Information Technology Reference
In-Depth Information
•
access-group filters list name used in the
clns filter-set
and
clns access-group
commands.
Table16-7 Access List Numbering by Protocol
Access List Type
Access List Number Range (Decimal)
AppleTalk
600 to 699
Banyan VINES (standard)
1 to 100
Banyan VINES (extended)
101 to 200
DECnet
300 to 399
IP (standard)
1 to 99
IP (extended)
100 to 199
Novell IPX (standard)
800 to 899
Novell IPX (extended)
900 to 999
Transparent Bridging
200 to 299
XNS
500 to 599
Access List
For each networking protocol that is to be sent across the dial connection, an
access list
may be
configured. For purposes of cost control, it is usually desirable to configure an access list to prevent
certain traffic—such as routing updates—from bringing up or keeping up a connection. Note that when
we create access lists for the purpose of defining interesting and uninteresting traffic, we are not
declaring that uninteresting packets cannot cross the dial link—only that they will not reset the idle
timer, nor will they bring up a connection on their own. As long as the dial connection is up,
uninteresting packets will still be allowed to flow across the link.
For example, a router running EIGRP as its routing protocol can have an access list configured to declare
EIGRP packets uninteresting and all other IP traffic interesting:
access-list 101 deny eigrp any any
access-list 101 permit ip any any
Access lists can be configured for all protocols that might cross the dial link. Remember that for any
protocol, the default behavior in the absence of an access list permit statement is to deny all traffic. If
there is no access list and if there is no
dialer-list
command permitting the protocol, then that protocol
will be uninteresting. In actual practice, if there is no dialer list for a protocol, those packets will not
flow across the link at all.
