[c-nsp] Strange bug in Catalyst 6500 + SUP720 + ACL
Phil Mayers
p.mayers at imperial.ac.uk
Tue Feb 6 19:58:20 EST 2007
David Prall wrote:
> Correct. User at 1.1.1.1 sends a tcp syn to 10.11.1.1 port 80. (inbound)
Erm... Unless I'm going odd due to lack of sleep, a SYN from 1.1.1.1 to
10.11.1.1 would be OUTBOUND on the config given:
interface vlan 7
ip address 10.11.0.0 255.255.0.0
ip access-group 170 out
Wouldn't it?
Assuming the command is present in your version (upgrade to SXF6 ASAP)
what does this say:
sh tcam interface vl7 acl out ip
More information about the cisco-nsp
mailing list