RE: Access-list for even/odd numbered networks

From: Alan Basinger (abasinge@xxxxxxxxxx)
Date: Sun Apr 01 2001 - 11:37:53 GMT-3

   
Basically guys this was just an example to find out why Marc had used a 2
line ACL instead of a single line ACL. It was not meant to be a literal
answer to the previous question but and example of one line ACL's. I still
do not understand that if the question was permit only x.x.x.x even networks
we would want to use the 2 line statement. "Key word only guys". If they had
many networks Cumming in and wanted to filter only the odds from say one
subnet I could see the 2 line ACL being the correct answer. I just would not
want to hear the proctor say "Alan, you get it right but it is not what we
were looking for." "We wanted it done in one line." Maybe it is panic over
my 3rd try Monday....
Anyway thanks for all the e-mails and the help guys and have a good week.
See ya in the funnies.

Alan

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Mask Of Zorro
Sent: Saturday, March 31, 2001 10:07 PM
To: mikemart@cisco.com; abasinge@swbell.net; mrussell@ccbootcamp.com;
pkm@calweb.com; tariq_sharif@btinternet.com
Cc: ccielab@groupstudy.com
Subject: RE: Access-list for even/odd numbered networks

Maybe you got mixed up in the thread there Mike.

Marc's list has two lines, and line number 2 permits all the
non-192.168.X.X networks.

Alan's one line list has the problem you describe, and also another... As he
has typed it, it would PERMIT all the odd routes instead of denying them as
requested. I think he needs a 0 on that 3rd octet to do what he wants to do,
but then he still has the problem of denying everything else...

The impact of shaving a line off the ACL is negligible in terms of
performance. Even if it did do the job, I would rather err on the side of
clarity then save a line (or 2, or 10...).

Z

>From: michael martinek <mikemart@cisco.com>
>Reply-To: michael martinek <mikemart@cisco.com>
>To: Alan Basinger <abasinge@swbell.net>, Marc Russell
><mrussell@ccbootcamp.com>, "'Phillip Moulay'" <pkm@calweb.com>,
> Tariq Sharif <tariq_sharif@btinternet.com>
>CC: ccielab@groupstudy.com
>Subject: RE: Access-list for even/odd numbered networks
>Date: Sat, 31 Mar 2001 15:06:15 -0600
>
>Marc,
>
>Your method would not allow any other non-192.168.X.X networks to pass the
>list.
>The key question would be whether we want other routes to pass the list.
>
>Regards,
>
>Mike
>At 11:50 AM 03/31/2001 -0600, Alan Basinger wrote:
> >Marc,
> >Is it better to use the deny statement and then permit what is left or
>just
> >permit the 192.168.1.0 0.0.254.255 and let the implicit deny take care of
> >the rest? One line versus 2 lines in the ACL.
> >I have been using the single line form and distribute lists or
>route-maps.
> >
> >Alan
> >
> >-----Original Message-----
> >From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> >Marc Russell
> >Sent: Saturday, March 31, 2001 11:42 AM
> >To: 'Phillip Moulay'; Tariq Sharif
> >Cc: ccielab@groupstudy.com
> >Subject: RE: Access-list for even/odd numbered networks
> >
> >
> >Here is a question from one of our labs. Below is the access-list we
> >used to deny the odd routes.
> >
> >4. Create the following 6 static routes on R6; using the Cisco IOS
> >command ip route 192.168.X.0 255.255. 255.0 null 0. Use the number
> >1,2,3,4,5, and 6 for the variable X. Redistribute the static routes such
> >that they are seen by all routers. Now filter on R5 using any method
> >that uses an access list so that only the even routes (i.e. X=2,4, and
> >6) are seen past R5 towards the OSPF network. Your access-list can only
> >have two lines in it, not seven for this exercise. All the 192.168.X.0
> >routes must still be seen in R5s routing table.
> >
> >
> >access-list 3 deny 192.168.1.0 0.0.254.255
> >access-list 3 permit any
> >
> >
> >Marc Russell
> >CCIE Boot Camp
> >www.ccbootcamp.com
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >-----Original Message-----
> >From: Phillip Moulay [mailto:pkm@calweb.com]
> >Sent: Saturday, March 31, 2001 12:32 PM
> >To: Tariq Sharif
> >Cc: ccielab@groupstudy.com
> >Subject: Re: Access-list for even/odd numbered networks
> >
> >
> >Any idea how to create a filter using ACL to filter even or odd numbered
> >networks. Let's say you just want to redistribute 200.200.30.0,
> >200.200.32.0,
> >200.200.34, etc. How will you create the ACL?
> >
> >Thanks
> >**NOTE** All LAB SWAP messages should now be sent to the
> >LAB SWAP Message board on groupstudy.com.
> >**NOTE** All LAB SWAP messages should now be sent to the
> >LAB SWAP Message board on groupstudy.com.
> >**NOTE** All LAB SWAP messages should now be sent to the
> >LAB SWAP Message board on groupstudy.com.
>--------------------------------------------------------------------------- 

--
>       Cisco Systems             Mike Martinek
>                                          Systems Engineer
>           |               |               7900 International Drive
>          |||              |||              Suite 400
>         |||||             |||||             Bloomington, MN 55425
>       |||||||||          |||||||||            Voice.......952-967-8512
>     |||||||||||||        |||||||||||||          Fax..........952-967-8311
>   ||||||||||||||||||||||||||||||||||||||||||   Email - mikemart@cisco.com
>"EMPOWERING THE INTERNET GENERATION"
>**NOTE** All LAB SWAP messages should now be sent to the
>LAB SWAP Message board on groupstudy.com.

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:29:38 GMT-3