From: Rich Collins (nilsi2002@gmail.com)
Date: Tue Feb 17 2009 - 17:37:24 ARST
I had looked at it briefly but admit that I hadn't really read it. So
the RFC is really just a superset which includes other RFC's such as
1918 and 1700?
Then according to this link the complete RFC 3330 set would be:
0.0.0.0/8
10.0.0.0/8
14.0.0.0/8
24.0.0.0/8
39.0.0.0/8
127.0.0.0/8
128.0.0.0/16
169.254.0.0/16
172.16.0.0/12
191.255.0.0/16
192.0.0.0/24
192.0.2.0/24
192.88.99.0/24
192.168.0.0/16
198.18.0.0/15
223.255.255.0/24
224.0.0.0/4
240.0.0.0/4
On Tue, Feb 17, 2009 at 11:43 AM, Tyson Scott <tscott@ipexpert.com> wrote:
> Click on the link below and it will give you the detail.
>
> Regards,
>
> Tyson Scott - CCIE #13513 R&S and Security
> Technical Instructor - IPexpert, Inc.
>
> Telephone: +1.810.326.1444
> Cell: +1.248.504.7309
> Fax: +1.810.454.0130
> Mailto: tscott@ipexpert.com
>
>
>
>
> -----Original Message-----
> From: Rich Collins [mailto:nilsi2002@gmail.com]
> Sent: Tuesday, February 17, 2009 11:12 AM
> To: Darby Weaver
> Cc: Tyson Scott; John Ciccone; Alexandre Oliveira; Cisco certification
> Subject: Re: Block RFC 1918 Addresses
>
> I've seen the RFC 3330 mentioned before in posts. Would someone know
> the definitive access list for that one?
>
> -Rich
>
> On Tue, Feb 17, 2009 at 10:43 AM, Darby Weaver <ccie.weaver@gmail.com>
> wrote:
>> If the question said RFC1918 -
>>
>> Then answer with RFC1918...
>>
>> If the test writer did know the difference and marked you wrong...
>>
>> Get the refund.
>>
>>
>>
>>
>> On Tue, Feb 17, 2009 at 10:23 AM, Tyson Scott <tscott@ipexpert.com> wrote:
>>
>>> John,
>>>
>>>
>>>
>>> What I said below is to bring clarification for the understanding of what
>>> is/isn't included with the RFC.
>>>
>>>
>>>
>>> For the test it would purely be a matter of how the question is worded.
>>> That would then become a time to request clarification from the proctor
> if
>>> you are unsure. From my experience it is not typically throttled down
> into
>>> only one way of accomplishing tasks so a lot is left to interpretation at
>>> times.
>>>
>>>
>>>
>>> And it has always been said on netpro that unless a question says to not
>>> have extra configuration extra configuration is typically acceptable.
>>>
>>>
>>>
>>> Regards,
>>>
>>>
>>>
>>> Tyson Scott - CCIE #13513 R&S and Security
>>>
>>> Technical Instructor - IPexpert, Inc.
>>>
>>>
>>> Telephone: +1.810.326.1444
>>> Fax: +1.810.454.0130
>>> Mailto: tscott@ipexpert.com
>>>
>>>
>>>
>>>
>>>
>>>
>>> From: John Ciccone [mailto:ccie.ciccone@gmail.com]
>>> Sent: Tuesday, February 17, 2009 10:13 AM
>>> To: Tyson Scott
>>> Cc: Alexandre Oliveira; Cisco certification
>>> Subject: Re: Block RFC 1918 Addresses
>>>
>>>
>>>
>>> Tyson,
>>>
>>>
>>>
>>> Thanks, you bring up a good point. If we include the other addresses
> just
>>> to be safe, could that be marked as incorrect? And more importantly, how
>>> are the proctors with regard to clarifying exactly what is required of a
>>> task?
>>>
>>>
>>>
>>> John
>>>
>>> On Tue, Feb 17, 2009 at 9:58 AM, Tyson Scott <tscott@ipexpert.com> wrote:
>>>
>>> The 3 addresses are the only ones that are part of RFC 1918. 0.0.0.0/8
> is
>>> part of RFC1700. 169.254.0.0/16 is part of RFC 3330 - Special-Use IPv4
>>> Addresses. You will also find 127.0.0.0/8 in this RFC. 224.0.0.0/4 is
>>> RFC
>>> 3171 but is included in 3330. Pray they only ask for RFC1918 as RFC 3330
>>> includes a lot more ;) RFC 3330 is part of the Security exam now.
>>>
>>> Often people include other addresses when they ask for 1918 but
> technically
>>> it is only the three. If a question didn't say to include nothing else
>>> than
>>> it can't hurt throwing everything you can think of right ;O
>>>
>>> http://www.faqs.org/rfcs/rfc3330.html
>>>
>>>
>>> Regards,
>>>
>>> Tyson Scott - CCIE #13513 R&S and Security
>>>
>>> Technical Instructor - IPexpert, Inc.
>>>
>>> Telephone: +1.810.326.1444
>>>
>>> Cell: +1.248.504.7309
>>>
>>> Fax: +1.810.454.0130
>>>
>>> Mailto: tscott@ipexpert.com
>>>
>>>
>>>
>>> -----Original Message-----
>>> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
>>> Alexandre Oliveira
>>>
>>> Sent: Tuesday, February 17, 2009 9:35 AM
>>> To: 'Cisco certification'
>>>
>>> Subject: RES: Block RFC 1918 Addresses
>>>
>>> I've found the same question in my studies. Some exercises inform that
>>> RFC1918 should also include this:
>>>
>>> deny 0.0.0.0/8 le 32
>>> deny 10.0.0.0/8 le 32
>>> deny 127.0.0.0/8 le 32
>>> deny 169.254.0.0/16 le 32
>>> deny 172.16.0.0/12 le 32
>>> deny 192.0.2.0/24 le 32
>>> deny 192.168.0.0/16 le 32
>>> deny 224.0.0.0/3 le 32
>>> permit 0.0.0.0/0 le 32
>>>
>>> I mean, deny all "non-allowed" or private prefixes and then permit the
>>> rest.
>>> Based on John's following e-mail, which group of address we must
>>> consider???
>>>
>>> Thanks,
>>>
>>> Alexandre.
>>>
>>>
>>> -----Mensagem original-----
>>> De: nobody@groupstudy.com [mailto:nobody@groupstudy.com] Em nome de John
>>> Ciccone
>>> Enviada em: terga-feira, 17 de fevereiro de 2009 11:12
>>> Para: Cisco certification
>>> Assunto: Block RFC 1918 Addresses
>>>
>>> I recently took a vendors mock lab where the task asked block all RFC1918
>>> adddress. So, I created an access-list and applied it to deny the
>>> following:
>>>
>>> 10.0.0.0/8
>>> 172.16.0.0/12
>>> 192.168.0.0/16
>>>
>>> I've read RFC1918 from top to bottom, and the above addresses are the
> only
>>> ones mentioned. However, upon checking my answers with the solutions,
> they
>>> also included the following:
>>>
>>> 127.0.0.0/8
>>> 169.254.0.0/16
>>>
>>> Now, while the above addresses are not valid internet addresses, they are
>>> NOT RFC1918 addresses. If the question stated that I should block non
>>> valid
>>> internet addresses, then I could see denying the two ip blocks above as
>>> well. But even in that case, there are at least a half dozen more ipv4
>>> blocks that are either not valid or not yet allocated for the internet.
>>>
>>> My main question is this: If I get the same type of task on the actual
> lab,
>>> what do I do? Will the questions be specific enough to leave no doubt
>>> as to what they are looking for (not only for this type of questions,
> but
>>> any others as well)? If there are any doubt's about what they are
> looking
>>> for, how helpful will the proctor be in clarifying?
>>>
>>> I am scheduled to take the lab in 3 weeks, so any help would be greatly
>>> appreciated.
>>>
>>> Thanks.
>>>
>>> John
>>>
>>>
>>> Blogs and organic groups at http://www.ccie.net <http://www.ccie.net/>
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>>>
>>> Blogs and organic groups at http://www.ccie.net <http://www.ccie.net/>
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>>>
>>> Blogs and organic groups at http://www.ccie.net <http://www.ccie.net/>
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>>>
>>> Blogs and organic groups at http://www.ccie.net
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:11 ARST