From: Bill Fallon (bfallon@xxxxxxx)
Date: Wed Nov 08 2000 - 22:32:47 GMT-3
Val and Anyone Else who has mastered DLSW,
Hi--I have run into some confusion with Netbios Name filtering over DLSW.
Here is the basic testbed I created:
PC(Name:
PENTIUM200)--hub----e0[R1]s0----HDLC------s0[R2]e0----hub----PC(Name:
MUSICMAKER)
The only way I can get the net bios name filters to work is to filter the
remote PC NETBIOS NAME on local side of the DLSW connection.
For example: if I just set up a netbios access list on R1 to filter
Pentium200, MUSICMAKER is still able to access it.
However, if I ONLY set up a filter on R2 (Filtering PENTIUM200) then the
traffic is blocked from MUSICMAKER to PENTIUM200; but this does not
prevent PENTIUM200 from accessing MUSICMAKER. Also, PENTIUM200 will still
show up in the reachability list of R2 if you "NETVIEW \\MUSICMAKER" from
PENTIUM200. This does not make any sense to me??? If I just want to block
my local Netbios names from being seen by a remote Router, shouldn't
blocking it on the LOCAL router be the correct way to do it. Can you
explain this to me.....(I GUESS THIS IS WHY IT COULD BE A GREAT TEST
QUESTION ON THE LAB--TRY IT YOURSELF).
here are the 2 configs:
R1#sh run
Building configuration...
Current configuration:
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R1
!
!
ip subnet-zero
!
dlsw local-peer peer-id 1.1.1.1
dlsw remote-peer 0 tcp 2.2.2.2
dlsw bridge-group 1
!
!
interface Loopback0
ip address 1.1.1.1 255.255.255.0
no ip directed-broadcast
!
interface Ethernet0
ip address 10.10.10.1 255.255.255.0
no ip directed-broadcast
bridge-group 1
!
interface Serial0
ip address 2.2.3.1 255.255.255.0
no ip directed-broadcast
no ip mroute-cache
no fair-queue
clockrate 64000
!
interface Serial1
no ip address
no ip directed-broadcast
shutdown
!
router igrp 100
network 1.0.0.0
network 2.0.0.0
!
ip classless
!
!
bridge 1 protocol ieee
!
line con 0
transport input none
line aux 0
line vty 0 4
!
end
R1#
*************************
R2#sh run
Building configuration...
Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R2
!
netbios access-list host TEST deny PENTIUM200
netbios access-list host TEST permit *
!
ip subnet-zero
!
dlsw local-peer peer-id 2.2.2.2
dlsw remote-peer 0 tcp 1.1.1.1 host-netbios-out TEST
dlsw peer-on-demand-defaults host-netbios-out TEST
dlsw bridge-group 1
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.0
no ip directed-broadcast
!
interface Ethernet0
ip address 20.20.20.1 255.255.255.0
no ip directed-broadcast
bridge-group 1
!
interface Serial0
ip address 2.2.3.2 255.255.255.0
no ip directed-broadcast
no ip mroute-cache
no fair-queue
!
interface Serial1
no ip address
no ip directed-broadcast
shutdown
!
router igrp 100
network 2.0.0.0
network 20.0.0.0
!
ip classless
!
!
bridge 1 protocol ieee
!
line con 0
transport input none
line aux 0
line vty 0 4
login
!
end
R2#
-----------------------------------------------------
Click here for Free Video!!
http://www.gohip.com/free_video/
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:25:43 GMT-3