RE: Filtering & Wildcard

From: Wade Edwards (wade.edwards@xxxxxxxxxxxxxxxxxxx)
Date: Fri Dec 07 2001 - 17:39:04 GMT-3

   
You are correct. I didn't notice the first octet was different.

So it would be better to utilize the three lines.

Now with the 0.0.0.0 vs 0.0.255.255. It would work with 0.0.0.0 for
routing but I usually put the correct wildcard mask so I know what the
line will do and what I am trying to permit or deny.

Just my way of doing it.

L8r

 -----Original Message-----
From: SFeldberg@edeltacom.com [mailto:SFeldberg@edeltacom.com]
Sent: Friday, December 07, 2001 12:46 PM
To: Wade Edwards
Cc: ccielab@groupstudy.com; Courtney Alexander Foster; David;
nobody@groupstudy.com
Subject: RE: Filtering & Wildcard

Wade,

Your example only permits

140.1.0.0
140.2.0.0
140.3.0.0

That was not the requirement. It seems that there is no way to
summarize

140.1.0.0/16
141.2.0.0/16
142.3.0.0/16

in less than 3 statements, but that was not the question. (we're all so
eager to offer solutions, we don't read the question!) The original
question was regarding the mask- 0.0.0.0 vs. 0.0.255.255. My
understanding
is that 0.0.0.0 will only permit the 3 network addresses explicitly
defined, while 0.0.0.255 will permit network/host/broadcast addresses
140.1.0.0 - 140.1.255.255, 141.2.0.0 - 141.2.255.255, and 142.3.0.0 -
142.3.255.255. That would make 0.0.0.0 more applicable for route
filtering, 0.0.255.255 applicable for traffic filtering.

Steve

                    "Wade Edwards"

                    <wade.edwards@powerupnet To: "Courtney
Alexander Foster" <cfoster@cnr.edu>, "David"
                    works.com>
<david_knot@yahoo.com>, <ccielab@groupstudy.com>
                    Sent by: cc:

                    nobody@groupstudy.com Subject: RE:
Filtering & Wildcard

                    12/07/2001 01:32 PM

                    Please respond to "Wade

                    Edwards"

Actually it should be:
access-list 1 deny 140.0.0.0 0.0.255.255
access-list 1 permit 140.0.0.0 0.3.255.255

He only wanted 1, 2 and 3.

L8r.
 -----Original Message-----
From: Courtney Alexander Foster [mailto:cfoster@cnr.edu]
Sent: Friday, December 07, 2001 11:44 AM
To: David; ccielab@groupstudy.com
Subject: RE: Filtering & Wildcard

140.0.0.0 0.3.255.255

           -----Original Message-----
           From: David
           Sent: Fri 12/7/2001 12:04 PM
           To: ccielab@groupstudy.com
           Cc:
           Subject: Filtering & Wildcard

           Guys

           If u are asked to allow say 3 routes (140.1.0.0,
           141.2.0.0 & 142.3.0.0) in to your rack from a
           backbone. What type of wildcard would you use in ur
           ACL. Would the following be the best?

           access-list 1 permit 140.1.0.0 0.0.0.0
           access-list 1 permit 141.2.0.0 0.0.0.0
           access-list 1 permit 142.3.0.0 0.0.0.0

           OR:

           access-list 1 permit 140.1.0.0 0.0.255.255
           access-list 1 permit 141.2.0.0 0.0.255.255
           access-list 1 permit 142.3.0.0 0.0.255.255

           ?

           Thanks

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:32:40 GMT-3