From: Carolyn Camarda (ccamarda@xxxxxxxxxxxxx)
Date: Wed Feb 13 2002 - 20:51:23 GMT-3
Xu is correct on this one.
You need to remember your octet boundaries. If you want to filter on groups
of 4, your ACL entry has to be divisible by 4, if you want to filter by 8,
then you need to have your entry divisible by 8 and so on.
The problem says pass 123-127 and filter 128 & 129.
ACL deny 192.168.120.0 0.0.7.255 would be the correct answer. 120 is
divisible by eight. The range would be from 120 to 127.
If you set up in groups of 4, it would be to many lines - will work but not
optimal.
Carolyn
----- Original Message -----
From: "Xu, James" <james.xu@eds.com>
To: "'Lab Candidate'" <labccie@yahoo.com>; "Scott Morris" <swm@emanon.com>;
<Sam.MicroGate@usa.telekom.de>; <ccielab@groupstudy.com>
Sent: Wednesday, February 13, 2002 5:00 PM
Subject: RE: ACL question
> Guys:
>
> Am I missing something here?
>
> I think each of his access-list will work, even if they are not do
precisely
> match.
> access-list 1 permit 192.168.123.0 0.0.7.255
> will permit every routes between 192.168.120.0 and 192.168.127.0, and
> implicitly deny any other routes, which includes 128, and 129.
>
> James
>
> -----Original Message-----
> From: Lab Candidate [mailto:labccie@yahoo.com]
> Sent: Wednesday, February 13, 2002 5:32 PM
> To: Scott Morris; Sam.MicroGate@usa.telekom.de; ccielab@groupstudy.com
> Subject: RE: ACL question
>
>
> I'd say access-list 1 is right, it can do what he is asking for.
>
> --- Scott Morris <swm@emanon.com> wrote:
> > F. None of the above...
> >
> > Because of bit boundaries though, you can't summarize quite so nicely.
> >
> > access-list 6 permit 192.168.123.0 0.0.0.255
> > access-list 6 permit 192.168.124.0 0.0.3.255
> >
> > That will cover 123, 124, 125, 126 and 127. The implicit deny will
catch
> > 128 and 129....
> >
> > Hope that helps.
> >
> > Scott
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> > Sam.MicroGate@usa.telekom.de
> > Sent: Wednesday, February 13, 2002 4:02 PM
> > To: ccielab@groupstudy.com
> > Subject: ACL question
> >
> >
> > Suppose that the backbone is advertising the following routes:
> > 192.168.123.0/24
> > 192.168.124.0/24
> > 192.168.125.0/24
> > 192.168.126.0/24
> > 192.168.127.0/24
> > 192.168.128.0/24
> > 192.168.129.0/24
> > I need to filter .128 and .129 and pass every thing else. which of the
> > following access list is correct
> > access-list 1 permit 192.168.123.0 0.0.7.255 or
> > access-list 2 permit 192.168.124.0 0.0.7.255 or
> > access-list 3 permit 192.168.125.0 0.0.7.255 or
> > access-list 4 permit 192.168.126.0 0.0.7.255 or
> > access-list 5 permit 192.168.127.0 0.0.7.255
This archive was generated by hypermail 2.1.4 : Thu Jun 20 2002 - 13:46:22 GMT-3