From: Kang BS (avantus1@xxxxxxxxxxx)
Date: Sun Feb 10 2002 - 04:30:20 GMT-3
Thank you all,
I'd like to clarify my question more detail.
- I have 5 routes
170.10.1.0 /24
170.10.2.0 /24
170.10.3.0 /24
170.10.16.0 /20
170.10.32.0 /20
- I want to permit only 170.10.x.0 /24 ( x is 1,2,3 here, but can be any
number)
and deny any routes with subnet mask other than /24 (here 170.10.16.0/20,
170.10.32.0/20)
this is my question.
and prefix-list is working well.
thanks
BS Kang
>From: Troy Rader <troy@onenet.net>
>To: Sam Pilot <sam_pilot@hotmail.com>
>CC: avantus1@hotmail.com
>Subject: Re: Access-list
>Date: Fri, 08 Feb 2002 16:15:21 -0600 (CST)
>
>I'm not exactly sure why he included the /24 and then asked for help with
>a mask. I ignored the /24 and assumed that the x meant the 3rd octet was
>anything (range 0 - 255) and that by stating a 0 in the 4th octet, he
>meant that it MUST be a zero and only a zero. With a /32, it would imply
>a single host, and the x implies NOT a single host, so I think that x and
>/32 are not compatible.
>
>I think we agree, but just aren't clear on what he REALLY meant. :)
>
>
>
>
>On Fri, 8 Feb 2002, Sam Pilot wrote:
>
> > Troy
> >
> > I understand what you say but if Kang wanted to permit "170.10.x.0",
then
> > he would have said 170.10.x.0/32 and not 170.10.x.0/24...
> > the 24 bit mask at the end should mean the entire network..
> >
> > anyway i guess Kang would be able to clarify the issue..
> > this issue had me refreshing my wildcard mask concepts ... :-)
> >
> >
> >
> >
> > ----- Original Message -----
> > From: "Troy Rader" <troy@onenet.net>
> > To: "Sam Pilot" <sam_pilot@hotmail.com>
> > Sent: Friday, February 08, 2002 4:31 PM
> > Subject: Re: Access-list
> >
> >
> > > Download the free utilities from www.boson.com. This is what cleared
it
> > > up for me. In this example, the 0 in the 4th octet must be a 0 but
the
> > > 3rd octet can vary.
> > >
> > > 170.10.0-255.0 is the range. To mask this is 0.0.255.0.
> > >
> > > It's not so much a real ip range as a challenge of your bit level
> > > understanding.
> > >
> > >
> > > On Fri, 8 Feb 2002, Sam Pilot wrote:
> > >
> > > > they wouldnt it say 170.10.x.0/32
> > > >
> > > >
> > > > ----- Original Message -----
> > > > From: "Troy Rader" <troy@onenet.net>
> > > > To: "fathnallah said" <sfathallah@mail.cbi.net.ma>
> > > > Cc: "Kang BS" <avantus1@hotmail.com>; <ccielab@groupstudy.com>
> > > > Sent: Friday, February 08, 2002 3:56 PM
> > > > Subject: Re: Access-list
> > > >
> > > >
> > > > > I think he is looking for:
> > > > >
> > > > > access-list 1 permit 170.10.0.0 0.0.255.0
> > > > >
> > > > > It appears in his post that the 4th octet MUST be a zero.
> > > > >
> > > > >
> > > > >
> > > > > On Fri, 8 Feb 2002, fathnallah said wrote:
> > > > >
> > > > > > access-list 1 permit 170.10.0.0 0.0.255.255
> > > > > > ----- Original Message -----
> > > > > > From: Kang BS <avantus1@hotmail.com>
> > > > > > To: <ccielab@groupstudy.com>
> > > > > > Sent: Friday, February 08, 2002 2:14 AM
> > > > > > Subject: Access-list
> > > > > >
> > > > > >
> > > > > > > Could you anyone help me on access-list?
> > > > > > >
> > > > > > > - only permit 170.10.x.0 /24 'x' is any number.
> > > > > > >
> > > > > > > thank you in advance
> > > > > > >
> > > > > > > BS Kang
> > > > > > >
> > > > > > >
This archive was generated by hypermail 2.1.4 : Thu Jun 20 2002 - 13:46:17 GMT-3