Re: IP Routing Process(Frame Creation)& CISCO Basic BACS FIREWAL
The frame (layer two) is created containing a packet (layer three). The IP Addresses are contained in the packet.
At layer two, frames/switches have no knowledge of IP, only MAC addresses.
In days past (long past, at this point), different manufacturers used Ethertype to identify their frames. The applications of the time would only look at frames containing their Ethertype.
The protocol field identifies the which stack (in a multi-protocol environment, like IP and IPX) the frame contents should be handed to.
Blocking the source port doesn't work, because the originator could choose any port number to send from. They send TO a specific port that the server is listening on (like 23 for Telnet). The source port could be anything, but the destingation port for Telnet is "well known" at port 23.
INSPECT / CBAC is "deep packet inspection" ... rather than just looking for a value at a certain offset (like a source MAC or source IP), it peels the frame and peels the packet to look at the contents ... then making an assessment of the contents to decide if it's traffic to block or pass based on the PERMITs and DENYs of the configuration.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...