Re: prefix and acl

Wow. I will most definitely think before responding to your questions
from now on...

--
Marko Milivojevic - CCIE #18427 (SP R&S)
Senior CCIE Instructor - IPexpert
On Sun, Jun 24, 2012 at 7:50 PM, john matijevic
<john.matijevic_at_gmail.com> wrote:
> Marko,
>
> Hasse was very vague with his question, since you understood what his
> question is I asked you to state it. Then Hasse responded with
> clarification.
> Please think before you respond.
>
> Regards
> John
>
>
> On 6/24/12, Marko Milivojevic <markom_at_ipexpert.com> wrote:
>> He's asking can he filter a specific prefix using an extended access
>> list, instead of using a prefix list. He gives an example where he
>> tried with a prefix-list and the example where he tried an acl, with
>> obviously different results. Someone very quickly pointed out the
>> difference, with the link to the Cisco's and INE's blog describing the
>> particular use-case. Case closed, moving on. Don't overthink the
>> questions.
>>
>> --
>> Marko Milivojevic - CCIE #18427 (SP R&S)
>> Senior CCIE Instructor - IPexpert
>>
>> On Sun, Jun 24, 2012 at 3:29 PM, john matijevic
>> <john.matijevic_at_gmail.com> wrote:
>>> Good Afternoon Marko,
>>>
>>> Please enlighten us.
>>>
>>> Here is the question:
>>>
>>> Can I do this with an acl or extended cal,
>>>
>>>
>>> Please clarify what this is? I don't understand what he is asking?
>>>
>>> Regards,
>>> John
>>> On 6/24/12, Marko Milivojevic <markom_at_ipexpert.com> wrote:
>>>> He did post the config snippets. I think the question was very clear.
>>>> So were the answers :-)
>>>>
>>>> --
>>>> Marko Milivojevic - CCIE #18427 (SP R&S)
>>>> Senior CCIE Instructor - IPexpert
>>>>
>>>> On Sun, Jun 24, 2012 at 12:27 PM, john matijevic
>>>> <john.matijevic_at_gmail.com> wrote:
>>>>> Good Afternoon,
>>>>>
>>>>> "Can I do this with an acl or extended cal, I have a Brain Freeze
>>>>> Thanks."
>>>>>
>>>>> What is this?
>>>>>
>>>>> Very vague, can you please be more specific and describe exactly the
>>>>> issue or problem that you are trying to solve?
>>>>>
>>>>> Please post network diagram and configurations.
>>>>>
>>>>>
>>>>> Regards,
>>>>> John
>>>>>
>>>>>
>>>>> On 6/24/12, Sarad <tosara_at_gmail.com> wrote:
>>>>>> Hi Hasse,
>>>>>>
>>>>>> We can use a extended access-list in BGP to replace a prefix-list, But
>>>>>> in
>>>>>> IGP it appears differently as extended accesslist represent the route
>>>>>> source and subnet (not subnet and subnet mask)
>>>>>>
>>>>>> Have a look at this
>>>>>> http://blog.internetworkexpert.com/2008/01/04/using-extended-access-lists-in-a-distribute-list/
>>>>>>
>>>>>> Cheers
>>>>>> Sara
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Sun, Jun 24, 2012 at 11:12 PM, <daniel.dib_at_reaper.nu> wrote:
>>>>>>
>>>>>>> Hi Hasse,
>>>>>>>
>>>>>>> You are trying to match every class C address with /24 mask right?
>>>>>>> This
>>>>>>> is
>>>>>>> not possible with a standard ACL. If you used extended ACL you could
>>>>>>> match
>>>>>>> mask like this.
>>>>>>>
>>>>>>> access-list 100 permit 192.0.0.0 31.255.255.255 host 255.255.255.0
>>>>>>>
>>>>>>> However I think this is only supported in BGP.
>>>>>>>
>>>>>>> /Daniel
>>>>>>>
>>>>>>>
>>>>>>> On Sun, 24 Jun 2012 14:02:01 +0200, Hasse wrote:
>>>>>>>
>>>>>>>> Can I do this with an acl or extended cal, I have a Brain Freeze
>>>>>>>> Thanks.
>>>>>>>>
>>>>>>>> R2#show run | sec rip
>>>>>>>> router rip
>>>>>>>> B version 2
>>>>>>>> B network 10.0.0.0
>>>>>>>> B distribute-list prefix 1 in FastEthernet0/0
>>>>>>>> B no auto-summary
>>>>>>>>
>>>>>>>> R2#show run | sec prefix-list
>>>>>>>> ip prefix-list 1 seq 5 permit 192.0.0.0/3 ge 24 le 24
>>>>>>>>
>>>>>>>> R2#show ip route rip
>>>>>>>> R B  B 223.1.1.0/24 [120/1] via 10.1.12.1, 00:00:19, FastEthernet0/0
>>>>>>>> R B  B 200.1.1.0/24 [120/1] via 10.1.12.1, 00:00:19, FastEthernet0/0
>>>>>>>> R B  B 192.1.1.0/24 [120/1] via 10.1.12.1, 00:00:19, FastEthernet0/0
>>>>>>>> R B  B 195.1.1.0/24 [120/1] via 10.1.12.1, 00:00:19, FastEthernet0/0
>>>>>>>>
>>>>>>>> if I am using a standard ACL
>>>>>>>>
>>>>>>>>
>>>>>>>> Standard ACL
>>>>>>>> R2#show run | sec rip
>>>>>>>> router rip
>>>>>>>> B version 2
>>>>>>>> B network 10.0.0.0
>>>>>>>> B distribute-list 1 in FastEthernet0/0
>>>>>>>> B no auto-summary
>>>>>>>>
>>>>>>>> R2#show run | sec access-list
>>>>>>>> access-list 1 permit 192.0.0.0 31.255.255.0
>>>>>>>>
>>>>>>>> R2#show ip ro rip
>>>>>>>> R B  B 223.1.1.0/24 [120/1] via 10.1.12.1, 00:00:07, FastEthernet0/0
>>>>>>>> R B  B 200.1.1.0/24 [120/1] via 10.1.12.1, 00:00:07, FastEthernet0/0
>>>>>>>> B  B  193.1.1.0/25 is subnetted, 1 subnets
>>>>>>>> R B  B  B  193.1.1.0 [120/1] via 10.1.12.1, 00:00:07, FastEthernet0/0
>>>>>>>> R B  B 192.1.1.0/24 [120/1] via 10.1.12.1, 00:00:07, FastEthernet0/0
>>>>>>>> R B  B 195.1.1.0/24 [120/1] via 10.1.12.1, 00:00:07, FastEthernet0/0
>>>>>>>> B  B  194.1.1.0/26 is subnetted, 1 subnets
>>>>>>>> R B  B  B  194.1.1.0 [120/1] via 10.1.12.1, 00:00:07, FastEthernet0/0
>>>>>>>>
>>>>>>>>
>>>>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>>>>
>>>>>>>>
>>>>>>>> ______________________________**______________________________**
>>>>>>>> ___________
>>>>>>>> Subscription information may be found at:
>>>>>>>> http://www.groupstudy.com/**list/CCIELab.html<http://www.groupstudy.com/list/CCIELab.html>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>>>
>>>>>>> ______________________________**______________________________**
>>>>>>> ___________
>>>>>>> Subscription information may be found at:
>>>>>>> http://www.groupstudy.com/**
>>>>>>> list/CCIELab.html <http://www.groupstudy.com/list/CCIELab.html>
>>>>>>
>>>>>>
>>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>>
>>>>>> _______________________________________________________________________
>>>>>> Subscription information may be found at:
>>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>>
>>>>>
>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>
>>>>> _______________________________________________________________________
>>>>> Subscription information may be found at:
>>>>> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net