RE: Something New (the myths we believe)

From: Brian McGahan (bmcgahan@internetworkexpert.com)
Date: Thu Oct 14 2004 - 14:30:17 GMT-3

• Next message: ccie2be: "DHCP"
• Previous message: ccie2be: "Warm reload"
• Maybe in reply to: Joe Rinehart: "Something New (the myths we believe)"
• Next in thread: Joe Rinehart: "Re: Something New (the myths we believe)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

A numbered access-list is really a named access-list with a name that is
a number. Credit Brian Dennis with this little stupid router trick.

Rack2R6#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Rack2R6(config)#access-list 100 permit tcp any any
Rack2R6(config)#access-list 100 permit udp any any
Rack2R6(config)#access-list 100 permit ospf any any
Rack2R6(config)#access-list 100 permit eigrp any any
Rack2R6(config)#do show access-list 100
Extended IP access list 100
    permit tcp any any
    permit udp any any
    permit ospf any any
    permit eigrp any any
Rack2R6(config)#ip access-list extended 100
Rack2R6(config-ext-nacl)#no permit udp any any
Rack2R6(config-ext-nacl)#end
Rack2R6#show access-list 100
Extended IP access list 100
    permit tcp any any
    permit ospf any any
    permit eigrp any any

Cool huh?

Brian McGahan, CCIE #8593
bmcgahan@internetworkexpert.com

Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987 x 705
Outside US: 775-826-4344 x 705
24/7 Support: http://forum.internetworkexpert.com
Live Chat: http://www.internetworkexpert.com/chat/

> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
Of
> ccie
> Sent: Thursday, October 14, 2004 2:17 AM
> To: ccielab@groupstudy.com
> Subject: FW: Something New (the myths we believe)
>
> -----Original Message-----
> From: ccie
> Sent: 14 October 2004 08:07
> To: 'Brian McGahan'
> Subject: RE: Something New (the myths we believe)
>
>
> Hi Brian/group
>
> So how do you remove a line from an access-list without recreating the
> whole list?
>
> TIA
>
> Mark
>
> -----Original Message-----
> From: Brian McGahan [mailto:bmcgahan@internetworkexpert.com]
> Sent: 13 October 2004 18:18
> To: Gene Thorne; ccielab@groupstudy.com
> Subject: RE: Something New (the myths we believe)
>
>
> Better yet that you can't remove a line out of a numbered access-list
> without destroying and recreating the entire list. (you can)
>
> "no arp frame-relay" stops inverse-arp replies (it doesn't)
>
> ppp authentication is a two way process (it's not)
>
> Don't start listing these behaviors as "gotchas" though, they
> are simply technologies that the fundamental behaviors are
> misunderstood. Most of these "myths" can be eliminated by simply
trying
> the configuration out and seeing how it works firsthand on the command
> line.
>
> Brian McGahan, CCIE #8593
> bmcgahan@internetworkexpert.com
>
> Internetwork Expert, Inc.
> http://www.InternetworkExpert.com
> Toll Free: 877-224-8987 x 705
> Outside US: 775-826-4344 x 705
> 24/7 Support: http://forum.internetworkexpert.com
> Live Chat: http://www.internetworkexpert.com/chat/
>
>
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> Of
> > Gene Thorne
> > Sent: Wednesday, October 13, 2004 12:12 PM
> > To: ccielab@groupstudy.com
> > Subject: RE: Something New (the myths we believe)
> >
> > My favorite myth is that static routes pointing to an interface have
> an
> > admin distance of 0, not 1.
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf
Of
> > Joe Rinehart
> > Sent: Wednesday, October 13, 2004 12:02 PM
> > To: ccielab@groupstudy.com
> > Subject: Something New (the myths we believe)
> >
> >
> > Just when you think you have things halfway figured out you realize
> how
> > far
> > off your perceptions can be. I had two "revelations" while working
on
> the
> > Netmaster DoIt lab #1 (its pretty grueling, in a good way). There
> were
> > two
> > things that really bit me because I thought I knew these for
> certain....
> >
> > Myth#1 A Catalyst 3550 cannot do BGP.
> >
> > When the lab asked for this I thought it was a joke, and to be
honest
> I
> > cannot remember where I picked this idea up, but a quick check on
the
> doc
> > CD
> > and I found my face turning red (proverbially speaking). I think I
> was
> > relying on a "features not supported" on one of the CCIE Cisco Press
> study
> > books... In any case there are some limitations but it does indeed
> > support BGP....
> >
> > Myth#2 Subinterfaces cannot coexist with natural interfaces on the
> same
> > physical interface.
> >
> > This one blew me away. When I read the question I figured it was
one
> of
> > those "trick answers" that just had to be interpreted, so I did a
> > multipoint subinterface and a point to point subinterface. When I
was
>
> > working
> though
> > the answer key I was rather taken aback to see that it was on the
> physical
> > interface. Still a skeptic, I removed the multipoint subinterface,
> put
> > the
> > code on the main interface (leaving the P2P subif) and then reloaded
> the
> > router. I was shocked it worked.
> >
> > I think my reason for posting this is just to see if there have been
> any
> > other experiences like this for other folks and what those
assumptions
> > were. After all, there is a saying about assume.....
> >
> > Joe Rinehart, CCNP, CCDP
> > Data Network Consultant, AT&T Corporation
> > Pacific Northwest Enterprise Markets
> >
> >
>

• Next message: ccie2be: "DHCP"
• Previous message: ccie2be: "Warm reload"
• Maybe in reply to: Joe Rinehart: "Something New (the myths we believe)"
• Next in thread: Joe Rinehart: "Re: Something New (the myths we believe)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Nov 06 2004 - 17:11:47 GMT-3