[c-nsp] Blocking IS-IS traffic
Rubens Kuhl Jr.
rubensk at gmail.com
Fri Jan 18 09:28:55 EST 2008
IS-IS is carried by OSI, not IP; you should try finding the ethertype
it's using (maybe 00FE or FEFE) and use a MAC ACL to filter the OSI
traffic.
Converting to an IP routerport without IS-IS attached would achieve
better isolation, is it possible on this scenario ? We strongly prefer
to use routerports on connections to customers/peers/upstreams, and
even there we filter IP multicast traffic.
Rubens
On Jan 18, 2008 9:39 AM, Ulysses Maciel da Costa
<ulysses.costa at egs.com.br> wrote:
> Hi,
>
>
> I have a vlan in my router's switchport, and I receive a link from other
> company. Last week my network goes down. I analyze my network and saw a lot
> of IS-IS packets. By the way, my routes inside this vlan are static. I've
> tried to create an ACL inside my vlan to block these IS-IS packets attached
> with his ports(2042,2043), without success.
>
>
>
> Someone could help me to do an efficient ACL to block this traffic?
>
>
>
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list