RE: Access-list question

From: Marvin Greenlee (mgreenlee@ipexpert.com)
Date: Wed Oct 24 2007 - 16:02:40 ART

• Next message: Joe Rinehart: "RE: CUCM 6.0.1 installation video"
• Previous message: Tarun Pahuja: "Re: Redistribute connected ospf"
• Maybe in reply to: Phillip Day: "Access-list question"
• Next in thread: Phillip Day: "RE: Access-list question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

If by below, you mean anything with a first octet less than 162, it's not
that bad.

Matching a range, 0-161 for the first octet.
Look at your binary multiples in blocks.
You can match by binary blocks.
Match the block of 128 at 0-127
Match the block of 32 at 128-159
Match the block of 2 at 160-161
(Total of 3 lines)

0.0.0.0 mask 127.255.255.255
128.0.0.0 mask 31.255.255.255
160.0.0.0 mask 1.255.255.255

Marvin Greenlee, CCIE #12237 (R&S, SP, Sec)
Senior Technical Instructor - IPexpert, Inc.
A Cisco Learning Partner - We Accept Learning Credits!
Telephone: +1.810.326.1444
Fax: +1.810.454.0130
Mailto: mgreenlee@ipexpert.com
 
IPexpert - The Global Leader in Self-Study, Classroom-Based, Video On Demand
and Audio Certification Training Tools for the Cisco CCIE R&S Lab, CCIE
Security Lab, CCIE Service Provider Lab, CCIE Voice Lab and CCIE Storage Lab
Certifications.

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Joseph Brunner
Sent: Wednesday, October 24, 2007 12:57 PM
To: 'Usankin, Andrew'; 'Phillip Day'; ccielab@groupstudy.com
Subject: RE: Access-list question

Prefix BELOW 162.0.0.0 into Eigrp...

How does "access-list 1 permit 162.0.0.0 0.255.255.255"
match 1.0.0.0 through 161.0.0.0...

???

I'm sure this will end up with a wild wild card mask...

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Usankin, Andrew
Sent: Wednesday, October 24, 2007 12:01 PM
To: Phillip Day; ccielab@groupstudy.com
Subject: RE: Access-list question

How about this? (Sorry if I'm wrong, didn't have time to think,
meetings...) This implies to prefixes, not traffic.

access-list 1 deny 162.0.0.0 0.0.0.0
access-list 1 permit 162.0.0.0 0.255.255.255

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Phillip Day
Sent: Wednesday, October 24, 2007 8:31 AM
To: ccielab@groupstudy.com
Subject: Access-list question

Hi,

Does anyone have a good technique for permitting everything BELOW a
certain address in an access list?
E.g 'permit any prefix below 162.0.0.0 into eigrp' I have labbed a few
ideas and I can't seem to crack it. I'm sure this is elementary for
some though!

TIA

Phill

• Next message: Joe Rinehart: "RE: CUCM 6.0.1 installation video"
• Previous message: Tarun Pahuja: "Re: Redistribute connected ospf"
• Maybe in reply to: Phillip Day: "Access-list question"
• Next in thread: Phillip Day: "RE: Access-list question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Nov 16 2007 - 13:11:18 ART