From: Brian McGahan (brian@xxxxxxxxxxxxxxx)
Date: Tue Jan 01 2002 - 11:38:44 GMT-3
Unfortunately no one has gotten it right in this thread yet. If
you write out the classes in binary, you can see that all class A
addresses start with a 0 (most significant bit), all class B with 10,
class C, 110, class D 1110, class E 1111. It's the first 4 most
significant bits that determine the class of an address.
To match on classful networks, we not only have to match on the
prefix, but also the prefix-length. Therefore, to accept only classful
networks, all class A's would have to have a mask of 8, B 16, C 24, etc.
This can be accomplished with either a prefix-list or an extended
access-list. Suppose we are matching class A addresses. The first bit
must be 0, and the mask must be 8.
Ip prefix-list CLASS_A permit 0.0.0.0/1 ge 8 le 8
access-list 100 permit 0.0.0.0 127.0.0.0 host 255.0.0.0
The prefix-list syntax reads:
Check against the first bit of 0.0.0.0
The mask is greater than or equal to 8
The mask is also less than or equal to 8 (exactly 8)
Access-list syntax reads basically the same.
Check the first bit, it must be 0
The mask is exactly 8
I don't want to spoil all the fun, so let's see if you guys can come up
with the syntax for class B and class C.
HTH
Brian McGahan, CCIE #8593
Director of Design and Implementation
brian@cyscoexpert.com
CyscoExpert Corporation
Internetwork Consulting & Training
http://www.cyscoexpert.com
Voice: 847.674.3392
Fax: 847.674.2625
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Chaim Gev
Sent: Thursday, August 15, 2002 7:51 AM
To: ciscojunkie@teamhealth.com; EbonyGuru@aol.com;
ccielab@groupstudy.com
Subject: Re: IP PREFIX-LIST HELP!
and what about subnets of the callas B networks?
>From: "CiscoJunkie" <ciscojunkie@teamhealth.com>
>Reply-To: "CiscoJunkie" <ciscojunkie@teamhealth.com>
>To: <EbonyGuru@aol.com>, <ccielab@groupstudy.com>
>Subject: Re: IP PREFIX-LIST HELP!
>Date: Thu, 15 Aug 2002 07:59:47 -0400
>
>I hate to sound TOO logical, but if you are asked to "filter all class
B
>nets" (allow in our deny them in??), would it not simply just be:
>
>"ip refix-list zib seq 10 (permit or deny) 0.0.0.0/16"
>
>----- Original Message -----
>From: <EbonyGuru@aol.com>
>To: <ccielab@groupstudy.com>
>Sent: Thursday, August 15, 2002 4:57 AM
>Subject: IP PREFIX-LIST HELP!
>
>
> > Hey Guys,
> >
> > Can someone please help me check if this is correct:
> >
> >
> > To filter all class B nets:
> >
> > ip prefix-lis zib seq 10 permit 0.0.0.0/0 ge 16 le 24
> >
> > Please also tell me where to find a reference with configuration
>examples.
> >
> > TIA.
> >
> > E'Guru
This archive was generated by hypermail 2.1.4 : Sat Sep 07 2002 - 19:48:26 GMT-3