Re: Double Check access-list

From: Leigh Harrison (ccileigh@gmail.com)
Date: Fri Oct 07 2005 - 08:59:48 GMT-3

• Next message: Shanky: "Re: Does the FR switch need to be the DCE always ?"
• Previous message: Stefan Grey: "Re: REally interesting question about ospf summarization."
• Maybe in reply to: Leigh Harrison: "Double Check access-list"
• Next in thread: Victor Cappuccio: "Re: Double Check access-list"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Vidhya,

You're binary is bang on. bit 16 and bit 8 which = 24

LH

vidhya natarajan wrote:

> Scott/Carl,
>
> Thanks for the reply.. I think the mask shud be .18?
>
> >2 00000010
> >10 00001010
> >18 00010010
> >26 00011010
> >Diff 00011000 = .24 Mask <---- would be a .18 mask isnt it?
>
> So the final one would be 200.0.1.2 0.0.2.18 ?
>
> Looking forward for your reply..
>
> Thanks,
> Vidhya
>
>
> On Thu, 06 Oct 2005 Carl Willias wrote :
> >Scott you nailed it. I missed the third octet.
> >
> >CW
> >
> >----- Original Message ----
> > From: Scott Morris <swm@emanon.com>
> >To: Carl Willias <mandingo2073@yahoo.com>; Lee Donald
> <Lee.Donald@t-systems.co.uk>; Leigh Harrison <ccileigh@gmail.com>;
> ccielab@groupstudy.com
> >Sent: Thursday, October 06, 2005 10:15:20 AM
> >Subject: RE: Double Check access-list
> >
> >
> >200.0.1.2
> >200.0.3.2
> >200.0.3.10
> >200.0.1.18
> >200.0.3.26
> >200.0.1.10
> >200.0.3.18
> >200.0.1.26
> >
> >Third Octet:
> >
> >1 00000001
> >3 00000011
> >Diff 00000010 = .2 Mask
> >
> >Fourth Octet:
> >
> >2 00000010
> >10 00001010
> >18 00010010
> >26 00011010
> >Diff 00011000 = .24 Mask
> >
> >Remember that the router sees these things simply as strings of 32 bits.
> >It's only our little brains that need the dotted-decimal octet
> >representations. :)
> >
> >200.0.1.2 0.0.2.24 mask will give a total of three bits of
> difference. 2^3
> >yields 8 matches, and we have 8 lines listed.
> >
> >Scott
> >
> >
> >-----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> Of Carl
> >Willias
> >Sent: Thursday, October 06, 2005 11:02 AM
> >To: Lee Donald; Leigh Harrison; ccielab@groupstudy.com
> >Subject: Re: Double Check access-list
> >
> >I think the answer is
> >
> >200.0.3.2 0.0.0.24
> >200.0.1.2 0.0.0.24
> >
> >CW
> >
> >----- Original Message ----
> > From: Lee Donald <Lee.Donald@t-systems.co.uk>
> >To: Leigh Harrison <ccileigh@gmail.com>; ccielab@groupstudy.com
> >Sent: Thursday, October 06, 2005 9:05:05 AM
> >Subject: RE: Double Check access-list
> >
> >
> >Leigh,
> >
> >How's it going? Your access-list does work however it also includes other
> >hosts with your list that your not suppose to deny, for example
> 200.0.2.16
> >would also be denied using your list but the question does not ask
> for that.
> >
> >Regards
> >
> >Lee.
> >
> >
> >
> >-----Original Message-----
> > From: Leigh Harrison [mailto:ccileigh@gmail.com]
> >Sent: 06 October 2005 14:49
> >To: ccielab@groupstudy.com
> >Subject: Double Check access-list
> >
> >Hey there,
> >
> >Could someone double check this for me? I think I've been staring at the
> >screen too long....
> >
> > From IEWB lab vol 1 17 Q.10
> >
> >Use the minumum lines necessary to deny these hosts:-
> >
> >200.0.1.2
> >200.0.3.2
> >200.0.3.10
> >200.0.1.18
> >200.0.3.26
> >200.0.1.10
> >200.0.3.18
> >200.0.1.26
> >
> >I worked it out like this:-
> >
> >128 64 32 16 8 4 2 1 #
> >0 0 0 0 0 0 0 1 1
> >0 0 0 0 0 0 1 1 3
> >
> >0 0 0 0 0 0 1 0 2
> >0 0 0 0 1 0 1 0 10
> >0 0 0 1 0 0 1 0 18
> >0 0 0 1 1 0 1 0 26
> >
> > From that, in the third octet, the only bit that cnages is 2 and both
> >variables are present. In the fourth octet, the only bits that
> change are
> >the 16 and 8 bits and all 4 variables are present.
> >
> >So I came up with :-
> >access-list 1 deny 200.0.1.2 0.0.2.24
> >access-list 1 permit any
> >
> >However, the official answer is:-
> >access-list 1 deny 200.0.1.2 0.0.2.8
> >access-list 1 deny 200.0.1.18 0.0.2.0
> >access-list 1 deny 200.0.1.26 0.0.2.0
> >access-list 1 permit any
> >
> >Am I missing something ?!?
> >
> >Time for a brew.....
> >LH
> >
> >_______________________________________________________________________
> >Subscription information may be found at:
> >http://www.groupstudy.com/list/CCIELab.html
> >
> >_______________________________________________________________________
> >Subscription information may be found at:
> >http://www.groupstudy.com/list/CCIELab.html
> >
> >_______________________________________________________________________
> >Subscription information may be found at:
> >http://www.groupstudy.com/list/CCIELab.html
> >
> >_______________________________________________________________________
> >Subscription information may be found at:
> >http://www.groupstudy.com/list/CCIELab.html
>
> __________________________________________________________________________________Hi,
> i've switched to rediffmail.pls reply me hereafter to rediffmail.
>
> <http://adworks.rediff.com/cgi-bin/AdWorks/sigclick.cgi/www.rediff.com/signature-home.htm/1507191490@Middle5?PARTNER=3>

• Next message: Shanky: "Re: Does the FR switch need to be the DCE always ?"
• Previous message: Stefan Grey: "Re: REally interesting question about ospf summarization."
• Maybe in reply to: Leigh Harrison: "Double Check access-list"
• Next in thread: Victor Cappuccio: "Re: Double Check access-list"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Nov 06 2005 - 22:00:49 GMT-3