10-03-2008 07:30 AM - edited 03-03-2019 11:47 PM
guys i have class c address ADVERTISED TO MYSELF (FROM OUT SIDE)
X.X.1.0/24 to X.X.16.0/24
NOW MY REQUIRMENT IS TO ALLOW ONLY 4.0, 5.0, 6.0 , 7.0, 12.0 , 13.0 , 14.0 , 15.0
THE REQUIRMENT IS TO PUT ACCESS-LIST ONE LINE TO ALLOW ONLY THESE NETWORKS
THE WAY I DID IS FIRST TWO OCTACTS ARE SAME THE THIRD OCTACT IS
4.0 0000 0100
5.0 0000 0101
6.0 0000 0110
7.0 0000 0111
12.0 0000 1100
13.0 0000 1101
14.0 0000 1110
15.0 0000 1111
I GET 00000100
SO SUMARIZED IS X.X.4.0/20
SO INVERSE OF SUBNET MASK WILL BE
ACCESSLIST 1 PERMIT X.X.4.0 0.0.25.255
AM I RIGHT OR WORNG GUYS AM I DOING THE RIGHT WAY TO CALCULATE CU Z IN THIS SCENARIO I SUMARIZE FIRST THEN GET THE SUBNET MASK AND THEN I IVERT THE SUBNET MASK TO WILDCAST MASK.....AM I DOING WRIGHT OR WRONG???? IS THIS THE WAY....IS MY ACCESS-LIST FINE OR NOT.....THANKS FOR LOOKING KEEPING IN MIND THAT I WANT TO ACHIEVE IN ONE ACCESS LIST.....THANKS FOR LOOKING
10-03-2008 08:34 AM
Hello Khan,
the first part of the job looks like correct you look for what all this subnets have in common:
they have in common:
the first two bytes
leading first 4 bits set to 0 in third byte
so the wildcard mask will have
0000 in leftmost digits of third byte
then you have found that only third bit set to 1 is in common between all subnets:
0100 -> 1011
the whole wildcard mask for third byte is:
00001011
now you convert all the byte to decimal this is the key point and you get:
11
the result is:
access-list 1 permit x.x.4.0 0.0.11.255
other way:
four bits => 15 you unset the third bit that is 4: 15-4 = 11
Hope to help
Giuseppe
10-03-2008 11:40 PM
Thanks for replying now just one more thing andi wil be crystal clear the sumarized address is (third bit)
0000 0100 so wild card would be the opposite make all those bits which were 0 will be one and the one will become 0 am i right.......we can play with right four bits not the left one as they were in common
so 0000 0100 will become 0000 1011 is this the right way??? thanks mate you are always of great help....keep the good work.....kindly reply thanks
10-03-2008 11:52 PM
Hello Khan,
yes to simplify the job I used a divide and conquer approach:
the leftmost digits are 0 because they are in common, of the righmost digits only one is always the same and set to 1 so knowing that in the wildcard mask a bit set to 1 means can change and a bit set to 0 means must have the value you see on the base address you find
00001011 as the wildcard mask for the third byte
Hope to help
Giuseppe
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: