From: Brian Dennis (bdennis@internetworkexpert.com)
Date: Sun Nov 12 2006 - 21:01:10 ART
No, "host" is just a simplified way to saying the wildcard mask is
0.0.0.0.
These two access-lists are the same:
access-list 100 permit ip 172.16.1.1 0.0.0.0 any
access-list 100 permit ip host 172.16.1.1 any
In fact if you enter the command in the first format (no host keyword)
the router will change it to the second format.
Rack1R6(config)#access-list 100 permit ip 172.16.1.1 0.0.0.0 any
Rack1R6(config)#do sho run | in access-list 100
access-list 100 permit ip host 172.16.1.1 any
Rack1R6(config)#
Here is the DocCD link for the access-list command:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cr/hi
ap_r/apl_a1h.htm#wp1131458
Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)
bdennis@internetworkexpert.com
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987
Direct: 775-745-6404 (Outside the US and Canada)
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Adhu Ajit
Sent: Sunday, November 12, 2006 2:52 PM
To: ccielab@groupstudy.com
Subject: host 0.0.0.0
Is there a special meaning when someone writes:
permit ip host 0.0.0.0
or does it just mean what I think it means.
What I think it means is:
Permit any host whose source ip address is 0.0.0.0. But I wonder if
any IP stack will allow itself to be configured with 0.0.0.0 as the IP
address. Then again, I also start wondering on what was the intention of
the afore mentioned ACL entry ???!!!
(Folks, this is NOT permit ip 0.0.0.0 255.255.255.255. Here it is
"host" followed by no wildcarded bits)
Bye.
---------------------------------
Access over 1 million songs - Yahoo! Music Unlimited.
This archive was generated by hypermail 2.1.4 : Fri Dec 01 2006 - 08:05:46 ART