From: P729 (p729@xxxxxxx)
Date: Sat Jul 27 2002 - 17:13:43 GMT-3
The first one you mention sounds like 'match ip route source,' which is
documented as being able to match against extended access-lists as well as
standard ones. I've never personally used it with an extended access-list so
I can't comment on it, but perhaps the original source you cited can.
You can use boolean-type operators (ge, le) with prefix-lists to match a
range of prefix lengths. Is that what you're thinking of?
Regards,
Mas Kato
https://ecardfile.com/id/mkato
----- Original Message -----
From: "Anthony Pace" <anthonypace@fastmail.fm>
To: "P729" <p729@cox.net>; "Ted McDermott" <tedmcdermott@yahoo.com>;
<ccielab@groupstudy.com>
Sent: Saturday, July 27, 2002 11:50 AM
Subject: Re: Simple Question on Extended Access Lists
> Mas Kato,
>
> THere is one syntax I have seen and tested (in RIP) where the first
> address/inverted mask in the ACL is to "specify the neigbor who gave me
> the route", and the second address/inverted mask is the routes to be
> filtered from that neigbor.
>
> I also saw someone on this list code one that had something like the
> prefix list flavor (permit ip 172.16.0.0 0.0.255.255 host
> 255.255.255.0) but they had a variation on the second half. Instead of
> spacifying the mask for the routes as a fixed value, they had different
> values for the network and mask that suggested a range. I can't even
> remember it's syntax.
>
> I think you are correct in saying that perfix lists or route-maps
> should be able to do just about any of this, cleaner. I just wondered
> where all of this was documented.
>
> Anthony Pace
>
>
>
>
> On Fri, 26 Jul 2002 18:02:15 -0700, "P729" <p729@cox.net> said:
> > Other than some of the earlier IOS command references, not really.
> > Halabi's
> > book cites a few examples. I think they've become kind of archaic since
> > prefix-lists became available...
> >
> > Regards,
> >
> > Mas Kato
> > https://ecardfile.com/id/mkato
> > ----- Original Message -----
> > From: "Anthony Pace" <anthonypace@fastmail.fm>
> > To: "P729" <p729@cox.net>; "Ted McDermott" <tedmcdermott@yahoo.com>;
> > <ccielab@groupstudy.com>
> > Sent: Friday, July 26, 2002 3:16 PM
> > Subject: Re: Simple Question on Extended Access Lists
> >
> >
> > > Mas Kato,
> > >
> > > Are there any Cisco references that explain the more elaborate flavors
> > > of these kinds of "filter exetnded ACLs" also which protocoles use it
> > > to mean network + mask and which use it for neighbor + network..
> > >
> > >
> > > Anthony Pace
> > >
> > >
> > >
> > > On Thu, 25 Jul 2002 21:40:34 -0700, "P729" <p729@cox.net> said:
> > > > Ted,
> > > >
> > > > This form of an extended access-list is specifying that the subnet
mask
> > > > in
> > > > the update must be 255.0.0.0 and the 0.0.0.0 wildcard mask for it
means
> > > > it
> > > > must be an exact match.
> > > >
> > > > Regards,
> > > >
> > > > Mas Kato
> > > > https://ecardfile.com/id/mkato
> > > > ----- Original Message -----
> > > > From: "Ted McDermott" <tedmcdermott@yahoo.com>
> > > > To: <ccielab@groupstudy.com>
> > > > Sent: Thursday, July 25, 2002 8:27 PM
> > > > Subject: Simple Question on Extended Access Lists
> > > >
> > > >
> > > > > On page 2 of 10 of the Cisco - BGP Case Studies
> > > > > Section 3
> > > > > (http:/www.cisco.com/warp/customer/459/15.html), the
> > > > > author uses "access-list 101 permit ip 160.0.0.0
> > > > > 0.255.255.255 255.0.0.0 0.0.0.0" to permit
> > > > > 160.0.0.0/8. The 255.0.0.0 as a destination address
> > > > > doesn't make any sense. It ought to be 0.0.0.0. Right
> > > > > or wrong? Thanks, Ted
> > > > >
This archive was generated by hypermail 2.1.4 : Sat Sep 07 2002 - 19:36:46 GMT-3