Two points. 1) always be careful with the wording of questions. There are
two correct answers, depending upon how one interprets the question.
Access-list 10 permit 0.0.0.1 255.255.255.24 is indeed correct IF you want
to permit only the values of 1,9,17,and 25 in the last octet of ANY network,
whether that be 192.168.1.x or 10.0.0.x etc
Access-list 10 permit a.b.c.1 0.0.0.24 is indeed correct IF you want to
permit only hosts with 1,9,17,25
in the last octet from a SPECIFIC network.
Shades of Cisco exam questions..... :->
It's been fun, gang. Let's do it again sometime.
Chuck
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Michael L. Williams
Sent: Tuesday, July 04, 2000 3:02 PM
To: [EMAIL PROTECTED]
Subject: Re: Wild Card Mask Puzzle SOLUTION!!!!!!
Sorry for overlooking you! Good job!
Mike W.
John Neiberger <[EMAIL PROTECTED]> wrote in message
32064763.962730060174.JavaMail.imail@tiptoe">news:32064763.962730060174.JavaMail.imail@tiptoe...
> Thanks, Evgeny. My answer had that mask 0.0.0.24, which would only allow
> specific hosts on a specific subnet. If the original question was to
allow
> any host witha 1,9,17, or 25 in the last octect--but from any subnet--then
> 255.255.255.24 would be the correct answer.
>
> It all depends on how the original question was worded. Regardless, the
> trickiest part was the mask on the last octect. Good question!!
> We need to make this a regular thing, that was a lot of fun.
>
> John
>
> > Michael,
> >
> > Thanks a lto for mentioning my name, but
> > I've just looked through follow-ups and found out that John Neiberger
was
> > the first to give correct answer.
> >
> > RGRDS,
> > EVgeny
> >
> > --
> > ***********
> > Please DO NOT send replies just directly to me, post them to the
> Newsgroup
> > as well
> >
> > ***********
> > ""Michael L. Williams"" <[EMAIL PROTECTED]> wrote in message
> > 8jt2kl$2s4$[EMAIL PROTECTED]">news:8jt2kl$2s4$[EMAIL PROTECTED]...
> > > Okay. There have been alot of responses to this. And alot of people
> > > wanting the answer.
> > >
> > > SO, let me mention Evgeny Babanin and Chuck Hwang, since they gave
> correct
> > > responses to the question! Congrats!!
> > >
> > > Now, I'll everyone's agony........... =)
> > >
> > > The answer is:
> > >
> > > access-list 10 permit A.B.C.1 255.255.255.24
> > >
> > > Here's the explanation:
> > >
> > > Remeber in the wildcard mask, for a given bit:
> > > 0 = must match the same bit in the source address given
> > > 1 = doesn't matter what it is........
> > >
> > > I will use A.B.C.1 for the source address in the access-list command
> since
> > > (as we see below) the least significant should always be 1. Below I
> have
> > > the binary version of our address 0.0.0.1:
> > >
> > > aaa aaa.bbb bbb.ccc ccc.0000 0001 <- least significant bit = 1, thus
> > > the decimal value of that octect is 1. This is crutial because this
is
> > the
> > > only non-zero bit in the source address. We'll use that later.
> > >
> > > Limiting ourselves to looking at the last octet of the target IPs we
> want
> > to
> > > let through,
> > > 0000 0001 = 1
> > > 0000 1001 = 9
> > > 0001 0001 = 17
> > > 0001 1001 = 25
> > > ---------------
> > > So since the last bit (xxxx xxx1) has to = 1 (like in the source
> address),
> > > it's corresponding wildcard bit must = 0
> > >
> > > so we know the wildcard mask so far has to be xxxx xxx0 (last octect
> > only)
> > >
> > > we also know that bits (from right to left) 2, 3, 6, 7, 8 HAVE to be
=
> 0
> > (so
> > > they match the zeros in the source address), so therefore their
> > > corresponding bits in the wildcard mask must be = 0. So now we have:
> > >
> > > 000x x000 (last octect only)
> > >
> > > When looking at bit 4 and 5 we see that they could be either 0 or 1.
> Any
> > of
> > > the
> > > four combinations of 0 and 1 give us the four target addresses, so
> > > their bits in the wildcard mask are = 1. So our final wildcard mask
> will
> > be
> > >
> > > 0001 1000 (last octect only) = 24 (decimal)
> > >
> > > So...... the following command is the correct answer:
> > >
> > > access-list 10 permit A.B.C.1 255.255.255.24
> > >
> > > It's a tough question,...... That's why it's fun =) Thanks to
everyone
> > that
> > > participated!
> > >
> > > Mike W.
> > >
> > > PS: Alrighty Chuck..... we're ready for the next question =)
> > >
> > > > Puzzle posed by Mike Williams:
> > > >
> > > > Make a (single line) access-list that will only allow traffic from
> > > addresses
> > > > matching the following model:
> > > >
> > > > x.x.x.1
> > > > x.x.x.9
> > > > x.x.x.17
> > > > x.x.x.25
> > > >
> > > > It's along the same lines as the question you posed, but a little
> more
> > > > challenging since you only want those 4 addresses to pass
> through.....
> > =)
> > >
> > >
> > >
> > > ___________________________________
> > > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > > Report misconduct and Nondisclosure violations to
[EMAIL PROTECTED]
> > > ---
> >
> >
> > ___________________________________
> > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
>
>
>
>
> _______________________________________________________
> Say Bye to Slow Internet!
> http://www.home.com/xinbox/signup.html
>
> ___________________________________
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
