From: Raymond Doucette (raymond_doucette@msn.com)
Date: Thu Dec 19 2002 - 11:44:47 GMT-3
The list you gave will deny everything since there is no permit. ;-)
However, looking at your example statement in isolation it appears it
would deny any source MAC from talking to any MAC that had a value of 0
through 7 in the second hex digit.
Here's the binary breakdown:
OCTET 1 2 3 4 5 6
MAC 0000 0001 0000 0000. 0000 0000 0000 0000. 0000 0000 0000 0000
MASK 1111 0111 1111 1111 1111 1111 1111 1111 1111 1111 1111 1111
Notice how the wildcard mask locks down the bit in the 5th position -
this bit is therefore required to be 0. We don't care about the 1 bit in
the 8th bit position since we ignore this according to the mask.
So the following values match and would be denied:
0000 0001 0010 0011 0100 0101 0110 0111
And these do not match and would not be denied by your example
statement:
1000 1001 1010 1011 1100 1101 1110 1111
In hex, your denied mac addresses would look similar to:
x[0-7]xx.xxxx.xxxx
Raymond
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
OhioHondo
Sent: Friday, December 13, 2002 9:59 AM
To: abderrahim Ibnamar; ccielab@groupstudy.com
Subject: RE: Mac Access-list
Any source MAC to any destination MAC that has the following bit
pattern?
xxxx xxx1 xxxx xxxx.xxxx xxxx xxxx xxxx.xxxx xxxx xxxx xxxx.xxxx xxxx
xxxx
xxxx
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
abderrahim Ibnamar
Sent: Friday, December 13, 2002 4:39 AM
To: ccielab@groupstudy.com
Subject: Mac Access-list
Hi guys,
What does this access-list deny?
access-list 1100 deny 0000.0000.0000 ffff.ffff.ffff 0100.0000.0000
feff.ffff.ffff
Thanks
This archive was generated by hypermail 2.1.4 : Fri Jan 17 2003 - 17:21:49 GMT-3