Options
range hosts in ACL using wildcard mask
Comments
-
Options
Danman32
Member Posts: 1,243
Looking over the Cisco documentation that MacWhizard listed, you would have the bit mask continue with 1's for the remaining rightmost bits once you started a 'don't care' with a bit. So '10001101' doesn't seem legal.
Even if it is legal, I don't think a complex mask like that would appear on the exam. -
OptionsBubbaJ
Member Posts: 323
I doubt that is CCNA level material, but you will find complex things like that on CCIE exams. You will see things like a list of seemingly different networks and be asked to make a single (or as few as possible) ACL entry to cover them all.Danman32 wrote:Even if it is legal, I don't think a complex mask like that would appear on the exam. -
Optionsmacwhizard
Member Posts: 66 ■■□□□□□□□□
does it mean a mask of x.x.x.0000 00 11 (6bits must match) can be specified as long as first 6 bits match ?
1000 00 00 = 128
1000 00 01 = 129
1000 00 10 = 130
1000 00 11 = 131
0000 01 00 = 4
0000 01 01 = 5
0000 01 10 = 6
0000 01 11 = 7
1100 10 00 = 200
1100 10 01 = 201
: : -
Optionsmacwhizard
Member Posts: 66 ■■□□□□□□□□
BubbaJ wrote:I doubt that is CCNA level material, but you will find complex things like that on CCIE exams.
whether CCIE or more advanced, it is better to learn the proper thing throughly when you start, once you get the wrong concepts, it is very difficult to correct.
-
OptionsBubbaJ
Member Posts: 323
macwhizard wrote:does it mean a mask of x.x.x.0000 00 11 (6bits must match) can be specified as long as first 6 bits match ?
1000 00 00 = 128
1000 00 01 = 129
1000 00 10 = 130
1000 00 11 = 131
0000 01 00 = 4
0000 01 01 = 5
0000 01 10 = 6
0000 01 11 = 7
1100 10 00 = 200
1100 10 01 = 201: :
The first 6 bits must match. The 1s are "don't care" bits, meaning that they can be 1 or 0. If there are two of these bits, there are 4 possible addresses that match (2^2=4).