Comments are inline. Reimer, Fred wrote:
>So would it match a network of 131.108.0.0/24? From what Cisco says, that >it matches the classful mask if none is specified, it should not match. >From what you say it sounds like you think it would match. > > An access-list with wildcards (131.108.0.0 0.0.255.255) would match 131.108.0.0/16, 131.108.0.0/24 and 131.108.1.0/24. The fact that there is a 24-bit prefix on some of these networks doesn't really matter, only the network bits are being matched. >I don't think wildcard bits are real wildcard bits when used in a distribute >list. I think they are used to match the prefix of the route in the routing >table. Your theory about 131.108.0.0 0.0.255.255 possibly matching other >networks, such as 131.108.1.0/24 (presumably /24) and 131.108.2.0/24 is an >interesting theory, but I'd like to know the facts. I don't have time to >test this at the moment myself, but I certainly will once we get our CCIE >lab up and running. > > Wildcard bits are "real" wildcard bits even in distribute lists. If you want to permit/deny based on prefix length you need to use a prefix-list instead of an IP access-list so that you can match on both the network and prefix length. >Fred Reimer - CCNA > > >Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 >Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 > > >NOTICE; This email contains confidential or proprietary information which >may be legally privileged. It is intended only for the named recipient(s). >If an addressing or transmission error has misdirected the email, please >notify the author by replying to this message. If you are not the named >recipient, you are not authorized to use, disclose, distribute, copy, print >or rely on this email, and should immediately delete it from your computer. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=72310&t=72253 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
