Thanks, Evgeny. My answer had that mask 0.0.0.24, which would only allow
specific hosts on a specific subnet. If the original question was to allow
any host witha 1,9,17, or 25 in the last octect--but from any subnet--then
255.255.255.24 would be the correct answer.
It all depends on how the original question was worded. Regardless, the
trickiest part was the mask on the last octect. Good question!!
We need to make this a regular thing, that was a lot of fun.
John
> Michael,
>
> Thanks a lto for mentioning my name, but
> I've just looked through follow-ups and found out that John Neiberger was
> the first to give correct answer.
>
> RGRDS,
> EVgeny
>
> --
> ***********
> Please DO NOT send replies just directly to me, post them to the
Newsgroup
> as well
>
> ***********
> ""Michael L. Williams"" <[EMAIL PROTECTED]> wrote in message
> 8jt2kl$2s4$[EMAIL PROTECTED]">news:8jt2kl$2s4$[EMAIL PROTECTED]...
> > Okay. There have been alot of responses to this. And alot of people
> > wanting the answer.
> >
> > SO, let me mention Evgeny Babanin and Chuck Hwang, since they gave
correct
> > responses to the question! Congrats!!
> >
> > Now, I'll everyone's agony........... =)
> >
> > The answer is:
> >
> > access-list 10 permit A.B.C.1 255.255.255.24
> >
> > Here's the explanation:
> >
> > Remeber in the wildcard mask, for a given bit:
> > 0 = must match the same bit in the source address given
> > 1 = doesn't matter what it is........
> >
> > I will use A.B.C.1 for the source address in the access-list command
since
> > (as we see below) the least significant should always be 1. Below I
have
> > the binary version of our address 0.0.0.1:
> >
> > aaa aaa.bbb bbb.ccc ccc.0000 0001 <- least significant bit = 1, thus
> > the decimal value of that octect is 1. This is crutial because this is
> the
> > only non-zero bit in the source address. We'll use that later.
> >
> > Limiting ourselves to looking at the last octet of the target IPs we
want
> to
> > let through,
> > 0000 0001 = 1
> > 0000 1001 = 9
> > 0001 0001 = 17
> > 0001 1001 = 25
> > ---------------
> > So since the last bit (xxxx xxx1) has to = 1 (like in the source
address),
> > it's corresponding wildcard bit must = 0
> >
> > so we know the wildcard mask so far has to be xxxx xxx0 (last octect
> only)
> >
> > we also know that bits (from right to left) 2, 3, 6, 7, 8 HAVE to be =
0
> (so
> > they match the zeros in the source address), so therefore their
> > corresponding bits in the wildcard mask must be = 0. So now we have:
> >
> > 000x x000 (last octect only)
> >
> > When looking at bit 4 and 5 we see that they could be either 0 or 1.
Any
> of
> > the
> > four combinations of 0 and 1 give us the four target addresses, so
> > their bits in the wildcard mask are = 1. So our final wildcard mask
will
> be
> >
> > 0001 1000 (last octect only) = 24 (decimal)
> >
> > So...... the following command is the correct answer:
> >
> > access-list 10 permit A.B.C.1 255.255.255.24
> >
> > It's a tough question,...... That's why it's fun =) Thanks to everyone
> that
> > participated!
> >
> > Mike W.
> >
> > PS: Alrighty Chuck..... we're ready for the next question =)
> >
> > > Puzzle posed by Mike Williams:
> > >
> > > Make a (single line) access-list that will only allow traffic from
> > addresses
> > > matching the following model:
> > >
> > > x.x.x.1
> > > x.x.x.9
> > > x.x.x.17
> > > x.x.x.25
> > >
> > > It's along the same lines as the question you posed, but a little
more
> > > challenging since you only want those 4 addresses to pass
through.....
> =)
> >
> >
> >
> > ___________________________________
> > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> > ---
>
>
> ___________________________________
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_______________________________________________________
Say Bye to Slow Internet!
http://www.home.com/xinbox/signup.html
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
