From: Scott Morris (swm@emanon.com)
Date: Thu Dec 22 2005 - 23:52:36 GMT-3
So you're saying the mask would be 8.20.20.8???
First, that's mathematically incorrect but we'll worry about that in a
moment.
Second, look at the mask in binary:
00001000.00010100.00010100.00001000... There are 6 one-bits in there. 2^6
= 64 matches to that mask alone. You only listed two things to match.
If you are FORCED to come up with a one-line ACL that may be acceptable,
otherwise I would advise against it. If you don't care how many extra
things you're permitting or denying just use "any any" to save the brain
power.
So on the math side, I think you're looking at it wrong for what bits go
where. If your two values have a bit in common you do NOT put a one-bit in
the mask. The XOR would be 0. So your 8-bit-position value, since they
both have it would yeild a 0 in that position whereas the 32 and 4 bit
positions would have a 1 in the mask.
So to get them in one line:
00100010.00001010.00001010.00100010 which is worse because it gives 8 bits
of 1's in the mask and 2^8 = 256 matches.
34.10.10.34 would be your mask if your were FORCED to come up with a
one-line ACL. IMHO this is rare and not incredibly bright. If your lab
tells you to do it, well... Just do it. ;)
Scott
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Venkatesh Palani
Sent: Thursday, December 22, 2005 9:28 PM
To: Scott Morris
Cc: Farrukh Haroon; Khurana, Sameer; Emil Patel; Nawaz, Ajaz; nenad pudar;
bmcgahan@internetworkexpert.com; ccielab@groupstudy.com
Subject: Re: Question for Brian McGahan and others
sorry I just realized there is a TYPO
vlaue for 30 is 16+8+4+2 and not 16+4+2.
ThanX
On 12/23/05, Venkatesh Palani <kvpalani@gmail.com> wrote:
>
>
> Hi All,
>
> Thanks Scott, I personllay dont use binary rather I use Decimal.
>
> below is the technique
>
> for instance lets take the same example from IE
>
> 10.20.30.40
> 40.30.20.10
>
> to find a access list for these address with overlapping networks I
> wld write the aboves address as shown below
>
> [8+2].[16+4].[16+4+2].[32+8]
> [32+8].[16+4+2].[16+4].[8+2]
>
> and the common vlaues in two colums shld represent the network
> address and the remaining shld fall back as wild cad mask
>
>
> in this case it will be
>
> 8.[16+4].[16+4].[8] = 8.20.20.8
>
> and the wild card mask is the sum of the left overs(the vlaues that
> were not used in the network address) in each octects from all the
> rows(in this case only two rows)
>
> [32+2].[8+2].[8+2].[32+2] = 34.10.10.34
>
>
> This shld work for any no of rows , this works better for me rather
> than those AND and XOR operations. Any comments are welcome.
>
>
> Thanx,
>
> Venkatesh
>
>
> On 12/23/05, Scott Morris <swm@emanon.com> wrote:
> >
> > From: http://en.wikipedia.org/wiki/Xor
> >
> > The case of a three, or more, input XOR operation tends to be an
> > ill-considered case. An XOR operation with three simultaneous inputs
> > is not so easily expressed in most popular programming languages.
> > When expressed as successive binary operations the result is a
> > simple parity, giving a TRUE result for any odd number of TRUE
> > inputs.
> > three ones XORed simultaneously
> >
> > When taken as a multi-input black box whose operation follows the
> > formal
> >
> > definition and yields the result TRUE when one, and only one, of its
> > inputs is TRUE, the behaviour is inconsistent with the successive
> > binary mode.
> > For
> > example; in the case where three inputs are all TRUE (as shown on
> > the right, in the IEC symbology to emphasise the definition) the
> > result would have to be FALSE because it does not meet the condition
> > that "only one of its inputs is TRUE".
> > [edit]
> >
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto: nobody@groupstudy.com] On
> > Behalf Of Farrukh Haroon
> > Sent: Thursday, December 22, 2005 3:54 PM
> > To: Khurana, Sameer
> > Cc: Emil Patel; Nawaz, Ajaz; nenad pudar;
> > bmcgahan@internetworkexpert.com; ccielab@groupstudy.com
> > Subject: Re: Question for Brian McGahan and others
> >
> > what happened to the definition of XOR I learnt in college....
> >
> > Odd Number of 1's in input Results in Output of 1, Output = 0
> > otherwise...
> >
> > ??
> >
> > On 12/22/05, Khurana, Sameer < SKHURANA@amfam.com> wrote:
> > >
> > > I think you meant by column ;)
> > >
> > > Concept remains the same if its 4 rows, 5 rows or 10 rows.
> > >
> > > -----Original Message-----
> > > From: nobody@groupstudy.com [mailto: nobody@groupstudy.com] On
> > > Behalf Of Emil Patel
> > > Sent: Thursday, December 22, 2005 11:37 AM
> > > To: 'Nawaz, Ajaz'; 'nenad pudar'; bmcgahan@internetworkexpert.com
> > > ; ccielab@groupstudy.com
> > > Subject: RE: Question for Brian McGahan and others
> > >
> > >
> > > If the row is dissimilar the end result is 1.
> > >
> > >
> > > -----Original Message-----
> > > From: nobody@groupstudy.com [mailto: nobody@groupstudy.com] On
> > > Behalf Of Nawaz, Ajaz
> > > Sent: Thursday, December 22, 2005 11:05 AM
> > > To: 'Emil Patel'; 'nenad pudar'; bmcgahan@internetworkexpert.com;
> > > ccielab@groupstudy.com
> > > Subject: RE: Question for Brian McGahan and others
> > >
> > > What happens when you increase the #vertical rows and apply
> > > various combinations of 1's and 0's.
> > >
> > > Let's try 5rows?
> > >
> > > Tia
> > > Ajaz Nawaz
> > >
> > >
> > > -----Original Message-----
> > > From: nobody@groupstudy.com [mailto: nobody@groupstudy.com ] On
> > > Behalf Of Emil Patel
> > > Sent: 22 December 2005 17:07
> > > To: 'nenad pudar'; bmcgahan@internetworkexpert.com;
> > > ccielab@groupstudy.com
> > > Subject: RE: Question for Brian McGahan and others
> > >
> > > In XOR , if bit in a column is dissimilar result is 1. You do not
> > > add bit row by row.
> > >
> > > -----Original Message-----
> > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
> > > Behalf Of Emil Patel
> > > Sent: Thursday, December 22, 2005 10:49 AM
> > > To: 'nenad pudar'; bmcgahan@internetworkexpert.com;
> > > ccielab@groupstudy.com
> > > Subject: RE: Question for Brian McGahan and others
> > >
> > > 128 64 32 16 8 4 2 1
> > >
> > > 0 0 0 0 0 0 0 0
> > > 0 0 0 0 0 1 0 0
> > > 0 0 1 0 0 0 0 0
> > > 0 0 1 0 0 1 0 0
> > > ___________________________________________
> > > 0 0 1 0 0 1 0 0 = 36
> > >
> > > All vertical bits are checked XOR and if they are:
> > > (0+0)=0
> > > (0+1)=1
> > > (1+1)=0
> > > (1+0)=1
> > >
> > >
> > > -----Original Message-----
> > > From: nobody@groupstudy.com [mailto: nobody@groupstudy.com] On
> > > Behalf Of nenad pudar
> > > Sent: Wednesday, December 21, 2005 7:57 PM
> > > To: bmcgahan@internetworkexpert.com; ccielab@groupstudy.com
> > > Subject: Question for Brian McGahan and others
> > >
> > > Hi Brian
> > > I have the question regarding your paper on Computing Access-List
> > > and Wildcard Pairs
> > >
> > > There you have
> > >
> > > 00000000
> > > 00000100
> > > 00100000
> > > 00100100
> > > _________
> > > XOR
> > > 00100100=36****
> > >
> > > I cannot get this trying in any way (for third column)
> > >
> > > 1) (((0 XOR 0) XOR 1) XOR 1)= ((0 XOR 1) XOR 1)= 1 XOR 1 =0
> > >
> > > 2) (0 XOR 0) XOR (1 XOR 1) = 0 XOR 0 = 0
> > >
> > > I am doing something wrong or there is some other trick here ?
> > >
> > >
> > > thanks
> > > nenad
> > >
> > > __________________________________________________________________
> > > ____
> >
> > > _ Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> > >
> > > __________________________________________________________________
> > > ____ _ Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> > >
> > > __________________________________________________________________
> > > ____ _ Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> > >
> > > -----------------------------------------
> > > Information in this email may be privileged, confidential and is
> > > intended exclusively for the addressee. The views expressed may
> > > not be
> >
> > > official policy, but the personal views of the originator. If you
> > > have received it in error, please notify the sender by return
> > > e-mail and delete it from your system. You should not reproduce,
> > > distribute, store, retransmit, use or
> > > disclose its contents to anyone. Please note we reserve the right
> > to
> > > monitor all e-mail communication through our internal and external
> > > networks.
> > >
> > > __________________________________________________________________
> > > ____
> >
> > > _ Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> > >
> > > __________________________________________________________________
> > > ____
> >
> > > _ Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> > >
> > > __________________________________________________________________
> > > ____
> >
> > > _ Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> >
> > ____________________________________________________________________
> > ___ Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> > ____________________________________________________________________
> > ___ Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Mon Jan 09 2006 - 07:07:52 GMT-3