2.5 solution

Would a mac address filter permiting only the mac address 0000.0c12.3456 and hard coding r5's e0/0 interface be an acceptable solution as well? I can't think of reason why it wouldn't be. The solution guide answer would work, but it didn't seem as obvious as a mac acl, so I'm wondering if the mac acl is wrong (ie. due to breaking something else.. etc)

 

Comments

  • <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">





    MAC ACLs can't block IP traffic.



    Brian McGahan, CCIE #8593 (R&S/SP/Security)

    [email protected]

     

    Internetwork Expert, Inc.

    http://www.InternetworkExpert.com

    Toll Free: 877-224-8987 x 705

    Outside US: 775-826-4344 x 705

    Online Community: http://www.IEOC.com

    CCIE Blog: http://blog.internetworkexpert.com






    dloughlin wrote:

    Would a mac address filter permiting only the mac
    address 0000.0c12.3456 and hard coding r5's e0/0 interface be an
    acceptable solution as well? I can't think of reason why it wouldn't
    be. The solution guide answer would work, but it didn't seem as obvious
    as a mac acl, so I'm wondering if the mac acl is wrong (ie. due to
    breaking something else.. etc)

     







    "Internetwork Expert - The Industry Leader in CCIE Preparation

    http://www.internetworkexpert.com



    Subscription information may be found at:

    http://www.ieoc.com/forums/ForumSubscriptions.aspx

    "
  • Thanks. I forgot about that. Hopefully I won't forget again.

  • It does kill ARP though.  And the question is worded as just traffic, not IP traffic :)  Actually I'm just annoyed that I missed this one again with the softball keyword right there in the question.

    -ryan

Sign In or Register to comment.