I agree. As I understand one should be able filter IPv4 packets using the 0x0800 Ethertype in Mac-ACL. But then when you filter like this, all your IP traffic is affected [including Routing Protocols].
----- Original Message ----- From: "Wilson Tuma" To: [email protected] Subject: [OSL | CCIE_RS] IP filtering @ Mac level Blues. Date: Sat, 27 Jun 2009 23:37:49 -0700 (PDT) Hi all While trying to filter IP at mac level I came across the following statements. 1. IP Packets can only be processed by IP Access-Lists; 2. Non-IP Packets like ARP, MAC-Addresses, and others can only be processed by MAC Access-Lists.This blurs my thinking somewhat because I understand the following. Ethertype codes are used to represent the various protocols at mac level. 0x86DD for IPV6, 0x806 for arp, 0x4242 for pvst, lsap 0xAAAA for pvst+ In that light there has to be a code to representing IP. If not how does IP packets get handed to the IP protocol stack from mac encapsulations? I check further and found the following 0800 DOD Internet Protocol (IP) 0801 X.75 Internet 0802 NBS Internet 0803 ECMA Internet Why is it not possible to used one or all these ethertypes to filter out IP at the mac level? Thanks. Wilson F. Tuma ==================================== CCNP, CCNA, MCSE, MCSA Box 1784 Douala Cell : +237 77 7753 753 Email : [email protected] ==================================== Desmond Black, In Pursuit of CCIE!! India -- Be Yourself @ mail.com! Choose From 200+ Email Addresses Get a Free Account at www.mail.com
