want to confirm my understanding about fragmented packets

Answered Question
Sep 2nd, 2012
User Badges:
  • Bronze, 100 points or more

Hi everybody.



Let say a host 199.199.199.3 wants to telnet to 199.199.199.2


Assume the router containing the ACL as shown below decides to fragment the packet into three, f1,f2,f3

First F1 matches the first ACL so it is dropped.Remaining non inital fragments will be dropped too because the first acl matches the only layer 3 information in non initial fragments

Is my understanding correct?


access-list 199 deny tcp any host 199.199.199.2 eq 23

access-list 199 permit tcp any host 199.199.199.




thanks

Correct Answer by Reza Sharifi about 4 years 11 months ago

Hi Sarah:

Correct, since the first access list statement denies 199.199.199.2, the rest of the statement in the list is skipped and the packet is dropped.


HTH

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Reza Sharifi Sun, 09/02/2012 - 20:44
User Badges:
  • Super Bronze, 10000 points or more
  • Cisco Designated VIP,

    2017 LAN

Hi Sarah:

Correct, since the first access list statement denies 199.199.199.2, the rest of the statement in the list is skipped and the packet is dropped.


HTH

Actions

This Discussion

Related Content