RE: Access List

From: Scott Morris (swm@emanon.com)
Date: Fri Feb 06 2004 - 12:25:46 GMT-3

• Next message: pbubienczyk@szczesliwice.pl: "RE: Access List"
• Previous message: Scott Morris: "RE: Access List"
• Maybe in reply to: richardyun@adelphia.net: "Access List"
• Next in thread: pbubienczyk@szczesliwice.pl: "RE: Access List"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Is overlapping 16,384 networks much better than overlapping 256 networks???
(3 = 2 bits, 41 = 3 bits, 50 = 3 bits --> 8 bits total)

121.10.17.0
122.35.35.0

Those two do not summarize together. But you have your mask/network wrong
anyway...

Even the nicely paired 2nd and 4th there still has 2 bits of difference
total, meaning you'll get 4 matches to your mask!
(111.16, 111.24, 127.16, 127.24)

Either way though, you're hosed on those. But you're correct with your
first statement... They can't be done in two lines!

HTH,

 
Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, CISSP,
JNCIS, et al.
IPExpert CCIE Program Manager
IPExpert Sr. Technical Instructor
swm@emanon.com/smorris@ipexpert.net
http://www.ipexpert.net

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
pbubienczyk@szczesliwice.pl
Sent: Friday, February 06, 2004 4:47 AM
To: richardyun@adelphia.net
Cc: ccielab@groupstudy.com
Subject: Re: Access List

Hello
  There is no way to block ONLY this networks with 2 access-lists
statements.
  With overlaping networks you could write your access-list with one line
(but it'll overlap 16384 networks) :
    permit 104.0.0.0 23.59.55.0 - if my manual calculatioms are correct :)
  or with two (summarizing 1st add with 3rd and 2nd with 4th) :
    permit 112.2.1.0 3.41.50.0
    permit 111.16.6.0 16.8.0.0

  there is a nice acces-list white paper on internetworkexpert site

hth - pb

Quoting richardyun@adelphia.net:

> Hello,
>
> How can I block the following networks from going out of particular
> interface
>
> (say serial 1 on a router) using just two lines for access-list ?
>
> 121.10.17.0
> 127.24.6.0
> 122.35.35.0
> 111.16.6.0
>
> Thanks,
>
> Richard
>
> ______________________________________________________________________
> _ Please help support GroupStudy by purchasing your study materials
> from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: pbubienczyk@szczesliwice.pl: "RE: Access List"
• Previous message: Scott Morris: "RE: Access List"
• Maybe in reply to: richardyun@adelphia.net: "Access List"
• Next in thread: pbubienczyk@szczesliwice.pl: "RE: Access List"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Mar 05 2004 - 07:13:47 GMT-3