Hunt, There are two schools of thought (at least). One of them involves thinking in binary, which I think is the more difficult, but depends how your mind works. I can work it out in binary on paper, but my head goes slower than the pen, so I use the second (and quickest) method:
For the second method you have to think of everything in blocks (or chunks as I usually use because its unique and 'unconfusable' with any other term): The blocks can be 2, 4, 8, 16, 32, 64, 128 The only bit you have to do in your head is visualise how your addresses fit in to those blocks. I'll let someone else explain exactly how to visualise it as I will never be an instructor. My teaching methods sometimes have a negative effect. Sometimes irreversible :-) I think it's Leigh Anne Chisholm that has the way with the words. Once you've grasped it you'll wonder how you ever found it so difficult. All subnet calculations can be done in your head within a few seconds, except some none-contiguous wild cards (tricky some times). If you search the archives there are some good explanations though. Regards, Gaz ""D. J. Jones"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Think of it in the same terms as you would a normal subnet mask Lee. > > You want to permit address 10.10.10.40 thru 10.10.10.49. > 10.10.10.40 255.255.255.248 is equal to 10.10.10.40 0.0.0.7 and > includes the addresses 10.10.10.40 thru 10.10.10.47. Furthermore, > 10.10.10.48 255.255.255.254 is equal to 10.10.10.48 0.0.0.1 and > includes the addresses 10.10.10.48 thru 10.10.10.49. > > Try to always think binary. In this case the first range falls on an 8 bit > boundary with the range 0 1 2 3 4 5 6 7. The second ranges starts > on an 8 bit boundary with the range 0 1. You should now be able to see > that as 0.0.0.7 and 0.0.0.1. Hope this helps. > ""Hunt Lee"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Thanks for the response guys :) But can anyone explain to me how do you > > guys derive: > > > > 10.10.10.40 0.0.0.7 & 10.10.10.48 0.0.0.1 > > > > And also, for the second statement, how do you know 48 has to be placed in > > the fourth octet? > > > > I'm still very confused, but thanks for your help in advance. > > > > Best Regards, > > Hunt Lee > > > > > > ""Gaz"" wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > You're not wrong, spotted the previous mistake, you just missed off an > > > address. That's a nice way of putting it eh? > > > > > > Changing your second line to Permit 10.10.10.48 0.0.0.1 will do the > trick > > > because it allows 48 and 49 through. > > > > > > Regards, > > > > > > Gaz > > > > > > > > > ""Shengtao"" wrote in message > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > I think "Permit 10.10.10.40 0.0.0.7" will allow 40-47, and you need > > > another > > > > statement " Permit 10.10.10.48 0.0.0.0" to allow 48 to get through. > > > > > > > > Am I worng? > > > > > > > > > > > > ""Godswill HO"" wrote in message > > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > > Hi, > > > > > > > > > > Try the following: > > > > > > > > > > IP access-list standard allowed > > > > > Permit 10.10.10.40 0.0.0.7 > > > > > Permit 10.10.10.49 0.0.0.0 > > > > > > > > > > The first permit statement allow addresses n.n.n.40 to n.n.n.48, > while > > > the > > > > > last one allow address n.n.n.49. There is no way you can deny whole > > > range > > > > > without affecting other addresses with one single statement. > > > > > > > > > > When appliying it to your interface say: > > > > > > > > > > Router(config-if)#IP access-group allowed in > > > > > > > > > > Regards. > > > > > Oletu > > > > > > > > > > ----- Original Message ----- > > > > > From: Hunt Lee > > > > > To: > > > > > Sent: Friday, January 04, 2002 9:29 PM > > > > > Subject: Access-List questions [7:31001] > > > > > > > > > > > > > > > > Hello there, > > > > > > > > > > > > I need some help on Access-Lists: > > > > > > > > > > > > Say if I want to permit network access to only 10.10.10.1 - > > > 10.10.10.254 > > > > > > > > > > > > I know you can simply use: > > > > > > > > > > > > Access-list 10 permit 10.10.10.0 0.0.0.255 > > > > > > > > > > > > However, if I want to only permit the range of 10.10.10.40 to > > > > 10.10.10.49 > > > > > > (inclusive), then what should I do? > > > > > > > > > > > > Any help is greatly appreciated. > > > > > > > > > > > > Best Regards, > > > > > > Hunt Lee > > > > > > IP Solution Analyst > > > > > > Cable & Wireless > > > > > _________________________________________________________ > > > > > Do You Yahoo!? > > > > > Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=31037&t=31001 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
