In discussions like this, I find it very helpful to write everything out in
binary, even as part of the post, just to help new folks visualize what is
really taking place.
Most people's eyes glaze over when you talk about number theory. But in
order to understand what is happening in both binary and decimal, one needs
to understand a bit ( :-> ) of theory.
WARNING - the rest of this is BORING!!!!!!
All even numbers are evenly divisible by two. The remainder is zero
All odd numbers, when divided by two, have a remainder to one.
In binary, it is easy to tell an odd number. The eighth bit is turned on,
i.e. equals one. I.e. remained of one. All even numbers in binary have the
eighth bit turned off, i.e. equal to zero, i.e. remainder of zero.
14 = 0000 1110
15 = 0000 1111
16 = 0001 0000
17 = 0001 0001
etc.
( See - all that crap they tried to teach you in 4th grade really does have
some practical application after all. :-> )
so, we want to permit only even numbers., i.e. numbers whose last bit is
zero.
Base = 0000 0000
Mask = 1111 1110
Eighth bit MUST be zero. All other bits can take any value.
We want to permit only odd numbers - i.e. numbers whose last bit is one
Base = 0000 0001
Mask=1111 1110
Eighth bit MUST equal one
In the case of an ISP or some other evil entity wanting to permit only even
numbered IP addresses of any prefix, yes, your example of
Base =0000 0000 0000 0000 0000 0000 0000 0000
Mask=1111 1111 1111 1111 1111 1111 1111 1110
Will permit only even numbers, regardless of prefix.
Hmmm, I have just come up with another evil test of the competency of NOC
center personnel..... ;->
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Gabriel
Sent: Tuesday, June 27, 2000 7:40 AM
To: [EMAIL PROTECTED]
Subject: Re: ACL Question
Shouldn't it, for maximum elegance, be "Permit 0.0.0.0 255.255.255.254"? Not
that it winds up mattering, but "2" is the 7th bit of the octet, not the
8th; it'll be wildcarded out. Any even number would work, of course; what
matters is that the last bit is 0 not 1.
> -----Original Message-----
> From: [EMAIL PROTECTED] ("Daniel Ma")
> [mailto:[EMAIL PROTECTED]]
> Posted At: Monday, June 26, 2000 9:02 AM
> Posted To: cisco
> Conversation: ACL Question
> Subject: Re: ACL Question
>
>
> Will this do?
>
> access-list 1 permit x.x.x.2 255.255.255.254
>
> Daniel
>
> "Raymond Everson (Rainman)" <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > *Still* haven't figured this one out:
> >
> > Create an IP ACL, in as few lines as possible of course, which permits
> > only even-numbered IP addresses.
> >
> > Ideas?
> >
> > Rainman
> >
> > ___________________________________
> > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> > ---
>
>
> ___________________________________
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---
>
> ___________________________________
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
