[c-nsp] IP Options Drop
Robert Williams
Robert at CustodianDC.com
Sat Apr 19 03:27:17 EDT 2014
Hi - thanks for that, sounds like it might be the case then. It's a 720-3BXL and the lab cards are 6748-GE-TX, while the production ones are a mixture of 6748 and 6704/6708.
Do you know where I can find any documentation which might indicate which cards support IP options in an ACL?
Cheers!
Robert Williams
Custodian Data Centre
Email: Robert at CustodianDC.com
http://www.CustodianDC.com
-----Original Message-----
From: cisco-nsp [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Dobbins, Roland
Sent: 18 April 2014 19:46
To: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] IP Options Drop
On Apr 18, 2014, at 11:40 PM, Robert Williams <Robert at CustodianDC.com> wrote:
> The lab kit is running 15.1(2)SY1 in the tests shown above.
What Sup/linecards?
Are you sure your Sup/linecards support evaluating options as a classifier? If they don't, then even though the options keyword shows up in the ACL, it's just textual, and you're actually doing a deny ip any any.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
Luck is the residue of opportunity and design.
-- John Milton
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list