How are you actually segmenting the network? Is it just a bunch of
cascaded hubs and repeaters or are there any "smart" boxes involved?
SNA generally uses SAPs divisible by 4, default being x'04'. You will
generally only only see other SAPs when you have two circuits defined
between the same cards as you can't have the same MAC/SAP pair twice.
Filtering to allow SAP x'04' and SAP x'00' should restrict you to SNA only.
If you can't do this disallow the SAP associated with the protocols you
want to stop, e.g. NetBIOS x'F0', IPX x'E0', etc.
Kafil.
"Glen B. Glater" <[EMAIL PROTECTED]> on 03/06/99 02:19:22
To: [EMAIL PROTECTED]
cc:
Subject: filtering out 802.3 packets
anyone know of a tool that I could install that would filter out all
802.3 traffic?
I'm on a heavily used SNA network and I want to isolate a segment
from that traffic.
I could put in a router, but I don't want to introduce the delay of a
routing decision. Ultimately, I'm looking for a transparent bridge
type of device that will block certain ethernet types.
Please let me know.
--glen
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
