filtering even subnets

From: Tim Wilhoit (tilimil@xxxxxxxxxxx)
Date: Mon Apr 29 2002 - 02:32:56 GMT-3

• Next message: DAve Diaz: "Fwd: RE: CCNP"
• Previous message: Jeff Szeto: "Re: Route filtering with extended access list"
• Next in thread: David Luu: "Re: filtering even subnets"
• Maybe reply: David Luu: "Re: filtering even subnets"
• Maybe reply: Harish DV/peakxv: "Re: filtering even subnets"
• Maybe reply: David Luu: "Re: filtering even subnets"
• Maybe reply: Tim Wilhoit: "Re: filtering even subnets"
• Maybe reply: David Luu: "Re: filtering even subnets"
• Maybe reply: Chua, Parry: "RE: filtering even subnets"
• Maybe reply: David Luu: "RE: filtering even subnets"
• Maybe reply: David Luu: "RE: filtering even subnets"
• Maybe reply: Ashot Hakobyan: "RE: filtering even subnets"
• Maybe reply: Ashot Hakobyan: "RE: filtering even subnets"
• Maybe reply: Ashot Hakobyan: "RE: filtering even subnets"
• Maybe reply: kris.keen@xxxxxxxxxx: "RE: filtering even subnets"
• Maybe reply: kris.keen@xxxxxxxxxx: "RE: filtering even subnets"
• Maybe reply: Chua, Parry: "RE: filtering even subnets"
• Maybe reply: Mingzhou Nie: "RE: filtering even subnets"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Ok, time for another exercise on filtering subnets. On page 1141 of Solie's
book in the "Skynet" lab he asks the following:
"Apply an inbound filter to R5, filtering just the even subnets from the
loopback range 199.199.1.1 to 199.199.10.1 on R4".

For some background, there are 10 subnets from 199.199.1.0/24 to
199.199.10.0/24 entering this router.

Obviously the easy way to do this is to just use an access-list like the
following:

access-list 1 deny 199.199.0.0 0.0.254.255
access-list permit any

But my thinking is this might be counted wrong because 199.199.12.0 could come
along and it would get denied. So my question is, what is the shortest way to
block JUST the subnets he asked for? Below is what I came up with but I want
to see what everyone else comes up with.

access-list 1 deny 199.199.8.0
access-list 1 deny 199.199.10.0
access-list 1 deny 199.199.0.0 0.0.6.255
access-list 1 permit any

• Next message: DAve Diaz: "Fwd: RE: CCNP"
• Previous message: Jeff Szeto: "Re: Route filtering with extended access list"
• Next in thread: David Luu: "Re: filtering even subnets"
• Maybe reply: David Luu: "Re: filtering even subnets"
• Maybe reply: Harish DV/peakxv: "Re: filtering even subnets"
• Maybe reply: David Luu: "Re: filtering even subnets"
• Maybe reply: Tim Wilhoit: "Re: filtering even subnets"
• Maybe reply: David Luu: "Re: filtering even subnets"
• Maybe reply: Chua, Parry: "RE: filtering even subnets"
• Maybe reply: David Luu: "RE: filtering even subnets"
• Maybe reply: David Luu: "RE: filtering even subnets"
• Maybe reply: Ashot Hakobyan: "RE: filtering even subnets"
• Maybe reply: Ashot Hakobyan: "RE: filtering even subnets"
• Maybe reply: Ashot Hakobyan: "RE: filtering even subnets"
• Maybe reply: kris.keen@xxxxxxxxxx: "RE: filtering even subnets"
• Maybe reply: kris.keen@xxxxxxxxxx: "RE: filtering even subnets"
• Maybe reply: Chua, Parry: "RE: filtering even subnets"
• Maybe reply: Mingzhou Nie: "RE: filtering even subnets"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:58:21 GMT-3