Extreme Networks

modris_bernands · ‎06-29-2016

I want to collect "Rejected IP" + "Rejected Port" from problematic X350.
Is possible get this information with snmp or other method?

Additional Q: if I create ACL to deny unwanted subnet on "Rejected port", Is this deny connection count only on 'show access-list counter' or included also in "Rejected IP" and "Rejected Port" (read: show iparp stats vlan all) ?

I got many rejected counts and because I want start debug collect it to start debug my network incorrect design.

excuse about my bad English and networking knowledge...

Kevin_Kim · ‎07-01-2016

You can allow ARP packets having a sender address within a network subnet configured and deny everything else. You would see ACL deny counter increasing but not see the rejected counter increasing in the show iparp output.

entry 1 { if { arp-sender-address 10.0.0.0/24; } then { permit; } }
entry 2 { if { arp-sender-address 0.0.0.0/0; } then { deny; count denyarp; } }

modris_bernands · ‎07-01-2016

I found what i ask. I just need more RTFM, sorry.

Thank You.

Kevin_Kim · ‎07-01-2016

Please check 'Chapter 20 ACLs' in the EXOS 15.3 Concepts Guide.

http://extremenetworks.com/wp-content/uploads/2014/03/EXOS_Concepts_Guide_15_3_2.pdf

modris_bernands · ‎07-01-2016

What ir Yours documental library for in ACL? Is there place where it all together, for example, rfc?

I try find some similaries with wireshark filters, but not sure. Or is this only defined and implemented by extreme designers?

Extreme Networks

Is possible to collect Rejected IP and Ports with snmp?

Is possible to collect Rejected IP and Ports with snmp?