From: joedeleonardo@cox.net
Date: Tue Aug 03 2004 - 13:52:21 GMT-3
The thing that always seemed to help me with something I was having trouble grasping was to make instructions for I was trying to learn. Write the instructions not for you but geared toward someone that has never seen the topic before.
I try to make a step by step process for implementation. When I do that I tend learn were my lack of understanding exists. Because some times topics can be a little confusing or overwhelming. By making clearn configuration tasks you can break complex tasks into easily manageable piece and parts. You don't worry about steps 1-6 on step 7 and you don't have to worry about the next 10 steps. It's just piece by piece. Explain why each step in necessary when doing the document.
Think about it. If you can't explain a command or a proceedure why are you configuring it?
It's just an idea that works for me. Hopefully it will work for you.
For this topic though, just try and keep it as simple as possible.
0 in binary mask means it must match the position.
1 in the binary mask means it can be anything.
10.0.0.0/0.255.255.255
You know what that means - it will match anything in 10.0.0.0/8
Now if you want the 4th octet to be odd. What does the forth octet always have to have? A 1 in the final place.
Because:
3 = 0011
5 = 0101
7 = 0111
See the commonality? Just write the binary out and look for what is common in everything they want you to create a subnet for.
Your mask should be 10.0.0.1/0.255.255.254
1 = 0000 0001
254 = 1111 1110
So what is this saying? The ones in the mask say I don't care. Be 1 or 0 it doesn't matter to me. The zero says the 1 must always be 1 in this position or it won't match the ACL.
Just practice and in a short time you'll be doing it in your sleep.
One word of caution. On the lab they may say, "the least number of lines possible." When the wording is like that they probably don't care about security. They probably would just like to see if you really understand how to subnet. Things that in the real world you might put into two statements could probably be squeezed into one statement. That's where I get hung up a lot. Getting past what you'd do in a production network vs what I should really do to meet the requirements on the lab.
Good luck!
Joe
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Koen Peetermans
Sent: Tuesday, August 03, 2004 9:15 AM
To: 'Joe Rinehart'; ccielab@groupstudy.com
Subject: RE: Frustrated
Joe, you can take a look at Brian's whitepaper at :
http://www.internetworkexpert.com/resources/01700370.htm
It worked for me (but needed to read it a couple of times)
Kind regards,
Koen.
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Joe
Rinehart
Sent: dinsdag 3 augustus 2004 18:09
To: ccielab@groupstudy.com
Subject: Re: Frustrated
Just a follow up...I certainly did not pass...just got the score report last
night
One of the things I am certain killed me was route filtering using ACL's and
wild card masks. I have put it in binary and looked at dozens of time but
for some reason it's just not clicking in my head. Is it indeed a logical
AND operation like reverse subnetting? Is there some print or online
resource that dissects this aspect more?
----- Original Message -----
From: "Joe Rinehart" <jjrinehart@hotmail.com>
To: <ccielab@groupstudy.com>
Sent: Friday, July 30, 2004 5:47 PM
Subject: Frustrated
> Just finished attempt #4, it's getting expensive at this point, and I am
> fairly certain I didnt pass. It was great getting to meet Hugo (also on
> this list) and others who were working on R&S. The only thing I really
> envied was the fact that their companies are able to pay for the lab
> attempts. Not including equipment I am probably at the $8000 level, and I
> doubt seriously that I will have the cash to do another run at this before
> IPV6 is added. Doesn't help that telecom revenues are abysmal so its
> unlikely that the industry will improve enough for many changes. A boot
camp
> would be nice but again there is no cash to do that either.
>
> I havent gotten my score yet, but I think all or most of you would agree
> that if you dont think you passed when you walked out of the lab, then its
> very likely that you did.
>
> It's very frustrating to have to do this a fifth time.....
This archive was generated by hypermail 2.1.4 : Fri Sep 03 2004 - 07:02:32 GMT-3