From: Connary, Julie Ann (jconnary@xxxxxxxxx)
Date: Fri Sep 29 2000 - 11:46:09 GMT-3
Hi All,
In Halabi's Internet routing Architecture book he has the following example
that confuses me (page 310):
If you want to filter 172.16.0.0/16 such that only 172.16.0.0/16 and not
172.16.0.0/17, 172.16.0.0/18 ... are
also permitted you must use and extended access-list. Thus the standard
access-list of will not work:
access-list 1 permit 172.16.0.0 0.0.255.255
He then goes on to defined an extended access list as:
access-list access-list-number permit ip network-number
network-do-no-care-bits mask mask-do-not-care-bit.
And gives the following example:
access-list 101 permit ip 172.16.0.0 0.0.255.255 255.255.0.0 0.0.0.0
My question is, where did he get that definition of an extended access-list
that says the second
set of address/mask pairs is a mask/mask-wildcards pair? Is this specific
to how BGP will
use the extended-access list vs. using the access-list in say an ACL? I
always understood the second pair
was the destination network or host.
Julie Ann
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:25:09 GMT-3