From: Piotr M (pitt2k@gmail.com)
Date: Sat Jan 10 2009 - 14:51:08 ARST
Hi,
The ACL for route filtering is checking only IP address portion not
mask (if you need to check mask also, use Prefix-list). The '1' in the
wildcard mask means 'don't care' so when you use 255, the whole octect
will be accepted. So when you have prefixes with '0' in the fourth
octet, there will be no difference if you use '255' or '0' in the
wildcard mask. But in case you get prefixes like 196.17.1.64/26 from
BB router, the ACL with 0.0.11.255 will pass them in. ACL with
wildcard mask of 0.0.11.0 (196.17.1.0 0.0.11.0) will filter them out,
because fourth octet needs to be exact '0'.
HTH
PM
2009/1/10 Carlson guo <carlson.guo@gmail.com>:
> R1 and BB1 is running RIP, BB1 advertising 196.17.1.0/24 - 196.17.16.0/24 16
> routes, on R1, I use distribute-list in with ACL standard 99 196.17.4.0
> 0.0.11.0, got the result: 4.0/24, 5.0/24, 6.0/24 and
> 12.0/24,13.0/24,14.0/24,15.0/24 in R1 route table, but when I change the ACL
> 99 to 196.17.4.0 0.0.11.255, I got the same result, so which one is correct?
> which one is the best practice? Thanks for any input...
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:43:37 ARST