Imagine i have one FastEthernet interface with 2 networks configured.
ip address 172.23.55.254 255.255.255.0
ip address 172.24.55.254 255.255.255.0 secundary
I dont want that the users from one network can reach the other network users.
What kind of access-list should be better to perfomr this?
I believe when there are 2 hosts in different subnet though they are in same vlan and when anyone of them initiate a ping to another one because my client knows that request is for someone on other subnet , it will initiate an arp request for gateway address and gateway will respond with its mac and it will always hit router first.
So I tried the same setup in my test bed and captured the traffic and checked that any ping request is hitting my router first with destination mac address as my router interface mac address.