Okay. There have been alot of responses to this. And alot of people
wanting the answer.
SO, let me mention Evgeny Babanin and Chuck Hwang, since they gave correct
responses to the question! Congrats!!
Now, I'll everyone's agony........... =)
The answer is:
access-list 10 permit A.B.C.1 255.255.255.24
Here's the explanation:
Remeber in the wildcard mask, for a given bit:
0 = must match the same bit in the source address given
1 = doesn't matter what it is........
I will use A.B.C.1 for the source address in the access-list command since
(as we see below) the least significant should always be 1. Below I have
the binary version of our address 0.0.0.1:
aaa aaa.bbb bbb.ccc ccc.0000 0001 <- least significant bit = 1, thus
the decimal value of that octect is 1. This is crutial because this is the
only non-zero bit in the source address. We'll use that later.
Limiting ourselves to looking at the last octet of the target IPs we want to
let through,
0000 0001 = 1
0000 1001 = 9
0001 0001 = 17
0001 1001 = 25
---------------
So since the last bit (xxxx xxx1) has to = 1 (like in the source address),
it's corresponding wildcard bit must = 0
so we know the wildcard mask so far has to be xxxx xxx0 (last octect only)
we also know that bits (from right to left) 2, 3, 6, 7, 8 HAVE to be = 0 (so
they match the zeros in the source address), so therefore their
corresponding bits in the wildcard mask must be = 0. So now we have:
000x x000 (last octect only)
When looking at bit 4 and 5 we see that they could be either 0 or 1. Any of
the
four combinations of 0 and 1 give us the four target addresses, so
their bits in the wildcard mask are = 1. So our final wildcard mask will be
0001 1000 (last octect only) = 24 (decimal)
So...... the following command is the correct answer:
access-list 10 permit A.B.C.1 255.255.255.24
It's a tough question,...... That's why it's fun =) Thanks to everyone that
participated!
Mike W.
PS: Alrighty Chuck..... we're ready for the next question =)
> Puzzle posed by Mike Williams:
>
> Make a (single line) access-list that will only allow traffic from
addresses
> matching the following model:
>
> x.x.x.1
> x.x.x.9
> x.x.x.17
> x.x.x.25
>
> It's along the same lines as the question you posed, but a little more
> challenging since you only want those 4 addresses to pass through..... =)
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
