From: Jack.W.Parks@xxxxxxxxxx
Date: Fri May 31 2002 - 14:26:43 GMT-3
I am guessing you are trying to use an extended access-list with BGP or
something along those lines.
access-list 101 permit ip <Address> <Address Mask> <Subnet Mask> <Subnet
Mask wildcard>
Your example shows accept all 150.10.0.0 networks with any mask below
/16 - /32. You could accomplish this with a standard access-list:
access-list 1 permit 150.10.0.0 0.0.255.255 .The real value is when you
change how you match on the subnet mask.
Access-list 101 permit ip 150.10.0.0 0.0.255.255 255.255.0.0 0.0.255.0
This would match all routes in the 150.10.0.0 and have a mask between
/16 - /24. Routes with a mask of /25 - /32 would be denied. A more
up-to-date way to complete the same thing is to use prefix-lists
For my example: ip prefix-list MYLIST seq 5 permit 150.10.0.0/16 le
24.
For your example: ip prefix-list YOURLIST seq 5 permit 150.10.0.0/16 le
32
I hope I didn't ramble to much.
Jack
-----Original Message-----
From: Bruce Williams [mailto:bruce@williamsnetworking.com]
Sent: Friday, May 31, 2002 11:04 AM
To: Ccielab@Groupstudy. Com
Subject: access-list subnet mask mask
Can someone please tell me how to create an access-list that will
specifiy the exact size of the mask. I cannot remember how to do it and
I cant find it on CCO. It went something like this: access-lsit 101
permit ip 150.10.0.0 0.0.255.255 mask 255.255.0.0 0.0.255.255
Bruce Williams
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:59:13 GMT-3