From: Les Hardin (hardinl@xxxxxxx)
Date: Tue Apr 10 2001 - 21:54:14 GMT-3
Sorin,
I liken it to an IP access list where a one in the mask is a don't care
bit. So, using network number 200000a0 as the base address and applying
the mask 00000003, we block 200000a1, 200000a2, and 200000a3 (any
combinations of bits in the lower two bits) The mask says we don't care
about the last two bits (0,1,2 or 3), e.g., 0000, 0001, 0010, or 0011.
We probably could have used 200000a1, 200000a2, or 200000a3 as the base
address (as long as the top two bits in the "nibble" are zero). keep in
mind that 200000a2, for example, is 0010 0000 0000 0000 0000 0000 1010 0010.
This is probably not the best explanation.
hth,
Les
At 12:21 AM 4/11/2001 +0000, Sorin Suru wrote:
>Les,
>
>Would you be kind enough and explain the logic behind it.
>Thank you very much.
>Sorin
>
>
>>From: Les Hardin <hardinl@bah.com>
>>Reply-To: Les Hardin <hardinl@bah.com>
>>To: garry baker <fallow46@yahoo.com>, ccielab@groupstudy.com
>>Subject: Re: blocking ipx networks
>>Date: Tue, 10 Apr 2001 19:16:22 -0400
>>
>> deny 200000a0 00000003 ???
>>
>>
>>At 03:27 PM 4/10/2001 -0700, garry baker wrote:
>>>Guys,
>>>
>>>I am having trouble trying to block three ipx network
>>>with one statement in an access list. I have been
>>>playing around with this for a couple of days and have
>>>not worked it out. If i wanted to block networks:
>>>
>>>200000a1
>>>200000a2
>>>200000a3
>>>
>>>what would be the access list statement. i have looked
>>>through the archives but still have been unable to do
>>>this???
>>>
>>>Garry
>>>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:29:43 GMT-3