[Search for users] [Overall Top Noters] [List of all Conferences] [Download this site]

Conference irocz::common_brouters

Title:Digital Brouters Conference
Notice:New common-code brouter family: RouteAbout, DECswitch 900
Moderator:MARVIN::HARTLL
Created:Mon Jul 17 1995
Last Modified:Fri Jun 06 1997
Last Successful Update:Fri Jun 06 1997
Number of topics:929
Total number of notes:3736

720.0. "IP filter bug?" by TKOVOA::NAKANO_K (Koichi Nakano/NPB/Japan) Fri Jan 17 1997 06:34

T.RTitleUserPersonal
Name		DateLines
720.1MARVIN::HARTTony Hart, InterNetworking Prod. Eng. GroupFri Jan 31 1997 12:4014
Koichi,
	When you issue the "add filter" command you should see something like
the following in the routing table (IP> DUMP)

Fltr   10.0.0.0         FF000000   0        0     filter
Fltr   10.0.1.0         FFFFFF00   0        0     filter

	Is this the case ?

	Are you saying that the router still forwards to these networks ?  If
so turn on IP events and take a look at the T 2 process and see if there are
any relevent events.

Tony
720.2TKOVOA::NAKANO_KKoichi Nakano/NPB/JapanSat Feb 01 1997 23:3452
Hi Tony, Thank you for your reply.

>	When you issue the "add filter" command you should see something like
>the following in the routing table (IP> DUMP)

>Fltr   10.0.0.0         FF000000   0        0     filter
>Fltr   10.0.1.0         FFFFFF00   0        0     filter

>	Is this the case ?

I check the routing table, no such the case. I can understand why it is, 
however.

	IP config>list add
	IP addresses for each interface:
	   intf  0   10.1.1.3         255.255.255.0    Network broadcast,    fill 1
	   intf  1   10.0.4.1         255.255.255.0    Network broadcast,    fill 1
	   intf  2                                     IP disabled on this interface
	   intf  3                                     IP disabled on this interface
	Router-ID: 10.1.1.3
	IP config>list filter

	Filter address 10.0.4.0, 255.255.255.0
	Filter address 10.0.0.0, 255.0.0.0

	IP config>
	*t 5


	CGW Operator Console

	+pro ip
	IP>dump

	Type   Dest net         Mask       Cost     Age   Next hop(s)

	Fltr   10.0.0.0         FF000000   0        0     filter
	 Dir*  10.0.4.0         FFFFFF00   1        0     PPP/0
	 Dir*  10.1.1.0         FFFFFF00   1        0     Eth/0
	 RIP   10.1.2.0         FFFFFF00   2        0     10.1.1.2
	 RIP   10.1.5.0         FFFFFF00   2        0     10.0.4.2
	 RIP   16.0.0.0         FF000000   2        20    10.1.1.1

	Routing table size: 768 nets (61440 bytes), 6 nets known

I can understand "add filter" command can not take effect to local 
network/subnetwork address. Add filter command can not 
overwrite "Dir*" records. And I think it is natural behavior.


Koichi
720.3MARVIN::HARTTony Hart, InterNetworking Prod. Eng. GroupMon Feb 03 1997 09:036
Ahh...
I missed the fact that you'd assigned a filer to the same subnet as one of the
interfaces.  You're right, the filter route will not override the Dir route.

Tony