From: Carlos G Mendioroz (tron@xxxxxxxxxxx)
Date: Mon Jun 17 2002 - 16:14:20 GMT-3
Please correct me if I'm wrong, but I believe that this additional
functionality is only available in BGP.
(That is, you can not use extended ACLs in distribute lists on other
protocols... even those in that this make sense like eigrp)
Mingzhou Nie wrote:
>
> In distribut-list, extended access-list is interpreted different than
> it should be. The source address part is used to match route
> network/subnet and destination address part to match submask.
>
> In your example, it tells, router network has to be 160.x.y.z where xyz
> can be anything, but the mask has to be exactly 255.0.0.0. It's the
> same as
>
> access-list 101 permit ip 160.0.0.0 0.255.255.255 host 255.0.0.0
>
> Ming
> --- "Ng, Kim Seng David (David)" <ksng@avaya.com> wrote:
> > Hi group,
> >
> > How do you interprete the following extended access-list as
> > permitting only 160.0.0.0/8 when applied by a distribute list?
> >
> > access-list 101 permit ip 160.0.0.0 0.255.255.255 255.0.0.0 0.0.0.0
> >
> > I do not really understand the second part of the access-list
> > "255.0.0.0 0.0.0.0". What is it actually denoting? What if we need to
> > permit only 160.0.0.0/12? Is it then
> >
> > access-list 101 permit ip 160.0.0.0 0.15.255.255 255.240.0.0 0.0.0.0
> >
> > Please correct me. Thanks
> >
> > David
This archive was generated by hypermail 2.1.4 : Tue Jul 02 2002 - 08:12:35 GMT-3