[c-nsp] Weird rACL entry - interface to interface OSPF packets
Michael K. Smith - Adhost
mksmith at adhost.com
Thu Nov 9 11:20:53 EST 2006
Hello All:
We've been running rACL's for about 3 weeks with no issues. This
morning, we started seeing blocks of OSPF messages going directly from
one directly connected SRP interface to another. Our original rACL
entries permitted OSPF traffic to and from 224.0.0.5 and .6 and that has
been in place since the beginning.
Can anyone shed light on why there would be interface to interface OSPF
communication not going to the well-known multicast addresses? Is this
to be expected or do I have configuration issues? I've included log and
config snippets below.
Regards,
Mike
Log entry:
Nov 9 07:17:29 <router loopback ip> 232152: SLOT 5:081758: Nov 9
07:17:29.915 PST: %SEC-6-IPACCESSLOGRP: list 2000 denied ospf <incoming
srp ip> -> <local srp ip>, 23 packets
interface SRP5/0
description A-side to sea-bdr1, B-side from sea-cor1
ip address <local srp ip>
no ip directed-broadcast
ip ospf network broadcast
ip ospf priority 2
srp clock-source line b
More information about the cisco-nsp
mailing list