At the interface level, OSPF packets should be dropped while EIGRP/RIP should be allowed as they have TTL of 2.
With regards Kings On Thu, Mar 8, 2012 at 6:48 AM, Eugene Pefti <[email protected]> wrote: > Hi Kings, > Just out of curiosity do you expect only OSPF packets to be allowed at the > interface and CP ? > I never knew TTL value of routing protocols packets but if for EIGRP and > RIP they equal 2 than your ACL will drop them, won't it? > OSPF is the only one that should be allowed. > > Eugene > > On 3/5/12 2:33 AM, "Kingsley Charles" <[email protected]> wrote: > >>Hi all >> >>I am observing an interesting behavior. The IGP routing protocols are >>sent with the following TTL set: >> >>EIGRP - 2 >> >>RIP - 2 >> >>OSPF - 1 >> >>I am applying the following policy map to four locations >> >>ip access-list extended ttl >> >>permit ip any any ttl eq 1 >>class-map match-all igp >>match access-group name ttl >> >> policy-map ttl >>class ttl >> drop >> >> >> >>Control Plane >>========== >> >>EIGRP, OSPF and RIP goes down >> >> >> >>Control Plane Cef Exceptipn >>===================== >> >>OSPF does down. >> >> >> >>Control Plane Host >>============== >> >> RIP and EIGRP goes down >> >> >> >>Ingress Interface >>============ >> >> EIGRP, OSPF and RIP goes down >> >> >> >> >>So why RIP and EIGRP packets with ttl of 2 get dropped at the Ingress >>interface and Aggregate Control Plane? >> >> >> >>Thought please? >>_______________________________________________ >>For more information regarding industry leading CCIE Lab training, please >>visit www.ipexpert.com >> >>Are you a CCNP or CCIE and looking for a job? Check out >>www.PlatinumPlacement.com > _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
