Nishant ,
I would just specify the Whole VLAN 10 and VLAN 20 subnet so i fthe
traffic is initiated from VLAN 10 you will put on R1:
access-list 100 permit ip 1.1.10.0 0.0.0.255 150.1.1.0 0.0.0.255
Because you will use the conplete VLAN as your source (all the hosts
in that VLAN and the same goes for the BB VLAN)
--
Regards,
Iwan Hoogendoorn
CCIE #13084 (R&S / Security / SP)
Sr. Support Engineer � IPexpert, Inc.
URL: http://www.IPexpert.com
On Sat, Sep 5, 2009 at 4:41 AM, Nishant
Aggarwal<er.nishantaggarwal_at_gmail.com> wrote:
> Hi Group,
>
> Connectivity is like this :
>
> (VL10) R1 *<------> *R2 (Fa0/0 - /24) *<---*VL20*--->* (Fa0/0 - /24) BB1
>
> VL 10 - 1.1.10.0 /24
> BB1 150.1.1.254/24 /24
>
> I am creating a policy-map and I have to match ip packets coming from VL 10
> and going out to BB1. It is suggested to configure on R2 only.
>
> When making access-list for this:
>
> access-list 100 per ip 1.1.10.0 0.0.0.255 *150.1.1.0 0.0.0.255* (What
> should be the destination?)
> *or 150.1.1.254
> 0.0.0.0*
> * or host 150.1.1.254
> *
>
> I know 150.1.1.254 0.0.0.0 and host 150.1.1.254 are one and the same thing.
>
> Should I match whole vlan in destination or should I go for specefically BB2
> ip address of /32 ??
>
> Thanks,
> Nishant Aggarwal.
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>
--
Regards,
Iwan Hoogendoorn
CCIE #13084 (R&S / Security / SP)
Sr. Support Engineer � IPexpert, Inc.
URL: http://www.IPexpert.com
Blogs and organic groups at http://www.ccie.net
Received on Sat Sep 05 2009 - 08:34:47 ART