Imran, if you are asked to only allow traffic on vlan 10 that is needed in this lab; then yes you would need to explicitly allow STP , ARP and what other protocols that thy have already told you about or another election will tell you about.
Great question.
Regards,
Joe Sanchez
( please excuse the brevity of this email as it was sent via a mobile device. Please excuse misspelled words or sentence structure.)
On Oct 2, 2012, at 2:18 AM, Imran Ali <immrccie_at_gmail.com> wrote:
> Hi all,
>
> when any task say allow in vlan 10 only traffic required in this lab .
>
> R1-----sw1========sw2------R2
>
> in vacl we need to permit {apart from layer 3 protocols} ARP .
>
> But what about STP , do we need to include stp also ? in valc .
>
> i am not sure how stp for vlan 10 flows when vacl ends with implicit deny
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Tue Oct 02 2012 - 06:58:30 ART
This archive was generated by hypermail 2.2.0 : Thu Nov 01 2012 - 10:53:33 ART