From: Yasser Abdullah (yasser@alharbitelecom.com)
Date: Mon Jun 07 2004 - 11:23:36 GMT-3
Yasser,
To find out the number of subnets allowed, check the output of the XOR
operation. The number of '1' bits indicate how many subnets were allowed by
the access-list. For example, if you XOR generated the following 0110001,
you have 3 '1', then you are allowing 2^3 = 8 subnets
Brgds,
Yasser
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Yasser Aly
Sent: Monday, June 07, 2004 1:45 PM
To: ccielab@groupstudy.com
Subject: ACL with minimum lines
Hello,
Task is asking to deny some hosts with the min lines necessary in access
list. It is also asking to to deny traffic from any other host.
Hosts are:
51.3.0.1
51.5.0.1
51.7.0.1
51.3.0.9
51.5.0.9
51.7.0.9
Solution:
======
access-list 1 deny 51.3.0.1 0.0.0.8
access-list 1 deny 51.5.0.1 0.2.0.8
access-list 1 permit any
Question:
======
How to verify that this really didn't block any other hosts ??
I know the login behind this solution " AND the networks to the the network,
XOR t get the mask "
However, I need to hear your feedback about how to make sure that this
didn't really break it up.
I was thinking of the following as a solution
access-list 1 deny 51.3.0.1 0.0.0.8
access-list 1 deny 51.5.0.1 0.0.0.8
access-lisy 1 deny 51.7.0.1 0.0.0.8
access-list 1 permit any
Thanks for your feedback.
Yasser
This archive was generated by hypermail 2.1.4 : Sat Jul 03 2004 - 19:40:34 GMT-3