# ACL help

Dec 12th, 2008

I have the ip addresses 200.1.1.0, 200.1.3.0, and 200.1.5.0, 200.1.7.0.

If I create an ACL with ip 200.1.1.0 0.0.6.255

Will this only allow the ODD ip addresses through?

If so, can someone explain this to me in binary, bc Im having trouble explaining it to my students.

Overall Rating: 0 (0 ratings)

## Replies

jgreenwoodii Fri, 12/12/2008 - 11:06

No that wouldn't work. If you want to only allow only the odd subnets try:

permit 0.0.0.0 255.255.254.255

HTH

Jonathan

Richard Burts Fri, 12/12/2008 - 11:12
• Super Silver, 17500 points or more
• Hall of Fame,

Founding Member

• Cisco Designated VIP,

2017 LAN, WAN

Chris

Yes that address and mask will allow just the 4 odd addresses that you list. To understand it you need to focus on the third octet of the address and of the mask. So lay out in binary:

address of third octet (1) in binary 00000001

mask of third octet (6) in binary 00000110

Remember that in the mask a 0 means the bit must match and a 1 means that either 0 or 1 is accepted. So to be permitted the first 5 bits must be zero and the last bit must be 1. If you fill out the values you get these:

00000001(=1)

00000011 (=3)

00000101 (=5)

00000111 (=7)

HTH

Rick

jgreenwoodii Fri, 12/12/2008 - 11:18

Ahh I see the direction your going. Maybe I misunderstood the question. Dope!

Jonathan

jgreenwoodii Fri, 12/12/2008 - 11:15

200.1.1.0 0.0.7.255

and it will allow these subnets through:

200.1.1.0

200.1.2.0

200.1.3.0

200.1.4.0

200.1.5.0

200.1.6.0

200.1.7.0

HTH

Jonathan

Richard Burts Fri, 12/12/2008 - 11:30
• Super Silver, 17500 points or more
• Hall of Fame,

Founding Member

• Cisco Designated VIP,

2017 LAN, WAN

Jonathan

There is a bit of ambiguity in the question and you and I are interpreting it a bit differently. Your first answer would allow every address that was an odd value in the third octet (and pretty clearly not what the question was about). This answer would allow every address in 200.1.x.x where the value of the third octet was odd.

I interpret it a bit differently. I am not sure that Chris wants every odd subnet. I believe that he wants only the odd subnets of 1, 3, 5, and 7. And his mask of 0.0.6.255 will accomplish that.

Perhaps Chris can clarify what he is looking for.

HTH

Rick

jgreenwoodii Fri, 12/12/2008 - 11:36