FPM always starts it scan from l3 which will mostly IP. Now, if we can to start from Ethernet, then we should be "stack start l2-start".
"match layer" should be informing which layer it should look for. Since two IP headers are there. We tell for layer 2 IP header look for prot eq 4 and layer 3 IP header look for prot eq IP. Layer 1 should be Ethernet. With regards Kings On Tue, Jun 19, 2012 at 3:58 AM, Mike Rojas <[email protected]> wrote: > This is a question in regards IP to IP tunnel matching on FPM. > > class-map type stack match-all STACK > stack start l2-start > match field ETHER type eq 0x800 next IP > match layer 2 IP protocol eq 4 next IP > match layer 3 IP protocol eq 6 next TCP > > > First, what is the difference between the last line and "match field IP > protocol eq 6 next TCP" > > And second, where in that specific stack we are saying that we will see an > IP header and then another one? I was first believing that when we do > something like "match field ETHER type eq 0x800 next IP" and then we say > "match layer 3 IP protocol eq 6 next TCP" we will be saying match IP header > twice, but I see this "match layer 2 IP protocol eq 4 next IP" and that is > where I get lost. > > Any clarification would be appreciated. > > Mike > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
