Accesss-list help

Unanswered Question
Oct 3rd, 2008

guys i have class c address ADVERTISED TO MYSELF (FROM OUT SIDE)

X.X.1.0/24 to X.X.16.0/24

NOW MY REQUIRMENT IS TO ALLOW ONLY 4.0, 5.0, 6.0 , 7.0, 12.0 , 13.0 , 14.0 , 15.0

THE REQUIRMENT IS TO PUT ACCESS-LIST ONE LINE TO ALLOW ONLY THESE NETWORKS

THE WAY I DID IS FIRST TWO OCTACTS ARE SAME THE THIRD OCTACT IS

4.0 0000 0100

5.0 0000 0101

6.0 0000 0110

7.0 0000 0111

12.0 0000 1100

13.0 0000 1101

14.0 0000 1110

15.0 0000 1111

I GET 00000100

SO SUMARIZED IS X.X.4.0/20

SO INVERSE OF SUBNET MASK WILL BE

ACCESSLIST 1 PERMIT X.X.4.0 0.0.25.255

AM I RIGHT OR WORNG GUYS AM I DOING THE RIGHT WAY TO CALCULATE CU Z IN THIS SCENARIO I SUMARIZE FIRST THEN GET THE SUBNET MASK AND THEN I IVERT THE SUBNET MASK TO WILDCAST MASK.....AM I DOING WRIGHT OR WRONG???? IS THIS THE WAY....IS MY ACCESS-LIST FINE OR NOT.....THANKS FOR LOOKING KEEPING IN MIND THAT I WANT TO ACHIEVE IN ONE ACCESS LIST.....THANKS FOR LOOKING

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Fri, 10/03/2008 - 08:34

Hello Khan,

the first part of the job looks like correct you look for what all this subnets have in common:

they have in common:

the first two bytes

leading first 4 bits set to 0 in third byte

so the wildcard mask will have

0000 in leftmost digits of third byte

then you have found that only third bit set to 1 is in common between all subnets:

0100 -> 1011

the whole wildcard mask for third byte is:

00001011

now you convert all the byte to decimal this is the key point and you get:

11

the result is:

access-list 1 permit x.x.4.0 0.0.11.255

other way:

four bits => 15 you unset the third bit that is 4: 15-4 = 11

Hope to help

Giuseppe

The_guroo_2 Fri, 10/03/2008 - 23:40

Thanks for replying now just one more thing andi wil be crystal clear the sumarized address is (third bit)

0000 0100 so wild card would be the opposite make all those bits which were 0 will be one and the one will become 0 am i right.......we can play with right four bits not the left one as they were in common

so 0000 0100 will become 0000 1011 is this the right way??? thanks mate you are always of great help....keep the good work.....kindly reply thanks

Giuseppe Larosa Fri, 10/03/2008 - 23:52

Hello Khan,

yes to simplify the job I used a divide and conquer approach:

the leftmost digits are 0 because they are in common, of the righmost digits only one is always the same and set to 1 so knowing that in the wildcard mask a bit set to 1 means can change and a bit set to 0 means must have the value you see on the base address you find

00001011 as the wildcard mask for the third byte

Hope to help

Giuseppe

Actions

This Discussion