Take #2 Lesson 1 the interwebs can and shall eat your words at any time it so feels the need to. Copy is your friend.
Currently I have an issue where I am trying to block UDP traffic on a 4500G switch, which has been upgraded with the latest firmware and bootrom (5.02.p2, 5.01). In place I have storm-constrain setup to block multicast (the UDP traffic is coming through as a multicast feed) with a threshold of 1 to 1 kbps, 1% ratio, or 1 pps. When I look at Ethereal, it shows UDP traffic to be around 15%, with UDP packets being approximately 1.3KBs. I am trying to just block all UDP traffic. My feed contains UDP traffic and I want to block the traffic for ports that are outgoing. My best guess for what to do next is configure an ACL. I have thourghly searched through the manual for any information on protocol blocking, UDP blocking, and I was unable to find anything useful, I might not be using find with the right phrases/words. Is there a command line where I essentially go in and type block UDP 1/0/16, or something more complex. Also after typing this up I wonder if the UDP traffic is not just coming through multicast only and if its coming in as broadcast or some other cast. Any help would greatly be appreciated.
I think that the better way to accomplish what you want is to create an ACL that blocks the UDP traffic and apply it to the port you mentioned. I don't know any port command that can perform this action.
However I am still getting UDP traffic coming through. I want to just block UDP traffic from 2 ports on the switch, port 1 and port 13. Anyone able to point out what I did wrong above? My setup is I have a line coming in that carrys UDP. Only two ports on the switch need to not have UDP traffic. The rest are fine to allow multicast/UDP to come through.
Reason I chose 16 was that is where I had the laptop connected to, and I assumed when setting it to 16 it would think of the physical port ( or so I thought when I read what it means by source-port), however I changed it when I checked to see what values were used for destination and source -port:
rule 0 deny UDP source-port range 1024 1026
I chose those ports as that is what ethreal was telling me the packets were coming from. After applying the rule and saving it, I checked ethreal and traffic was still coming through. I would really just like to be able to do this
rule 0 deny UDP port eq 16
Where 16 would be the actual physical port on the switch. Thus blocking incoming and outgoing UDP traffic. Again thanks for the help, its really helping me, understand ACL and such better.
This message was edited by Mitesh324 on 11-19-09 @ 8:20 AM
A quick question to add to this topic, when I do implement a rule or a setting, and I use the save command, the rule or setting takes effect right than, and there is no reason to reboot the switch, I am correct in thinking that? I ask because the guy I am working with mentioned it and I told him to have to reboot for each time you change a setting or such would cause disruption to the network.
Alright I learned I can block UDP coming into the switch, but I am am not sure if I can block UDP outgoing from the switch. I want UDP to be able to come into the switch, but block it from going out of the switch on certain physical ports. Is this possible with an ACL rule?
