Hi, On Thu, Jun 27, 2013 at 10:54:32PM +0100, Tóth András wrote: > The MAC address of the packet will not be visible in the ACL logs. You can > see the port where the logged packet was received, then you can check the > learnt MACs on the port to narrow it down.
Is this a hardware limitation on the N7K, or "just not implemented yet"? The assumption that "if you know the IP address and the ingress interface, you can see from the ARP table where it came from" is deeply flawed for a number of reasons - the most easily understood is "the packet might come from behind another router", so you need the MAC address of the previous-hop router to backtrack stuff. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
pgpHawgb0yNj7.pgp
Description: PGP signature
_______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/