From: Scott Morris (smorris@ipexpert.com)
Date: Sat Nov 10 2007 - 14:16:36 ART
5 00000101
10 00001010
11 00001011
14 00001110
I'd say that's a poorly written question. We could get 10 and 11 together
or 10 and 14 together in one line. but 5 has at least three bits of
difference with anything else (meaning you'll get 4 matches in an ACL).
So if we took 10 & 11 together. 5 and 14 have 3 bits of difference (8
matches). If we took 10 & 14 together, 5 and 11 have 3 bits of differnce as
well.
Looking the other direction (e.g. is there a way to deny
1,2,3,4,6,7,8,9,12,13 and 15 in one line then permit everything) we see even
more bits of difference.
Now, if the question was 10,11,14,15 we could to it. :) (or other
combinations) But not the way it's written in only two lines.
Now, I'm working on my caffeine level this morning, but for where it's at
right now, I'm not seeing two lines working while making sure the others are
still denied.
HTH,
Scott
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Sadiq Yakasai
Sent: Saturday, November 10, 2007 11:29 AM
To: Gupta, Gopal (NWCC)
Cc: Scott Morris; CJ; Cisco certification
Subject: Re: ACL-min lines
Hey guys,
Speaking of which reminds me. Question says:
Using 2 lines, permit 5,10,11,14 subnets and deny all others from
192.168.1.0 to 192.168.16.0/24:
i.e.
192.168.1.0/24
192.168.2.0/24
192.168.3.0/24
192.168.4.0/24
192.168.5.0/24
192.168.6.0/24
192.168.7.0/24
192.168.8.0/24
192.168.9.0/24
192.168.10.0/24
192.168.11.0/24
192.168.12.0/24
192.168.13.0/24
Thanks
This archive was generated by hypermail 2.1.4 : Sat Dec 01 2007 - 06:37:29 ART