Filtering Routes

brewoz40brewoz40 Member Posts: 57 ■■□□□□□□□□
alright, having a major brain fart on this. so im messing around practicing filtering routes via access list. In the example that i have, for some reason i'm having trouble understanding how they came up with the access list to filter the needed routes. So lets say you have the following routes: 2.2.0.0 - 2.2.9.0 /24. You want to filter out the odd number routes; so this would be the access-list:
access-list 1 deny 2.2.1.0 0.0.254.255

or vice versa of filtering out the even routes it would be:
access-list 1 deny 2.2.0.0 0.0.254.255

I'm just not getting how the inverse mask is gotten.

Here is the explanation given for the access list:
Explanation of the accesslist:
Example:
Access-list 1 permit 2.0.0.0 0.255.255.255
In this accesslist
we are permitting any network that matches the result of the
anding of network 2.0.0.0 with an inverse mask of 0.255.255.255. In order for us to
do the anding we must get the regular mask, to get the regular mask, we should
subtract 0.255.255.255 from 255.255.255.255, which results to 255.0.0.0;
Therefore, the anding is as follows:
00000010.00000000.00000000.00000000 Network (In this case 2.0.0.0)
11111111.11111111.11111111.00000000 Regular Mask (In this case 255.255.255.0)
The result of this anding is 2.0.0.0, therefore if the result of the AND matches
network 2.0.0.0, it is permitted, if NOT, it’s denied.
In this task the accesslist
is:
Accesslist
1 deny 2.2.1.0 0.0.254.255
Therefore, in order for us to do the anding, we have to get the regular mask for the
inverse mask of 0.0.254.255, which is; 255.255.255.255 minus 0.0.254.255 equals to
255.255.1.0
00000010.00000010.00000000.00000000 (Network)
11111111.11111111.00000001.00000000 (Regular mask)
The result of this AND is 2.2.0.0, therefore, if it matches 2.2.0.0, it should be denied,
if the network is replaced with other subnets of network 2.2.0.0, we will see that the
ODD numbered networks are all denied.

Sorry for the long post, i the first example but not the last part and how you get the 0.0.254.255. Anyone have a simple way of putting it! lol!

Comments

Sign In or Register to comment.