Re: Extended ACL Block with Permits

From: Joseph Saad (joseph.samir.saad@gmail.com)
Date: Sat Sep 08 2007 - 11:33:09 ART

• Next message: mohammed shoeb ahmed: "Re: HSRP Preempt"
• Previous message: Joe Carr (Enventis): "Extended ACL Block with Permits"
• Maybe in reply to: Joe Carr (Enventis): "Extended ACL Block with Permits"
• Next in thread: Joe Carr (Enventis): "RE: Extended ACL Block with Permits"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

permit 172.16.0.0 0.0.247.255

in a sense you care to deny 172.16.8.0
i.e.
last 16 bit as
00001000.0000000

So, you care that the 5th MSb shouldn't be 1. So you give it a value of 0 in
the SNM
then you should allow

00000000.00000000
with subnet mask of
11110111.11111111

You can take it from here.

On 9/8/07, Joe Carr (Enventis) <jcarr@enventis.com> wrote:
>
> What would be the least amount of commands used to block an IP address
> using only permit statements in an Extended ACL.
>
>
>
> Let say we want to block 172.16.8.0/24 but permit all other
> 172.16.0.0/24 address
>
>
>
>
>
>
>
> Joe
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: mohammed shoeb ahmed: "Re: HSRP Preempt"
• Previous message: Joe Carr (Enventis): "Extended ACL Block with Permits"
• Maybe in reply to: Joe Carr (Enventis): "Extended ACL Block with Permits"
• Next in thread: Joe Carr (Enventis): "RE: Extended ACL Block with Permits"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Oct 06 2007 - 12:01:10 ART