GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
Re: An access-list challenge posted 08/28/2000
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


Hi All,
     After a bit of thought.....
access-list 101 deny ip 128.0.0.0 63.254.255.250 255.255.0.0 255.255.0.0
access-list 101 deny ip 192.0.1.0 31.255.254.255 255.255.255.0 0.0.0.255
access-list 101 permit ip any any

A quick question on the masking side. As I understand it, we are looking
for b-class add's with less than 16 bits. If I understand the process,
255.255.0.0 255.255.0.0 (second part of top line) says,
1st octet-don't care
2nd octet-don't care
3rd octet-must match exactly (in this case, zero)
4th octet-must match exactly (in this case, zero)
Therefore, we are allowed at most, 16 bits.
On line 2, 255.255.255.0 0.0.0.255 says,
1st octet- must match exactly (255)
2nd octet- must match exactly (255)
3rd octet- must match exactly (255)
4th octet-don't care.
In this way, we are assured a minium of 24 bits.

Is this how others look at this or am I barking up the wrong tree ?
Regards,
     Lachlan



                                                                                                                  
                    Simon Baxter                                                                                  
                    <Simon.Baxter@xxxxx        To:     "CCIE Group Study (E-mail)" <ccielab@xxxxxxxxxxxxxx>       
                    gical.com>                 cc:                                                                
                    Sent by:                   Subject:     An access-list challenge                              
                    nobody@xxxxxxxxxxxx                                                                           
                    om                                                                                            
                                                                                                                  
                                                                                                                  
                    27/08/00 10:51 AM                                                                             
                    Please respond to                                                                             
                    Simon Baxter                                                                                  
                                                                                                                  
                                                                                                                  



For anybody up to it..

not too nasty..

RTRA
router bgp 100
distribute-list 101 in


create access-list 101 so that RTRA doesn't accept even numbered class B
routes with a mask <16 bits or odd numbered class C routes with a mask >24
bits.



I hope it didn't take you as long as it did me!!

_______________________________________________________
To unsubscribe from the CCIELAB list, send a message to
majordomo@xxxxxxxxxxxxxx with the body containing:
unsubscribe ccielab




_______________________________________________________
To unsubscribe from the CCIELAB list, send a message to
majordomo@xxxxxxxxxxxxxx with the body containing:
unsubscribe ccielab