So Dale,
Effectively "ip prefix-list 10 permit 192.168.0.0/24 le 32" ACL equivalent
would be "access-list 101 permit ip 192.168.0.0 0.0.0.255 255.255.255.0
0.0.0.255", init?!
Regards,
Andy H.
On Tue, Jun 2, 2009 at 5:28 PM, Dale Shaw <dale.shaw_at_gmail.com> wrote:
> Hi Alexandre,
>
> On Tue, Jun 2, 2009 at 11:23 AM, Alexandre V Oliveira <busa_at_uol.com.br>
> wrote:
> > Hey fellows, a simple and direct question:
> >
> > Is there any difference that can be considered wrong in lab for these
> > sentences below?
> >
> > 1- ip prefix-list 10 permit 192.168.0.0/24 le 32
> > 2- ip prefix-listB 10 permit 192.168.0.0/24
> > 3- access-list 10 permit 192.168.0.0
> > 4- access-list 10 permit 192.168.0.0 0.0.0.255
>
> Don't forget this lesser known form using extended IP ACLs:
>
> access-list 100 permit 192.168.0.0 0.0.0.255 255.255.255.0 0.0.0.0
>
> - source ("192.168.0.0") becomes the network you want to match.
> - source wildcard ("0.0.0.255") identifies the care/don't care bits,
> as normal, for the network
> - destination ("255.255.255.0") becomes the network mask you want to
> apply/match
> - destination wildcard ("0.0.0.0" identifies the care/don'tc are bits,
> as normal, for the network mask
>
> The same ACE in another form is:
>
> access-list 100 permit host 192.168.0.0 host 255.255.255.0
>
> I first saw this form in Halabi's "Internet Routing Architectures"
> book. This allows you to use access-lists to perform exact matches
> with route filtering.
>
> cheers,
> Dale
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>
-- My Blog URL: http://ccielog.blogspot.com/ Blogs and organic groups at http://www.ccie.netReceived on Tue Jun 02 2009 - 18:33:16 ART
This archive was generated by hypermail 2.2.0 : Wed Jul 01 2009 - 20:02:36 ART