host 255.255.255.0

Answered Question

Dear Netpro!


R1#sh ip access-lists

Extended IP access list RIP-OSPF

10 permit ip 199.172.0.0 0.0.255.255 255.255.255.0 0.0.0.255

20 permit ip host 150.100.1.0 host 255.255.255.0

30 permit ip host 150.1.1.0 host 255.255.255.0


question:what this mean ?host 255.255.255.0

many 10xs

Correct Answer by Edison Ortiz about 9 years 3 months ago

Ali,


That's not a valid host, that should've been part of the subnet mask.


It looks like that ACL is for redistribution and you want to redistribute 199.172.0.0/16, 150.100.1.0/24 and 150.1.1.0/24.


Your ACL you should like this


Standard IP access list RIP-OSPF

10 permit 199.172.0.0, wildcard bits 0.0.255.255

20 permit 150.100.1.0, wildcard bits 0.0.0.255

30 permit 150.1.1.0, wildcard bits 0.0.0.255


___


sh run | sec RIP-OSPF

ip access-list standard RIP-OSPF

permit 199.172.0.0 0.0.255.255

permit 150.100.1.0 0.0.0.255

permit 150.1.1.0 0.0.0.255


__


Remember, with ACLs you must use the inverse mask and use standard instead of extended


HTH,


__


Edison.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Edison Ortiz Sun, 01/13/2008 - 10:31
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Ali,


That's not a valid host, that should've been part of the subnet mask.


It looks like that ACL is for redistribution and you want to redistribute 199.172.0.0/16, 150.100.1.0/24 and 150.1.1.0/24.


Your ACL you should like this


Standard IP access list RIP-OSPF

10 permit 199.172.0.0, wildcard bits 0.0.255.255

20 permit 150.100.1.0, wildcard bits 0.0.0.255

30 permit 150.1.1.0, wildcard bits 0.0.0.255


___


sh run | sec RIP-OSPF

ip access-list standard RIP-OSPF

permit 199.172.0.0 0.0.255.255

permit 150.100.1.0 0.0.0.255

permit 150.1.1.0 0.0.0.255


__


Remember, with ACLs you must use the inverse mask and use standard instead of extended


HTH,


__


Edison.



martin-johnson Tue, 01/15/2008 - 04:31
User Badges:

On the other hand - those could be valid access lists. Access lists of that format can be used to filter BGP routes.


The source portion of the ACL is used to match the network portion of the BGP route and the destination portion of the ACL is used to match the subnet mask of the BGP route.


http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00801310cb.shtml

Filtering Using distribute-list with an Extended Access List

Actions

This Discussion