ACL help

Unanswered Question
Dec 12th, 2008

I have the ip addresses 200.1.1.0, 200.1.3.0, and 200.1.5.0, 200.1.7.0.

If I create an ACL with ip 200.1.1.0 0.0.6.255

Will this only allow the ODD ip addresses through?

If so, can someone explain this to me in binary, bc Im having trouble explaining it to my students.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
jgreenwoodii Fri, 12/12/2008 - 11:06

No that wouldn't work. If you want to only allow only the odd subnets try:

permit 0.0.0.0 255.255.254.255

HTH

Jonathan

Richard Burts Fri, 12/12/2008 - 11:12

Chris

Yes that address and mask will allow just the 4 odd addresses that you list. To understand it you need to focus on the third octet of the address and of the mask. So lay out in binary:

address of third octet (1) in binary 00000001

mask of third octet (6) in binary 00000110

Remember that in the mask a 0 means the bit must match and a 1 means that either 0 or 1 is accepted. So to be permitted the first 5 bits must be zero and the last bit must be 1. If you fill out the values you get these:

00000001(=1)

00000011 (=3)

00000101 (=5)

00000111 (=7)

HTH

Rick

jgreenwoodii Fri, 12/12/2008 - 11:18

Ahh I see the direction your going. Maybe I misunderstood the question. Dope!

Jonathan

jgreenwoodii Fri, 12/12/2008 - 11:15

I didn't read your question all the way. But your wildcard mask is not correct. It should be a /21:

200.1.1.0 0.0.7.255

and it will allow these subnets through:

200.1.1.0

200.1.2.0

200.1.3.0

200.1.4.0

200.1.5.0

200.1.6.0

200.1.7.0

HTH

Jonathan

Richard Burts Fri, 12/12/2008 - 11:30

Jonathan

There is a bit of ambiguity in the question and you and I are interpreting it a bit differently. Your first answer would allow every address that was an odd value in the third octet (and pretty clearly not what the question was about). This answer would allow every address in 200.1.x.x where the value of the third octet was odd.

I interpret it a bit differently. I am not sure that Chris wants every odd subnet. I believe that he wants only the odd subnets of 1, 3, 5, and 7. And his mask of 0.0.6.255 will accomplish that.

Perhaps Chris can clarify what he is looking for.

HTH

Rick

jgreenwoodii Fri, 12/12/2008 - 11:36

Hey Rick I agree with you after reading his post again, I clearly just glanced over it without understanding his question ;)

Jonathan

Actions

This Discussion