Re: Wiered - Access list.

From: afiddler (afiddler@xxxxxxxxx)
Date: Sun Oct 21 2001 - 12:42:57 GMT-3

• Next message: Jerry Toomey: "Cisco Documentation CD Problems"
• Previous message: Brian Hescock: "multicast tip"
• Maybe in reply to: Rajeev Siddappa: "Wiered - Access list."
• Next in thread: Rajeev Siddappa: "Re: Wiered - Access list."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
I think Halabi does a really good job of explaining BGP route filtering on
pages 308-316 (new edition).

----- Original Message -----
From: "Rick Burts" <burts@mentortech.com>
To: "Brian Hescock" <bhescock@cisco.com>
Cc: "Rajeev Siddappa" <raj_lab@yahoo.com>; <ccielab@groupstudy.com>
Sent: Sunday, October 21, 2001 5:42 AM
Subject: Re: Wiered - Access list.

> Actually it is not a mistake. This is an application of extended access
> list used in BGP processing. In this context you interpret the 4
> parameters as: network (address), mask on network (how many bits of the
> address need to match), subnet mask, mask on subnet mask (how many bits
> of the subnet mask are significant) rather than the traditional source
> address, source mask, destination address, destination mask.
>
> You would interpret this as permit advertisement of 192.169.192.0
> 255.255.248.0 but it would not permit advertisement of 192.168.192.0
> 255.255.240.0.
>
> This implementation is a bit complex. It is the early version of the
> function supplied by prefix list for BGP and does the same thing: allow
> filtering on both address and mask length.
>
> Rick
>
> Rick Burts, CCSI CCIE 4615 burts@mentortech.com
> Mentor Technologies 240-568-6500 ext 6652
> 133 National Business Parkway 240-568-6515 fax
> Annapolis Junction, Md 20701
>
> Chesapeake Network Solutions has now become Mentor Technologies.
> Mentor Technologies is a certified Cisco Training Partner and also
> a Cisco Professional Services partner.
> We offer most of the Cisco training courses.
> We also offer training in Checkpoint Firewall software and
> Fore Systems (now Marconi) and MicroMuse.
> We also provide network consulting services including
> design, management, and problem solving.
> We have 21 CCIEs on our staff.
> We offer the breakthrough VLAB remote access technology for
> access to practice configuration on real equipment.
>
> On Sat, 20 Oct 2001, Brian Hescock wrote:
>
> > It doesn't seem like anyone is on-line tonight so I'll go ahead and
> > answer: it's a mistake. He put in a subnet mask instead of a host
> > address. It's not you... ;-)
> >
> > Brian
> >
> > Rajeev Siddappa wrote:
> >
> > >Hi friends,
> > >
> > >Can any one explain me how this access-list works.
> > >
> > >access-list 101 permit IP host 192.169.192.0 host
> > >255.255.248.0
> > >
> > >This is an example in Jeff-doyel vloume 2 page 189.
> > >
> > >Please I am breaking my head.
> > >
> > >Thank you,
> > >Rajeev.
> > >
> > >

• Next message: Jerry Toomey: "Cisco Documentation CD Problems"
• Previous message: Brian Hescock: "multicast tip"
• Maybe in reply to: Rajeev Siddappa: "Wiered - Access list."
• Next in thread: Rajeev Siddappa: "Re: Wiered - Access list."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 20 2002 - 22:33:22 GMT-3