Re: Wild Card Mask Puzzle SOLUTION!!!!!!
I put "don't care bits" because I used A.B.C.1 to demonstrate that we don't care what those octects were. I should have used 0.0.0.1 or something else... I can see how A.B.C.1 can seem like a specific address Sorry for the mixup. I'll be more careful of these things in the future.. =) Mike W. - Original Message - From: Andreas Klemm <[EMAIL PROTECTED]> To: Michael L. Williams <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Wednesday, July 05, 2000 12:59 AM Subject: Re: Wild Card Mask Puzzle SOLUTION!! > On Tue, Jul 04, 2000 at 11:19:17AM -0500, Michael L. Williams wrote: > > access-list 10 permit A.B.C.1 255.255.255.24 > ^^^ > This is wrong. Why "don't care bits", if you have a specific > A.B.C address ? > > Correct is: > > access-list 10 permit A.B.C.1 0.0.0.24 > > -- > Andreas Klemm http://people.FreeBSD.ORG/~andreas > http://www.freebsd.org/~fsmp/SMP/SMP.html >powered by Symmetric MultiProcessor FreeBSD > New APSFILTER 542 and songs from our band - http://people.freebsd.org/~andreas > ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Wild Card Mask Puzzle SOLUTION!!!!!!
I agree with this -Joe- Andreas Klemm <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > On Tue, Jul 04, 2000 at 11:19:17AM -0500, Michael L. Williams wrote: > > access-list 10 permit A.B.C.1 255.255.255.24 > ^^^ > This is wrong. Why "don't care bits", if you have a specific > A.B.C address ? > > Correct is: > > access-list 10 permit A.B.C.1 0.0.0.24 > > -- > Andreas Klemm http://people.FreeBSD.ORG/~andreas > http://www.freebsd.org/~fsmp/SMP/SMP.html >powered by Symmetric MultiProcessor FreeBSD > New APSFILTER 542 and songs from our band - http://people.freebsd.org/~andreas > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Wild Card Mask Puzzle SOLUTION!!!!!!
On Tue, Jul 04, 2000 at 11:19:17AM -0500, Michael L. Williams wrote: > access-list 10 permit A.B.C.1 255.255.255.24 ^^^ This is wrong. Why "don't care bits", if you have a specific A.B.C address ? Correct is: access-list 10 permit A.B.C.1 0.0.0.24 -- Andreas Klemm http://people.FreeBSD.ORG/~andreas http://www.freebsd.org/~fsmp/SMP/SMP.html powered by Symmetric MultiProcessor FreeBSD New APSFILTER 542 and songs from our band - http://people.freebsd.org/~andreas ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Wild Card Mask Puzzle SOLUTION!!!!!!
Two points. 1) always be careful with the wording of questions. There are two correct answers, depending upon how one interprets the question. Access-list 10 permit 0.0.0.1 255.255.255.24 is indeed correct IF you want to permit only the values of 1,9,17,and 25 in the last octet of ANY network, whether that be 192.168.1.x or 10.0.0.x etc Access-list 10 permit a.b.c.1 0.0.0.24 is indeed correct IF you want to permit only hosts with 1,9,17,25 in the last octet from a SPECIFIC network. Shades of Cisco exam questions. :-> It's been fun, gang. Let's do it again sometime. Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Michael L. Williams Sent: Tuesday, July 04, 2000 3:02 PM To: [EMAIL PROTECTED] Subject: Re: Wild Card Mask Puzzle SOLUTION!! Sorry for overlooking you! Good job! Mike W. John Neiberger <[EMAIL PROTECTED]> wrote in message 32064763.962730060174.JavaMail.imail@tiptoe">news:32064763.962730060174.JavaMail.imail@tiptoe... > Thanks, Evgeny. My answer had that mask 0.0.0.24, which would only allow > specific hosts on a specific subnet. If the original question was to allow > any host witha 1,9,17, or 25 in the last octect--but from any subnet--then > 255.255.255.24 would be the correct answer. > > It all depends on how the original question was worded. Regardless, the > trickiest part was the mask on the last octect. Good question!! > We need to make this a regular thing, that was a lot of fun. > > John > > > Michael, > > > > Thanks a lto for mentioning my name, but > > I've just looked through follow-ups and found out that John Neiberger was > > the first to give correct answer. > > > > RGRDS, > > EVgeny > > > > -- > > *** > > Please DO NOT send replies just directly to me, post them to the > Newsgroup > > as well > > > > *** > > ""Michael L. Williams"" <[EMAIL PROTECTED]> wrote in message > > 8jt2kl$2s4$[EMAIL PROTECTED]">news:8jt2kl$2s4$[EMAIL PROTECTED]... > > > Okay. There have been alot of responses to this. And alot of people > > > wanting the answer. > > > > > > SO, let me mention Evgeny Babanin and Chuck Hwang, since they gave > correct > > > responses to the question! Congrats!! > > > > > > Now, I'll everyone's agony... =) > > > > > > The answer is: > > > > > > access-list 10 permit A.B.C.1 255.255.255.24 > > > > > > Here's the explanation: > > > > > > Remeber in the wildcard mask, for a given bit: > > > 0 = must match the same bit in the source address given > > > 1 = doesn't matter what it is > > > > > > I will use A.B.C.1 for the source address in the access-list command > since > > > (as we see below) the least significant should always be 1. Below I > have > > > the binary version of our address 0.0.0.1: > > > > > > aaa aaa.bbb bbb.ccc ccc. 0001 <- least significant bit = 1, thus > > > the decimal value of that octect is 1. This is crutial because this is > > the > > > only non-zero bit in the source address. We'll use that later. > > > > > > Limiting ourselves to looking at the last octet of the target IPs we > want > > to > > > let through, > > > 0001 = 1 > > > 1001 = 9 > > > 0001 0001 = 17 > > > 0001 1001 = 25 > > > --- > > > So since the last bit ( xxx1) has to = 1 (like in the source > address), > > > it's corresponding wildcard bit must = 0 > > > > > > so we know the wildcard mask so far has to be xxx0 (last octect > > only) > > > > > > we also know that bits (from right to left) 2, 3, 6, 7, 8 HAVE to be = > 0 > > (so > > > they match the zeros in the source address), so therefore their > > > corresponding bits in the wildcard mask must be = 0. So now we have: > > > > > > 000x x000 (last octect only) > > > > > > When looking at bit 4 and 5 we see that they could be either 0 or 1. > Any > > of > > > the > > > four combinations of 0 and 1 give us the four target addresses, so > > > their bits in the wildcard mask are = 1. So our final wildcard mask > will > > be > > > > > > 0001 1000 (last octect only) = 24 (decimal) > > > > > > S
Re: Wild Card Mask Puzzle SOLUTION!!!!!!
Sorry for overlooking you! Good job! Mike W. John Neiberger <[EMAIL PROTECTED]> wrote in message 32064763.962730060174.JavaMail.imail@tiptoe">news:32064763.962730060174.JavaMail.imail@tiptoe... > Thanks, Evgeny. My answer had that mask 0.0.0.24, which would only allow > specific hosts on a specific subnet. If the original question was to allow > any host witha 1,9,17, or 25 in the last octect--but from any subnet--then > 255.255.255.24 would be the correct answer. > > It all depends on how the original question was worded. Regardless, the > trickiest part was the mask on the last octect. Good question!! > We need to make this a regular thing, that was a lot of fun. > > John > > > Michael, > > > > Thanks a lto for mentioning my name, but > > I've just looked through follow-ups and found out that John Neiberger was > > the first to give correct answer. > > > > RGRDS, > > EVgeny > > > > -- > > *** > > Please DO NOT send replies just directly to me, post them to the > Newsgroup > > as well > > > > *** > > ""Michael L. Williams"" <[EMAIL PROTECTED]> wrote in message > > 8jt2kl$2s4$[EMAIL PROTECTED]">news:8jt2kl$2s4$[EMAIL PROTECTED]... > > > Okay. There have been alot of responses to this. And alot of people > > > wanting the answer. > > > > > > SO, let me mention Evgeny Babanin and Chuck Hwang, since they gave > correct > > > responses to the question! Congrats!! > > > > > > Now, I'll everyone's agony... =) > > > > > > The answer is: > > > > > > access-list 10 permit A.B.C.1 255.255.255.24 > > > > > > Here's the explanation: > > > > > > Remeber in the wildcard mask, for a given bit: > > > 0 = must match the same bit in the source address given > > > 1 = doesn't matter what it is > > > > > > I will use A.B.C.1 for the source address in the access-list command > since > > > (as we see below) the least significant should always be 1. Below I > have > > > the binary version of our address 0.0.0.1: > > > > > > aaa aaa.bbb bbb.ccc ccc. 0001 <- least significant bit = 1, thus > > > the decimal value of that octect is 1. This is crutial because this is > > the > > > only non-zero bit in the source address. We'll use that later. > > > > > > Limiting ourselves to looking at the last octet of the target IPs we > want > > to > > > let through, > > > 0001 = 1 > > > 1001 = 9 > > > 0001 0001 = 17 > > > 0001 1001 = 25 > > > --- > > > So since the last bit ( xxx1) has to = 1 (like in the source > address), > > > it's corresponding wildcard bit must = 0 > > > > > > so we know the wildcard mask so far has to be xxx0 (last octect > > only) > > > > > > we also know that bits (from right to left) 2, 3, 6, 7, 8 HAVE to be = > 0 > > (so > > > they match the zeros in the source address), so therefore their > > > corresponding bits in the wildcard mask must be = 0. So now we have: > > > > > > 000x x000 (last octect only) > > > > > > When looking at bit 4 and 5 we see that they could be either 0 or 1. > Any > > of > > > the > > > four combinations of 0 and 1 give us the four target addresses, so > > > their bits in the wildcard mask are = 1. So our final wildcard mask > will > > be > > > > > > 0001 1000 (last octect only) = 24 (decimal) > > > > > > So.. the following command is the correct answer: > > > > > > access-list 10 permit A.B.C.1 255.255.255.24 > > > > > > It's a tough question,.. That's why it's fun =) Thanks to everyone > > that > > > participated! > > > > > > Mike W. > > > > > > PS: Alrighty Chuck. we're ready for the next question =) > > > > > > > Puzzle posed by Mike Williams: > > > > > > > > Make a (single line) access-list that will only allow traffic from > > > addresses > > > > matching the following model: > > > > > > > > x.x.x.1 > > > > x.x.x.9 > > > > x.x.x.17 > > > > x.x.x.25 > > > > > > > > It's along the same lines as the question you posed, but a little > more > > > > challenging since you only want those 4 addresses to pass > through. > > =) > > > > > > > > > > > > ___ > > > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > > > FAQ, list archives, and subscription info: http://www.groupstudy.com > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > --- > > > > > > ___ > > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > > FAQ, list archives, and subscription info: http://www.groupstudy.com > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > ___ > Say Bye to Slow Internet! > http://www.home.com/xinbox/signup.html > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstud
Re: Wild Card Mask Puzzle SOLUTION!!!!!!
Thanks, Evgeny. My answer had that mask 0.0.0.24, which would only allow specific hosts on a specific subnet. If the original question was to allow any host witha 1,9,17, or 25 in the last octect--but from any subnet--then 255.255.255.24 would be the correct answer. It all depends on how the original question was worded. Regardless, the trickiest part was the mask on the last octect. Good question!! We need to make this a regular thing, that was a lot of fun. John > Michael, > > Thanks a lto for mentioning my name, but > I've just looked through follow-ups and found out that John Neiberger was > the first to give correct answer. > > RGRDS, > EVgeny > > -- > *** > Please DO NOT send replies just directly to me, post them to the Newsgroup > as well > > *** > ""Michael L. Williams"" <[EMAIL PROTECTED]> wrote in message > 8jt2kl$2s4$[EMAIL PROTECTED]">news:8jt2kl$2s4$[EMAIL PROTECTED]... > > Okay. There have been alot of responses to this. And alot of people > > wanting the answer. > > > > SO, let me mention Evgeny Babanin and Chuck Hwang, since they gave correct > > responses to the question! Congrats!! > > > > Now, I'll everyone's agony... =) > > > > The answer is: > > > > access-list 10 permit A.B.C.1 255.255.255.24 > > > > Here's the explanation: > > > > Remeber in the wildcard mask, for a given bit: > > 0 = must match the same bit in the source address given > > 1 = doesn't matter what it is > > > > I will use A.B.C.1 for the source address in the access-list command since > > (as we see below) the least significant should always be 1. Below I have > > the binary version of our address 0.0.0.1: > > > > aaa aaa.bbb bbb.ccc ccc. 0001 <- least significant bit = 1, thus > > the decimal value of that octect is 1. This is crutial because this is > the > > only non-zero bit in the source address. We'll use that later. > > > > Limiting ourselves to looking at the last octet of the target IPs we want > to > > let through, > > 0001 = 1 > > 1001 = 9 > > 0001 0001 = 17 > > 0001 1001 = 25 > > --- > > So since the last bit ( xxx1) has to = 1 (like in the source address), > > it's corresponding wildcard bit must = 0 > > > > so we know the wildcard mask so far has to be xxx0 (last octect > only) > > > > we also know that bits (from right to left) 2, 3, 6, 7, 8 HAVE to be = 0 > (so > > they match the zeros in the source address), so therefore their > > corresponding bits in the wildcard mask must be = 0. So now we have: > > > > 000x x000 (last octect only) > > > > When looking at bit 4 and 5 we see that they could be either 0 or 1. Any > of > > the > > four combinations of 0 and 1 give us the four target addresses, so > > their bits in the wildcard mask are = 1. So our final wildcard mask will > be > > > > 0001 1000 (last octect only) = 24 (decimal) > > > > So.. the following command is the correct answer: > > > > access-list 10 permit A.B.C.1 255.255.255.24 > > > > It's a tough question,.. That's why it's fun =) Thanks to everyone > that > > participated! > > > > Mike W. > > > > PS: Alrighty Chuck. we're ready for the next question =) > > > > > Puzzle posed by Mike Williams: > > > > > > Make a (single line) access-list that will only allow traffic from > > addresses > > > matching the following model: > > > > > > x.x.x.1 > > > x.x.x.9 > > > x.x.x.17 > > > x.x.x.25 > > > > > > It's along the same lines as the question you posed, but a little more > > > challenging since you only want those 4 addresses to pass through. > =) > > > > > > > > ___ > > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > > FAQ, list archives, and subscription info: http://www.groupstudy.com > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > --- > > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Say Bye to Slow Internet! http://www.home.com/xinbox/signup.html ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Wild Card Mask Puzzle SOLUTION!!!!!!
Michael, Thanks a lto for mentioning my name, but I've just looked through follow-ups and found out that John Neiberger was the first to give correct answer. RGRDS, EVgeny -- *** Please DO NOT send replies just directly to me, post them to the Newsgroup as well *** ""Michael L. Williams"" <[EMAIL PROTECTED]> wrote in message 8jt2kl$2s4$[EMAIL PROTECTED]">news:8jt2kl$2s4$[EMAIL PROTECTED]... > Okay. There have been alot of responses to this. And alot of people > wanting the answer. > > SO, let me mention Evgeny Babanin and Chuck Hwang, since they gave correct > responses to the question! Congrats!! > > Now, I'll everyone's agony... =) > > The answer is: > > access-list 10 permit A.B.C.1 255.255.255.24 > > Here's the explanation: > > Remeber in the wildcard mask, for a given bit: > 0 = must match the same bit in the source address given > 1 = doesn't matter what it is > > I will use A.B.C.1 for the source address in the access-list command since > (as we see below) the least significant should always be 1. Below I have > the binary version of our address 0.0.0.1: > > aaa aaa.bbb bbb.ccc ccc. 0001 <- least significant bit = 1, thus > the decimal value of that octect is 1. This is crutial because this is the > only non-zero bit in the source address. We'll use that later. > > Limiting ourselves to looking at the last octet of the target IPs we want to > let through, > 0001 = 1 > 1001 = 9 > 0001 0001 = 17 > 0001 1001 = 25 > --- > So since the last bit ( xxx1) has to = 1 (like in the source address), > it's corresponding wildcard bit must = 0 > > so we know the wildcard mask so far has to be xxx0 (last octect only) > > we also know that bits (from right to left) 2, 3, 6, 7, 8 HAVE to be = 0 (so > they match the zeros in the source address), so therefore their > corresponding bits in the wildcard mask must be = 0. So now we have: > > 000x x000 (last octect only) > > When looking at bit 4 and 5 we see that they could be either 0 or 1. Any of > the > four combinations of 0 and 1 give us the four target addresses, so > their bits in the wildcard mask are = 1. So our final wildcard mask will be > > 0001 1000 (last octect only) = 24 (decimal) > > So.. the following command is the correct answer: > > access-list 10 permit A.B.C.1 255.255.255.24 > > It's a tough question,.. That's why it's fun =) Thanks to everyone that > participated! > > Mike W. > > PS: Alrighty Chuck. we're ready for the next question =) > > > Puzzle posed by Mike Williams: > > > > Make a (single line) access-list that will only allow traffic from > addresses > > matching the following model: > > > > x.x.x.1 > > x.x.x.9 > > x.x.x.17 > > x.x.x.25 > > > > It's along the same lines as the question you posed, but a little more > > challenging since you only want those 4 addresses to pass through. =) > > > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]