From: Kristof Ulrix (kristof@uk-systems.com)
Date: Fri Sep 03 2004 - 12:43:18 GMT-3
Dustin,
They are not the same, it just binary math:
Solution book
Line 1: access-list 51 deny 239.0.0.0 0.255.255.255
=> Result: Will block 239
Line 2: access-list 51 deny 224.0.0.0 1.255.255.255
=> Result: Will block 224 and 225
Line 3: access-list 51 permit 224.0.0.0 15.255.255.255
=> Result: Will pass 224,225,226,...,238 and 239
Result of acl51:
Will pass 226,227,228,...,237 and 238
Your solution: access-list 51 permit 226.0.0.0 12.255.255.255
=> will only pass 226,230,234 and 238
Your solution will not pass 227,228,229,231,232,233,235,236,237
This is why they are not the same.
HTH
Kristof.
> Hi all,
> I have a question on multicast acl. Could any one explain for me
differences b/t these 2 acl.
> Solution book:
> access-list 51deny 239.0.0.0 0.255.255.255
> access-list 51 deny 224.0.0.0 1.255.255.255
> access-list 51 permit 224.0.0.0 15.255.255.255
> Can I use as follow acl configuration instead? If no, then why can't
I? Though 224, 225, and 239 subnet will be implicitly deny, or because
this acl is multicast acl so have to be configure the deny statement.
> access-list 51 permit 226.0.0.0 12.255.255.255
>
> Thanks in advance
> Dustin
>
>
This archive was generated by hypermail 2.1.4 : Fri Oct 01 2004 - 15:00:35 GMT-3