From: kym blair (kymblair@hotmail.com)
Date: Sat Feb 08 2003 - 23:18:35 GMT-3
The specific match would be: 198.5.52.0 0.0.2.0
X.X.52.X = X.X.00110100.X
X.X.54.X = X.X.00110110.X
52/54 mask = 00000010
Mask uses "0" to indicate exact match. Therefore:
198.5.52.0 0.0.2.0
-or-
198.5.54.0 0.0.2.0
QUIZ 2:
How would you match:
198.5.35.0
198.5.43.0
198.5.51.0
198.5.59.0
I believe the one-line solution would be:
35 = 00100011
43 = 00101011
51 = 00110011
59 = 00111011
mask 00011000 = 24
===> 198.5.35.0 0.0.24.0
NOTE: If you're talking about a route, then you want to match the 4th octet
too, so end the mask with "0"; if you're talking about filtering packets,
then don't match the last octet, and end mask with "255".
HTH, Kym
>From: "OhioHondo" <ohiohondo@columbus.rr.com>
>Reply-To: "OhioHondo" <ohiohondo@columbus.rr.com>
>To: "Scott Morris" <swm@emanon.com>, "'Jung, Jin'" <jin.jung@lmco.com>,
> "'Cezar Fistik'" <cfistik@moldovacc.md>, <ccielab@groupstudy.com>
>Subject: RE: ACL's: Even/Odd permit/deny
>Date: Sat, 8 Feb 2003 19:49:29 -0500
>
>A specific match would be
>
>198.5.52.0 0.0.2.255
>
>-----Original Message-----
>From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
>Scott Morris
>Sent: Saturday, February 08, 2003 7:17 PM
>To: 'Jung, Jin'; 'Cezar Fistik'; ccielab@groupstudy.com
>Subject: RE: ACL's: Even/Odd permit/deny
>
>
>0.0.254.255 would work fine, but the problem is that you permit a WHOLE
>lot more than JUST those two subnets. That is sloppy math, and (in my
>mind) would therefore be wrong.
>
>When I tell you to permit SMTP to your mail server, do you permit your
>entire IP range to port 25? Nope. Do you permit any port to that host?
>Nope.
>
>Specific matches with no overflow.
>
>Scott
>
>-----Original Message-----
>From: Jung, Jin [mailto:jin.jung@lmco.com]
>Sent: Saturday, February 08, 2003 7:05 PM
>To: 'Scott Morris'; 'Cezar Fistik'; ccielab@groupstudy.com
>Subject: RE: ACL's: Even/Odd permit/deny
>
>
>Lo0ks like
>
>Acces-list 5 permit 198.5.52.0 0.0.254.255 works fine..
>
> 10.0.0.0/24 is subnetted, 4 subnets
>O E2 10.6.6.0 [130/20] via 172.31.100.6, 00:00:04, Serial0.1
>O E2 10.5.5.0 [130/20] via 172.31.100.5, 00:00:04, Serial0.1
>C 10.12.12.0 is directly connected, Serial0.2
>C 10.2.2.0 is directly connected, Loopback0
>R 198.5.52.0/24 [120/1] via 172.31.101.2, 00:00:05, Serial0.2
>R 198.5.54.0/24 [120/1] via 172.31.101.2, 00:00:05, Serial0.2
>
>-----Original Message-----
>From: Scott Morris [mailto:swm@emanon.com]
>Sent: Saturday, February 08, 2003 3:57 PM
>To: 'Cezar Fistik'; ccielab@groupstudy.com
>Subject: RE: ACL's: Even/Odd permit/deny
>
>
>Because that would take all the fun out of it! And we all know that the
>CCIE test is all about fun. ;)
>
>Binary manipulation is good to know, and also used in lots of the
>practice labs too...
>
>Scott
>
>-----Original Message-----
>From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
>Cezar Fistik
>Sent: Saturday, February 08, 2003 11:51 AM
>To: ccielab@groupstudy.com
>Subject: Re: ACL's: Even/Odd permit/deny
>
>
>Why not to consider a simpler solution, like
>
>permit 198.5.52.0 0.0.0.255
>permit 198.5.54.0 0.0.0.255
>
>Or the scenario conditions say that only one ACL line should be used?
>
>Regards,
>
>Cezar Fistik
>
>
>----- Original Message -----
>From: "Sage Vadi" <sagevadi@yahoo.co.uk>
>To: <ccielab@groupstudy.com>
>Sent: Saturday, February 08, 2003 3:41 AM
>Subject: ACL's: Even/Odd permit/deny
>
>
> > All,
> >
> > Trying to permit these* even networks:
> >
> > 198.5.51.0
> > 198.5.52.0*
> > 198.5.53.0
> > 198.5.54.0*
> >
> > ACL I use:
> >
> > permit 198.5.0.0 0.0.254.255
> >
> > Q) I'm redistributing these RIP learnt networks into
> > OSPF, since I can't use a distribute-list (lab req)
> > I'm using ACL and route-map. Basically the route-map
> > says match the above ACL.
> >
> > Problem is - when I do so ALL of the networks are sent
> > into OSPF. Q) Any ideas, is my ACL right?
> >
> > Cheers,
> > Sage
> >
> >
> >
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Everything you'll ever need on one web page
> > from News and Sport to Email and Music Charts http://uk.my.yahoo.com .
>.
>.
This archive was generated by hypermail 2.1.4 : Sat Mar 01 2003 - 11:06:17 GMT-3