Is this something that ComOS is just doing wrong? Would enabling OSPF help?
Doug, if this really is a ComOS problem, do you have an open ticket with
Lucent about this?
Thanks,
Rob
At 10:20 AM -0700 1/25/98, Doug Ingraham wrote:
>add filter e.out
>set filter e.out 1 permit 192.168.1.32/27
>set filter e.out 2 permit 192.168.0.10/32
>set filter e.out 3 permit log
>
>192.168.1.32/27 is the assigned address pool in that portmaster.
>102.168.0.10/32 is the address of that portmaster's ethernet.
>
>I run this way for a bit to make sure I have not forgotten any thing. In
>our network I have a block of IP addresses for customers that needs to be
>allowed staticly on all portmasters so that is also given a permit
>listing. Once I am certain it is all working I change the permit log to a
>deny because the syslogging can create a lot of traffic.
>
>What this does is permit only those packets whose source address is on
>that portmaster onto your ethernet. A packet will not be bounced back to
>your router and start looping with this filter in place. If you are using
>the PM to route other subnets you will of course have to put those in the
>permit list.
>
>This is the most basic filter I can think of to solve this problem.
>Really, this is a Comos problem in that it announces routes to those IP
>addresses and when a packet comes in if the address is not active it
>bounces it. It should probably return a host unreachable message.
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.