From: Scott Morris (swm@emanon.com)
Date: Tue Jun 13 2006 - 22:55:24 ART
The initial part of an ACL (commonly referred to as "network") is actually
what sets your starting point of your bits.
If you have the mask for that octet as 11111110 (254) that means that the
first seven bits you could care less what the value is, but the last bit
MUST remain the same. Same as what? Same as where you started.
So if you START with 1.0.0.0, the first octet is 00000001 (remember the mask
- the last bit CANNOT change). So you'll get all the odd values in the
first octet, and any value in any other octet.
While starting with 0.0.0.0 would indeed work as well, but here you have
00000000 so therefore the last bit MUST be a 0 with that mask, and cannot
change. So you'd get the even networks out of the first octet.
When we get into these funky access lists, it's important to take a serious
look at the actual binary going on and not get hung up with the terms we
learned back in CCNA about "network" and "network mask". That's where the
confusion begins!
HTH,
Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, JNCIE
#153, CISSP, et al.
CCSI/JNCI
IPExpert CCIE Program Manager
IPExpert Sr. Technical Instructor
smorris@ipexpert.com
http://www.ipexpert.com
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Sami
Sent: Tuesday, June 13, 2006 6:30 PM
To: Cisco certification
Subject: Access List
Group,
One of task says filter out all odd network from first octet , and solution
given is
ip access list 1 permit 1.0.0.0 254.255.255.255
why first octet of network is 1 ?
shouldn't it be 0.0.0.0 ( any ) 254.255.255.255 ?
Thanks
This archive was generated by hypermail 2.1.4 : Sat Jul 01 2006 - 07:57:32 ART