Hey there GUY:
172.16.1.0 with a wildcard mask of 0.0.0.127
means the same as 172.16.1.0/25. In other words, only various combinations
of the last seven bits may have been manipulated to form the host addresses
that belong to the subnetwork that this acl will affect. This makes the
range 172.16.1.0 to 172.16.1.127 (not 128, as you wrote)
Similarly, 172.16.1.128 0.0.0.127 will affect the range from 172.16.1.128 to
172.16.1.255.
What you've written:
"172.16.1.0/28 to 172.16.1.128/28" isn't really a range, but rather two
different subnets available with /28 masks. There are sixteen:
172.16.1.0/28
172.16.1.16/28
172.16.1.32/28
...etc until you get to 172.16.1.240/28
The 'first' eight of these (.o/28 through .112/28) all share the same bit
structure through the first 25 bits, so that is why the first
example acl you cited (172.16.1.0 with a wildcard mask of 0.0.0.127) would
work for that.
Similarly, the 172.16.1.128 0.0.0.127 will block out the rest because the
bit structure for all of those is the same for the first 25 bits. Remember ,
the wildcard mask just tells the router to ignore anything that's masked out
with a "1" bit in the mask.
HTH
:-{)]
Mark A. Morenz, MS Ed, CCNA, CCAI
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=23674&t=23648
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
