From: Kashif Masood (kashifmasood27@hotmail.com)
Date: Sun May 21 2006 - 03:32:24 ART
Thanks for your reply. So if we want to deny just the RFC 1918 for
172.16.0.0 to 172.31.0.0
the following line is correct.
172.16.0.0 0.15.255.255
Can you please confirm
Thanks
>From: Marvin Greenlee <marvingreenlee@yahoo.com>
>To: Kashif Masood <kashifmasood27@hotmail.com>, ccielab@groupstudy.com
>Subject: Re: Filtering RFC 1918
>Date: Sat, 20 May 2006 23:21:20 -0700 (PDT)
>
>.15 as a wildcard mask says that you don't care about
>the last 4 bits. This means you are matching a group
>of 16. The group of 16 starts at a multiple of 16,
>which in this case is 16, so it would match 16 to 31.
>
>
>.31 as a wildcard mask says that you don't care about
>the last 5 bits. This means you are matching a group
>of 32. The group of 32 starts at a multiple of 32,
>which would be 0, and would cover 0 to 31 (excess
>overlap)
>
>
>--- Kashif Masood <kashifmasood27@hotmail.com> wrote:
>
> > Hi Team:
> >
> > This may be a very basic question, but I am confused
> > about which access-list
> > is right
> >
> > We know that the private address range is 172.16.0.0
> > 172.31.0.0 /12
> >
> > So if we have to filter RFC 1918 addresses, which
> > access-list is right
> >
> > access-list 10 deny 172.16.0.0 0.15.255.255
> >
> > or
> >
> > access-list 10 deny 172.16.0.0 0.31.255.255
> >
> > Your input will be highly appreciated.
> >
> > Thanks
> >
>
>__________________________________________________
>Do You Yahoo!?
>Tired of spam? Yahoo! Mail has the best spam protection around
>http://mail.yahoo.com
This archive was generated by hypermail 2.1.4 : Thu Jun 01 2006 - 06:33:22 ART