Filter
Top Products
Installation and Getting Started Guide
The [<network-mask>.<node-mask>] parameter lets you specify a comparison mask for the network and node.
The mask consists of zeros (0) and ones (f). Ones indicate significant bits. For example, to configure a mask that
matches on network abcdefxx, where xx can be any value and the node address can be any value, specify the
following mask: ffffff00.0000.0000.0000
NOTE: To apply an ACL for filtering GNS replies to an interface, you must use the ipx output-gns-filter command
instead of the ipx sap-filter-group command. See
“Filter GNS Replies” on page 14-10.
The in | out parameter of the ipx sap-filter-group command specifies whether the ACLs apply to incoming traffic
or outgoing traffic.
USING THE WEB MANAGEMENT INTERFACE
You cannot configure a SAP access list using the Web management interface.
Enable Round-Robin GNS Replies
By default, the routing switch replies to a GNS request with the most recently learned server supporting the
requested service. You configure the routing switch to instead use round-robin to rotate among servers of a given
service type when responding to GNS requests. To do so, use one of the following methods.
USING THE CLI
To enable the routing switch to use round-robin to select servers for replies to GSN requests, enter the following
commands:
HP9300(config)# ipx gns-round-robin
HP9300(config)# write memory
Syntax: [no] ipx gns-round-robin
USING THE WEB MANAGEMENT INTERFACE
You cannot enable round-robin for GNS replies using the Web management interface.
Filter GNS Replies
You can use IPX access lists to permit or deny specific services and servers in GNS replies to specific IPX nodes
(hosts). To do so, use either of the following methods to configure IPX access lists that include service and server
information, then apply them to specific ports.
USING THE CLI
To configure IPX ACLs and apply them to a port to control responses to GNS requests on that port, enter
commands such as the following:
HP9300(config)# router ipx
HP9300(config-ipx-router)# ipx sap-access-list 2 deny efff 47 Prt0
HP9300(config-ipx-router)# ipx sap-access-list 20 deny aaaa.bbbb.cccc.dddd 47 Prt1
HP9300(config-ipx-router)# ipx sap-access-list 32 permit -1 0
HP9300(config-ipx-router)# exit
HP9300(config)# int e 1/1
HP9300(config-if-1/1)# ipx output-gns-filter 10 20 32
HP9300(config-if-1/1)# write memory
The commands in this example configure three ACLs. Two of the ACLs contain server network, service type, and
server information and deny reporting these servers to the clients. For example, ACL 2 does not permit the
routing switch from sending server “Prt0” with network efff in GNS replies to the client.
ACL 32 changes the default action from deny to permit. All GNS replies that are not explicitly denied by other
ACLs are permitted by this one.
Syntax: [no] ipx sap-access-list <num> deny | permit <network>[.<node>] [<network-mask>.<node-mask>]
[<service-type> [<server-name>]]
14 - 10