6506 logging the ttl of ip packets

Unanswered Question
Oct 3rd, 2008

Hi!


I'm looking for a soultion to log the ttl-s of ip packets on a cat6506-e with sup720. It's running ios version 12.2(12a)SXF.

This version does not support to filter on ttl value with acl. I tried to do this using netflow v9, but the min_ttl, and max_ttl fileds of the flows are not supported too.

I'm not an expert unfortunately,

and i couldn't find any further information on the site about these features on cat6506.

Is it possible to use any other version of ios that can help to solve my problem, on my platform?


Thank you for your help.





  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
smalkeric Thu, 10/09/2008 - 13:30

Beginning with Cisco IOS software version 12.4(2)T, an administrator may be able to leverage TTL filtering in access control lists with CoPP and CPPr to filter packets with TTL values of zero and one


The following URL may help you:

http://www.cisco.com/web/about/security/intelligence/ttl-expiry.html#3


The following URL explains ACL support for filtering on TTL value:

http://www.cisco.com/en/US/docs/ios/12_4t/12_4t2/htaclttl.html


Actions

This Discussion