GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
RE: Distribute-list with extended ACL [7:46732] posted 06/17/2002
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


Thanks for the reply.. I understand how the access-lists work and the 3rd
octet with regards to what i'm permitting/denying.  I had no problem getting
a standard ACL to work (much like what you've shown) but I encountered
problems when trying to use a extended ACL to match the mask of the routes
being filtered.



-----Original Message-----
From: Chris Hugo [mailto:chrishugo@xxxxxxxxx]
Sent: Sunday, June 16, 2002 9:29 PM
To: cisco@xxxxxxxxxxxxxx
Subject: Re: Distribute-list with extended ACL [7:46732]


Hi, 
It is the third octet of the 199.199.0.0 that makes the difference here. The
way you have the access-list configured is to permit odd numbers. The
statement I present will allow EVEN networks 0,2,4,6,8 and etc.Your
statement will allow ODD networks 1,3,5,7,9 ,and etc.
The wildcard 0.0.254.0 will lock down all bits except the third octet which
will fluctuate to accommodate your prefixes that you wish to propagate.
The third octet of the wildcard statement will lock down the first bit which
you don't want to toggle since you only want ODD or in your case EVEN
networks will be propagated.
 access-list 1 per 199.199.0.0 0.0.254.0 
*It's always best to write out the statements to eliminate guesswork. My EE
Days were the same thing.
hth, 
chris hugo 
BTW, HAPPY FATHER'S DAY TO ALL. 
  "Ouellette, Tim"  wrote: RouterA is advertising the range of networks
199.199.1.0/24 through
199.199.2.0/24 and I'm trying to use a distribute-list out on RouterA under
the RIP process to filter the even subnets. If I use a standard ACL that
looks like this "access-list 1 permit 199.199.1.0 0.0.254.255" then the
proper routes get filtered. I then tried to use an extended ACL with the
distribute-list to try and filter the same routes but couldn't get it to
work. Can someone explain to me how this works. From my understanding, the
destination portion of the extended ACL when used with a distribute-list
matches on the subnet mask that is in the update. I tried using
255.255.255.0 0.0.0.255 which didn't work, neither did host 255.255.255.0 .
Anyone have any ideas?

199.199.1.0/24 - 199.199.10.0/24 RouterA ======= RouterB
_________________________________________________________________
Commercial lab list: http://www.groupstudy.com/list/commercial.html
Please discuss commercial lab solutions on this list.
---------------------------------
Do You Yahoo!?
Sign-up for Video Highlights of 2002 FIFA World Cup




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46735&t=46732
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to abuse@xxxxxxxxxxxxxx