Re: Extended Access-list

From: Mingzhou Nie (mnie@xxxxxxxxx)
Date: Mon Jun 17 2002 - 14:39:27 GMT-3

• Next message: Jeff K: "Re: stp question"
• Previous message: Rahmlow, Howard F.: "Odd Emails"
• Maybe in reply to: Ng, Kim Seng David (David): "Extended Access-list"
• Next in thread: Carlos G Mendioroz: "Re: Extended Access-list"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
In distribut-list, extended access-list is interpreted different than
it should be. The source address part is used to match route
network/subnet and destination address part to match submask.

In your example, it tells, router network has to be 160.x.y.z where xyz
can be anything, but the mask has to be exactly 255.0.0.0. It's the
same as

access-list 101 permit ip 160.0.0.0 0.255.255.255 host 255.0.0.0

Ming
--- "Ng, Kim Seng David (David)" <ksng@avaya.com> wrote:
> Hi group,
>
> How do you interprete the following extended access-list as
> permitting only 160.0.0.0/8 when applied by a distribute list?
>
> access-list 101 permit ip 160.0.0.0 0.255.255.255 255.0.0.0 0.0.0.0
>
> I do not really understand the second part of the access-list
> "255.0.0.0 0.0.0.0". What is it actually denoting? What if we need to
> permit only 160.0.0.0/12? Is it then
>
> access-list 101 permit ip 160.0.0.0 0.15.255.255 255.240.0.0 0.0.0.0
>
> Please correct me. Thanks
>
> David

• Next message: Jeff K: "Re: stp question"
• Previous message: Rahmlow, Howard F.: "Odd Emails"
• Maybe in reply to: Ng, Kim Seng David (David): "Extended Access-list"
• Next in thread: Carlos G Mendioroz: "Re: Extended Access-list"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Jul 02 2002 - 08:12:35 GMT-3