GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
Instructions for using Windows Calc in decimal format for access list generation. posted 11/01/2003
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


Ok, working off the binary math posted By Brian McGahan.

http://www.internetworkexpert.com/resources/01700370.htm


I've converted the method to work in decimal format on the windows calc.

The advantage here is that windows calc is useable in the lab!

This method has a simple sequence of operations, keeping down to
possibility of human error under stress. :)

Note - Logical operations work in any number base.

I've checked and it seems to work every time.

Also have had other people check it.

------------------------------------------------------------------------
----

Instructions for using Windows Calc in decimal for accesslist
generation.

Operations are done per octet.  Processed in columns. 

Let`s do 10.55.0.0; 10.33.0.0; 10.36.0.0;

The Network value is defined as octets `AND`-ed together.

Example 55 & 33 & 36 =  32   ; Keep result. 

The Wildcard value is defined (in binary) as all ones = false, all
zeros=false anything else=true

But we will use the windows calc so you don`t have to worry about
binary.

Our next operation is to `Or` the same numbers.

55 | 33 | 36 = 55  ; Keep result

Now for the wildcard, take result of  `&` operation and result of  `|`
operation use the `XOR` operation on the two previous results.

32 xor 55 = 23

So the answer `10.32.0.0 0.23.0.0` should match 55,33,36 

Checking with the boson wildcard util.  It checks.


In summary,

Using windows calc, in decimal numbers.

`AND` all the numbers of the octet column together.

Keep this result, this your network number for that octet.

`OR`  the same column, keep result.

`XOR` the two previous values, that`s the wildcard mask.


Simple Enough, and you can`t make binary mistake using method in the
lab.
 

Note - don`t discard zero results, it will be used later in method.


------------------------------------------------------------------------
----



Please feel free to check method,

I believe it works in all cases.


Michael Snyder
Lead Network Engineer
CCSP, CCDP, MCSE
Revolution Computer Systems
(270) 443-7400







-----Original Message-----
From: Cristian Henry H [mailto:chenry@xxxxxxxx] 
Sent: Tuesday, September 30, 2003 7:03 AM
To: Casey, Paul (6822)
Cc: ccielab@xxxxxxxxxxxxxx
Subject: Re: Access list filter in the shortest lines possible.

I got the following one:

access-list 10 permit 100.0.33.0 27.55.94.0

"Casey, Paul (6822)" ha escrito:
> 
> > Hello,
> >
> > For example, say we are asked to filter the following routes using
the
> > shortest nuber of lines possible
> >
> > 102.17.63.0
> > 126.22.61.0
> > 111.22.57.0
> > 125.33.101.0
> >
> > Can someone tell me the best access list to use to filter these
networks.
> >
> > Thanks in advance.
> > Kind regards.
> >
> >
> >
> >
> 
>
************************************************************************
****