From: Cassidy D. Smith (csmith@plannetconsulting.com)
Date: Tue Feb 11 2003 - 04:33:07 GMT-3
This is fine as a "route" filter, however as "traffic" filter it would block
all hosts, due to the fact that nothing other than zero would match.
Cassidy.
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
tan
Sent: Monday, February 10, 2003 10:59 PM
To: 'Scott Morris'; 'Jung, Jin'; 'Cezar Fistik'; ccielab@groupstudy.com
Subject: RE: ACL's: Even/Odd permit/deny
If going for greatest accurary, why not put zero in the last octet of mask
as well? Could this be interpreted as wrong in some situation?
198.5.52.0 0.0.2.0
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> Scott Morris
> Sent: Sunday, February 09, 2003 9:17 AM
> To: 'Jung, Jin'; 'Cezar Fistik'; ccielab@groupstudy.com
> Subject: RE: ACL's: Even/Odd permit/deny
>
>
> 0.0.254.255 would work fine, but the problem is that you
> permit a WHOLE
> lot more than JUST those two subnets. That is sloppy math, and (in my
> mind) would therefore be wrong.
>
> When I tell you to permit SMTP to your mail server, do you permit your
> entire IP range to port 25? Nope. Do you permit any port to
> that host?
> Nope.
>
> Specific matches with no overflow.
>
> Scott
>
> -----Original Message-----
> From: Jung, Jin [mailto:jin.jung@lmco.com]
> Sent: Saturday, February 08, 2003 7:05 PM
> To: 'Scott Morris'; 'Cezar Fistik'; ccielab@groupstudy.com
> Subject: RE: ACL's: Even/Odd permit/deny
>
>
> Lo0ks like
>
> Acces-list 5 permit 198.5.52.0 0.0.254.255 works fine..
>
> 10.0.0.0/24 is subnetted, 4 subnets
> O E2 10.6.6.0 [130/20] via 172.31.100.6, 00:00:04, Serial0.1
> O E2 10.5.5.0 [130/20] via 172.31.100.5, 00:00:04, Serial0.1
> C 10.12.12.0 is directly connected, Serial0.2
> C 10.2.2.0 is directly connected, Loopback0
> R 198.5.52.0/24 [120/1] via 172.31.101.2, 00:00:05, Serial0.2
> R 198.5.54.0/24 [120/1] via 172.31.101.2, 00:00:05, Serial0.2
>
> -----Original Message-----
> From: Scott Morris [mailto:swm@emanon.com]
> Sent: Saturday, February 08, 2003 3:57 PM
> To: 'Cezar Fistik'; ccielab@groupstudy.com
> Subject: RE: ACL's: Even/Odd permit/deny
>
>
> Because that would take all the fun out of it! And we all
> know that the
> CCIE test is all about fun. ;)
>
> Binary manipulation is good to know, and also used in lots of the
> practice labs too...
>
> Scott
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
> Behalf Of
> Cezar Fistik
> Sent: Saturday, February 08, 2003 11:51 AM
> To: ccielab@groupstudy.com
> Subject: Re: ACL's: Even/Odd permit/deny
>
>
> Why not to consider a simpler solution, like
>
> permit 198.5.52.0 0.0.0.255
> permit 198.5.54.0 0.0.0.255
>
> Or the scenario conditions say that only one ACL line should be used?
>
> Regards,
>
> Cezar Fistik
>
>
> ----- Original Message -----
> From: "Sage Vadi" <sagevadi@yahoo.co.uk>
> To: <ccielab@groupstudy.com>
> Sent: Saturday, February 08, 2003 3:41 AM
> Subject: ACL's: Even/Odd permit/deny
>
>
> > All,
> >
> > Trying to permit these* even networks:
> >
> > 198.5.51.0
> > 198.5.52.0*
> > 198.5.53.0
> > 198.5.54.0*
> >
> > ACL I use:
> >
> > permit 198.5.0.0 0.0.254.255
> >
> > Q) I'm redistributing these RIP learnt networks into
> > OSPF, since I can't use a distribute-list (lab req)
> > I'm using ACL and route-map. Basically the route-map
> > says match the above ACL.
> >
> > Problem is - when I do so ALL of the networks are sent
> > into OSPF. Q) Any ideas, is my ACL right?
> >
> > Cheers,
> > Sage
> >
> >
> >
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Everything you'll ever need on one web page
> > from News and Sport to Email and Music Charts
> http://uk.my.yahoo.com .
> .
.
This archive was generated by hypermail 2.1.4 : Sat Mar 01 2003 - 11:06:18 GMT-3