[c-nsp] router packets & outbound acl
Richard Gallagher
rgallagh at cisco.com
Wed Oct 24 23:09:49 EDT 2007
IP local policy route will stop the pings:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/cs/
csprtn1/csindep.htm#xtocid273467
On 20/10/2007, at 7:39 AM, Ian Dickinson wrote:
> Oliver Boehmer (oboehmer) wrote:
>> *any* self-originated packet (for example a ping or telnet or routing
>> protocol packet sent by the router) is not subject to outbound ACL
>> checking.
>> I guess the reasoning goes along the line: If you don't want to ping
>> outside the router, then don't ping ;-)
>
> AFAIK the only way to achieve something similar to this (should it be
> required) would be to apply an outbound service-policy to the
> control-plane,
> but you won't get to match on the output interface here, only on
> packet
> header/content stuff - so it's not a direct equivalent really.
> --
> Ian Dickinson
> Senior Network Development Engineer
> Pipex Communications
> ian.dickinson at pipex.net
> http://www.pipex.net
>
> This e-mail is subject to: http://www.pipex.net/disclaimer.html
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list