From: Scott Morris (swm@emanon.com)
Date: Thu Oct 06 2005 - 12:15:20 GMT-3
200.0.1.2
200.0.3.2
200.0.3.10
200.0.1.18
200.0.3.26
200.0.1.10
200.0.3.18
200.0.1.26
Third Octet:
1 00000001
3 00000011
Diff 00000010 = .2 Mask
Fourth Octet:
2 00000010
10 00001010
18 00010010
26 00011010
Diff 00011000 = .24 Mask
Remember that the router sees these things simply as strings of 32 bits.
It's only our little brains that need the dotted-decimal octet
representations. :)
200.0.1.2 0.0.2.24 mask will give a total of three bits of difference. 2^3
yields 8 matches, and we have 8 lines listed.
Scott
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Carl
Willias
Sent: Thursday, October 06, 2005 11:02 AM
To: Lee Donald; Leigh Harrison; ccielab@groupstudy.com
Subject: Re: Double Check access-list
I think the answer is
200.0.3.2 0.0.0.24
200.0.1.2 0.0.0.24
CW
----- Original Message ----
From: Lee Donald <Lee.Donald@t-systems.co.uk>
To: Leigh Harrison <ccileigh@gmail.com>; ccielab@groupstudy.com
Sent: Thursday, October 06, 2005 9:05:05 AM
Subject: RE: Double Check access-list
Leigh,
How's it going? Your access-list does work however it also includes other
hosts with your list that your not suppose to deny, for example 200.0.2.16
would also be denied using your list but the question does not ask for that.
Regards
Lee.
-----Original Message-----
From: Leigh Harrison [mailto:ccileigh@gmail.com]
Sent: 06 October 2005 14:49
To: ccielab@groupstudy.com
Subject: Double Check access-list
Hey there,
Could someone double check this for me? I think I've been staring at the
screen too long....
From IEWB lab vol 1 17 Q.10
Use the minumum lines necessary to deny these hosts:-
200.0.1.2
200.0.3.2
200.0.3.10
200.0.1.18
200.0.3.26
200.0.1.10
200.0.3.18
200.0.1.26
I worked it out like this:-
128 64 32 16 8 4 2 1 #
0 0 0 0 0 0 0 1 1
0 0 0 0 0 0 1 1 3
0 0 0 0 0 0 1 0 2
0 0 0 0 1 0 1 0 10
0 0 0 1 0 0 1 0 18
0 0 0 1 1 0 1 0 26
From that, in the third octet, the only bit that cnages is 2 and both
variables are present. In the fourth octet, the only bits that change are
the 16 and 8 bits and all 4 variables are present.
So I came up with :-
access-list 1 deny 200.0.1.2 0.0.2.24
access-list 1 permit any
However, the official answer is:-
access-list 1 deny 200.0.1.2 0.0.2.8
access-list 1 deny 200.0.1.18 0.0.2.0
access-list 1 deny 200.0.1.26 0.0.2.0
access-list 1 permit any
Am I missing something ?!?
Time for a brew.....
LH
This archive was generated by hypermail 2.1.4 : Sun Nov 06 2005 - 22:00:49 GMT-3