If I'm thinking about your question correctly, you can't filter the way you've described using only ONE access list. If you use access-list 1 permit 10.10.10.0 0.0.4.0, I think you will get 10.10.10.0 and 10.10.14.0, but not 10.10.13.0. You would need another access list just for that network.
Any else agree or disagree? Michael On Mon, May 18, 2009 at 9:53 AM, Antonio Dee Hotmail < [email protected]> wrote: > Hi All, > > > > Need some help on ACL calculation. This is general ACL filtering scenario. > > > > I'm just practicing on ACL filtering especially on the non-continuous > wildcards. > > > > i've injected this to my test router but i don't seem to get the logic why > it's this wildcard. can somebody enlighten me on this? > > > > I know 0 in the wildcard are care bits and 1 don't care, just the opposite > of a subnet mask. > > > > Example Scenario: > > > > I get this networks from a backbone router: > > > > network 10.10.10.0 > > network 10.10.11.0 > > network 10.10.12.0 > > network 10.10.13.0 > > network 10.10.14.0 > > network 10.10.15.0 > > network 10.10.16.0 > > > > I want to filter on the third octet and allow only 10, 13, 14 to come in > > > > been playing with various values on the wildcard, and the working value is > *0.0.4.0* , WHY???? > > > > > > Kind Regards, > > Antonio > > > > > > >
