deny udp host 182.167.96.192 host 161.224.135.44 eq 883
deny ip host 96.23.219.158 host 45.140.106.128
deny udp host 53.180.232.251 host 139.1.169.58 eq 45
deny ip host 128.122.193.110 host 120.241.146.150
deny udp host 245.33.193.162 host 172.214.85.44 eq 4125
... 5k lines ...
permit ip any any
filter IPV4_Test{
term term_1 {
from {
source-address {
190.111.232.241/32;
}
destination-address {
176.55.1.227/32;
}
protocol udp;
destination-port 2752;
}
then {
discard;
}
}
term term_2 {
from {
source-address {
38.221.44.252/32;
}
destination-address {
110.55.151.90/32;
}
}
then {
discard;
}
}
Ian
>Would you mind posting that information?
More information about the cisco-nsp
mailing list