From: ccie candidate (ccie1@xxxxxxxxx)
Date: Sat Jul 27 2002 - 16:19:53 GMT-3
Halabi's book has an example about this way of access-lists where you need to e
xact specify a certain network .
it was aslo confusing me that time ..but with using prefix list things are more
easier to understand ..again the prefix list is explained clearly in halabi's
book .
the syntax is something like that .
IP prefix-list sample seq 5 permit 192.168.0.0/16
this will give exact match for the /16 subnet .
--On Sat, 27 Jul 2002 18:50:08 Anthony Pace wrote: >Mas Kato, > >THere is one syntax I have seen and tested (in RIP) where the first >address/inverted mask in the ACL is to "specify the neigbor who gave me >the route", and the second address/inverted mask is the routes to be >filtered from that neigbor. > >I also saw someone on this list code one that had something like the >prefix list flavor (permit ip 172.16.0.0 0.0.255.255 host >255.255.255.0) but they had a variation on the second half. Instead of >spacifying the mask for the routes as a fixed value, they had different >values for the network and mask that suggested a range. I can't even >remember it's syntax. > >I think you are correct in saying that perfix lists or route-maps >should be able to do just about any of this, cleaner. I just wondered >where all of this was documented. > >Anthony Pace > > > > >On Fri, 26 Jul 2002 18:02:15 -0700, "P729" <p729@cox.net> said: >> Other than some of the earlier IOS command references, not really. >> Halabi's >> book cites a few examples. I think they've become kind of archaic since >> prefix-lists became available... >> >> Regards, >> >> Mas Kato >> https://ecardfile.com/id/mkato >> ----- Original Message ----- >> From: "Anthony Pace" <anthonypace@fastmail.fm> >> To: "P729" <p729@cox.net>; "Ted McDermott" <tedmcdermott@yahoo.com>; >> <ccielab@groupstudy.com> >> Sent: Friday, July 26, 2002 3:16 PM >> Subject: Re: Simple Question on Extended Access Lists >> >> >> > Mas Kato, >> > >> > Are there any Cisco references that explain the more elaborate flavors >> > of these kinds of "filter exetnded ACLs" also which protocoles use it >> > to mean network + mask and which use it for neighbor + network.. >> > >> > >> > Anthony Pace >> > >> > >> > >> > On Thu, 25 Jul 2002 21:40:34 -0700, "P729" <p729@cox.net> said: >> > > Ted, >> > > >> > > This form of an extended access-list is specifying that the subnet mask >> > > in >> > > the update must be 255.0.0.0 and the 0.0.0.0 wildcard mask for it means >> > > it >> > > must be an exact match. >> > > >> > > Regards, >> > > >> > > Mas Kato >> > > https://ecardfile.com/id/mkato >> > > ----- Original Message ----- >> > > From: "Ted McDermott" <tedmcdermott@yahoo.com> >> > > To: <ccielab@groupstudy.com> >> > > Sent: Thursday, July 25, 2002 8:27 PM >> > > Subject: Simple Question on Extended Access Lists >> > > >> > > >> > > > On page 2 of 10 of the Cisco - BGP Case Studies >> > > > Section 3 >> > > > (http:/www.cisco.com/warp/customer/459/15.html), the >> > > > author uses "access-list 101 permit ip 160.0.0.0 >> > > > 0.255.255.255 255.0.0.0 0.0.0.0" to permit >> > > > 160.0.0.0/8. The 255.0.0.0 as a destination address >> > > > doesn't make any sense. It ought to be 0.0.0.0. Right >> > > > or wrong? Thanks, Ted >> > > >
This archive was generated by hypermail 2.1.4 : Sat Sep 07 2002 - 19:36:46 GMT-3