Hi Summit, the next protocol field is used to identify the next layer. If we want to match an IP-in-IP packet we would use next ip.
There is a good post here (Its from another vendor but its okay) http://blog.ine.com/2009/06/14/understanding-flexible-packet-matching/ HTH, On 5/12/10, Sumit Mahla <[email protected]> wrote: > > Hello All, > > > > > > > > i have a small confusion.... > > > > when we use below mentioned command in FPM.... > > > > class-map type stack match-all FRAGMENT > > match field ip protocol eq 0x1 next icmp > > > > > > > > sometimes we use next icmp and some time we use next ip. i know next icmp > means that we are going to check fragmented packet for icmp protocol.... if > we are checking fragmented packet for tcp then we would use next tcp.... > > > > but is there a specific reason to use next ip ? > > > > > > > > Regards > > > > > > > > _________________________________________________________________ > Catch the latest in the world of fashion > http://lifestyle.in.msn.com/ -- Best Regards, Tolulope. _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
