From: Scott Livingston (scottl@sprinthosting.net)
Date: Wed Feb 12 2003 - 15:46:06 GMT-3
Kinda OT, but wanted to give me .02
I used to only concern myself with allowing all evens or all odds and
not worrying about tightening it up. After a bunch of IPexperts labs I
figured I better learn how to do only allow what is required.
You might already know how to do this, but just wanted to chime in.
BTW; I am no expert at it myself, but if you did want to tighten it up
you would use the following;
permit 198.5.52.0 0.0.2.255 <<< Please someone double check me here - I
might be wrong.
Thank You,
scott
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Sage Vadi
Sent: Wednesday, February 12, 2003 4:23 AM
To: ccielab@groupstudy.com
Subject: RE: ACL's: Even/Odd -- allow EVEN
All,
Receive the following RIPv1 routes (ingress).
198.5.51.0 in 1 hops
198.5.52.0 in 1 hops
198.5.53.0 in 1 hops
198.5.54.0 in 1 hops
Want to permit only the EVEN networks. My calculation
as follows:
52 = 00110100
54 = 00110110
Accordingly we have to do an inverse mask that matches
on the LAST bit (even numbers). That is what I have
done and tested on a subnet calculator (it seems to
bring out the correct addresses).
Hence -
permit ip 198.5.0.0 0.0.254.255 any
Would permit ALL even networks (til 254). Which is
fine, I don't care how speficic.
Q) When I apply this inbound on my egress interface
where I'm receiving this routes - it just doesn't
work?!?!
What stupid thing am I doing? I feel like bashing this
monitor...
rgds,
Sage
This archive was generated by hypermail 2.1.4 : Sat Mar 01 2003 - 11:06:20 GMT-3