Tweaking of words may kill you in ACL requirements.
Here is the concept I follow
(1) Always put down in binary..separate "common" and "uncommon" per requirements
(2) then check the requirement...How many lines ?
(3) if it says one line or two lines ...Always keep that "implied deny" will
take care of so many things"
Consider the options to meet # of lines
(1) 2 lines then deny ..permit...Implied deny
(2) one line then permit..Implied deny
(3) 2 lines permit ...permit...Implied deny
thanks Prakash
To: [email protected]; [email protected];
[email protected]
From: [email protected]
Date: Mon, 18 May 2009 14:24:32 +0000
Subject: Re: [OSL | CCIE_RS] ACL filtering blues
Antonio,
Check it out: between 10 and 14 we have 1 bit different right? Which bit? It is
the 4 bit right? Since it can be 1 or 0 we "don't care" so it is a 1 in the
mask.
So our mask is 00000100. That is 4 in decimal.
Regards,
Joe Astorino
CCIE #24347 (R&S)
Sr. Support Engineer – IPexpert, Inc.
URL: http://www.IPexpert.com
From: "Antonio Dee Hotmail"
Date: Mon, 18 May 2009 23:49:09 +0930
To: 'CCIE_RS OnlineStudyList'<[email protected]>
Subject: Re: [OSL | CCIE_RS] ACL filtering blues
Hi Prakash,
Michael is right, this would filiter only 10 and 14 , and not 13
pretty much let say i want 10 and 14, and the answer is 0.0.4.0 ???? still
having hard time grasping it
Cheers!
ANtonio
From: prakash patel [mailto:[email protected]]
Sent: Monday, 18 May 2009 11:35 PM
To: [email protected]; [email protected]
Subject: RE: [OSL | CCIE_RS] ACL filtering blues
Addition to previous.
it will allow whole range though.
What is the statement says...need more information.
We may have to adjust it.
From: [email protected]
To: [email protected]; [email protected]
Date: Mon, 18 May 2009 09:59:33 -0400
Subject: Re: [OSL | CCIE_RS] ACL filtering blues
Hello
10=00001010
13=00001101
14=00001110
What is the common here ?....00001xxx
so xxx vlaues give you 0.0.7.0
the fist should be 10.10.8.0
so the whole completed is 10.10.8.0 0.0.7.0
if u see logical in 3rd octets ...8 is starting value and ending 8+7 = 15
10.10.8.0 thru 10.10.15.0
makes sense?
From: [email protected]
To: [email protected]
Date: Mon, 18 May 2009 23:23:05 +0930
Subject: [OSL | CCIE_RS] ACL filtering blues
Hi All,
Need some help on ACL calculation. This is general ACL filtering scenario.
I'm just practicing on ACL filtering especially on the non-continuous wildcards.
i've injected this to my test router but i don't seem to get the logic why it's
this wildcard. can somebody enlighten me on this?
I know 0 in the wildcard are care bits and 1 don't care, just the opposite of a
subnet mask.
Example Scenario:
I get this networks from a backbone router:
network 10.10.10.0
network 10.10.11.0
network 10.10.12.0
network 10.10.13.0
network 10.10.14.0
network 10.10.15.0
network 10.10.16.0
I want to filter on the third octet and allow only 10, 13, 14 to come in
been playing with various values on the wildcard, and the working value is
0.0.4.0 , WHY????
Kind Regards,
Antonio
Windows Live™: Keep your life in sync. Check it out.
Windows Live™: Keep your life in sync. Check it out.
Hotmail® has a new way to see what's up with your friends. Check it out.
_________________________________________________________________
Hotmail® goes with you.
http://windowslive.com/Tutorial/Hotmail/Mobile?ocid=TXT_TAGLM_WL_HM_Tutorial_Mobile1_052009
