Re: trace question?

From: Gary Blankenship (blankenshipgc@xxxxxxxxxxxxxxx)
Date: Sun Apr 09 2000 - 18:25:58 GMT-3

• Next message: Bob Reed: "Re: Problem with snapshot routing."
• Previous message: Michael Needham: "IP Precedence not working..."
• Maybe in reply to: zheng jiang gu: "trace question?"
• Next in thread: zheng jiang gu: "Re: trace question?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Actually, here is the correct ACL (with comments):

! Permits messages from intermediate nodes in the path
access-list 101 permit icmp any any ttl-exceeded
! Microsoft tracert uses echo. Permit response from final destination.
access-list 101 permit icmp any any echo-reply
! Cisco traceroute uses high end UDP ports (default 33434). Permits
response from final destination.
access-list 101 permit icmp any any port-unreachable

Gary
----- Original Message -----
From: "Chad Marsh" <chad@wa.net>
To: "zheng jiang gu" <zjgu@ce-air.com>
Cc: "ccielab" <ccielab@groupstudy.com>
Sent: Monday, April 10, 2000 2:29 AM
Subject: Re: trace question?

> access-list 101 permit icmp any any ttl-exceeded
>
>
> Chad Marsh
>
>
> > zheng jiang gu wrote:
> >
> > Can anyone tell me how to make a access-list to permit only trace
> > message ?

• Next message: Bob Reed: "Re: Problem with snapshot routing."
• Previous message: Michael Needham: "IP Precedence not working..."
• Maybe in reply to: zheng jiang gu: "trace question?"
• Next in thread: zheng jiang gu: "Re: trace question?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:23:13 GMT-3