Re: doubt regarding odd and even routes

Raghav,

If you take only third octet in binary,

1 = 0000 0001
3 = 0000 0011

The only bit that is chaning is the second right most, so if you make
that bit 1 and the rest zeros you get 0000 0010 , which is 2 in
decimal and that gives you the wildcard . For the network part you
must AND the two binary numbers

AND
   0000 0001
   0000 0011

= 0000 0001

then you get,

 pernit 192.168.1.0 0.0.2.255, to match hosts only from those two networks.

HTH

Molomo

On 7/22/09, Raghav Bhargava <raghavbhargava12_at_gmail.com> wrote:
> Hi andy,,
>
> Thank you very much for your explanation. But in my case if I have to allow
> only the 2 subnets i.e 192.168.1.1 and 192.168.3.1
> then this ACL works for me.
>
> ip access-list standard r1-r2
> permit 192.168.1.0 0.0.2.255
>
> Now I basically want to knw about the number 2 in the subnet mask that is
> being used. I got confused in that.
>
> thanks for all you help..
> raghav
>
>
> On Tue, Jul 21, 2009 at 11:24 PM, Andy Reid <ccie_at_reid.it> wrote:
>
>> Hi Raghav,
>>
>> The 254 within the wildcard bits 3rd octet is saying that we don't care
>> about the first 7 bits within that octet, but the last bit we do care
>> about.
>> Whether that last bit is a zero or a one will determine what group it fits
>> into.
>>
>> access-list 1 permit 192.168.0.0 0.0.254.255
>> Access list 1 will permit all the even subnets: 192.168.2.1, 192.168.4.1,
>> 192.168.6.1
>>
>> access-list 2 permit 192.168.1.0 0.0.254.255
>> Access list 2 will permit all the odd subnets: 192.168.1.1, 192.168.3.1,
>> 192.168.5.1
>>
>> The key point to remember is that wildcard bits are not the same as taking
>> the inverse of a subnet mask. If you reduce the interesting octet down to
>> pure bits and draw it out on a scrap piece of paper it should make more
>> sense.
>>
>> Of course, if you only want to allow two IP subnets through, and not a
>> group of IP subnets, then the access list could be simply:
>> access-list 3 permit 192.168.1.0 0.0.0.255
>> access-list 3 permit 192.168.3.0 0.0.0.255
>>
>> regards Andy
>>
>>
>> Raghav Bhargava wrote:
>>
>>> Hi Experts,
>>>
>>> Once again a simple question but I just got confused .
>>>
>>> Lets say we have the following routes on R1
>>>
>>> 192.168.1.1
>>> 192.168.2.1
>>> 192.168.3.1
>>> 192.168.4.1
>>> 192.168.5.1
>>> 192.168.6.1
>>>
>>> Now lets say i want only 192.168.1.1 and 192.168.3.1 on R2
>>>
>>> so can i say the access-list will be something like this
>>>
>>> ip access-list standard r1-r2
>>> permit 192.168.1.0 0.0.254.255
>>>
>>> OR will it be
>>>
>>> ip access-list standard r1-r2
>>> permit 192.168.1.0 0.0.2.255
>>>
>>>
>>>
>>>
>>>
>>
>>
>
>
> --
> Warm Regards
> Raghav
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Wed Jul 22 2009 - 11:47:08 ART