From: Brian Dennis (brian@labforge.com)
Date: Mon Feb 24 2003 - 03:43:02 GMT-3
Think of it like this: if you are trying to match those exact networks
why would you need the last octet to be "any" (0.0.254.255) when you
know that the last octet is "0" (192.168.X.0)?
Brian Dennis, CCIE #2210 (R&S/ISP Dial/Security)
brian@labforge.com
http://www.labforge.com
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Tran Tien Phong
Sent: Sunday, February 23, 2003 7:52 PM
To: ccielab@groupstudy.com
Subject: Question about Prefix filtering
Hi guys,
For example, there are following network:
192.168.1.0
192.168.2.0
192.168.3.0
192.168.4.0
192.168.5.0
192.168.6.0
192.168.7.0
192.168.8.0
The question asks me to filter the odd routes, I think there are two
working configs:
1.
access-list 1 deny 192.168.1.0 0.0.254.255
access-list 1 permit any
2.
access-list 1 deny 192.168.1.0 0.0.254.0
access-list 1 permit any
Both of the configs will work well but which one is better and more
correct?
Thanks.
This archive was generated by hypermail 2.1.4 : Sat Mar 01 2003 - 11:06:33 GMT-3