Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
252
Views
0
Helpful
3
Replies

Stupid Question Time

Go to solution
visitor68
Level 4
Level 4

‎08-06-2009 05:42 PM - edited ‎03-06-2019 07:08 AM

This line below means "deny ip any any"....correct?

deny ip 0.0.0.0 0.255.255.255 any

0.0.0.0 255.255.255.255 means "any", yes?

If so, this line, as part of an ACL, can indeed block an eBGP connection from forming were it to be applied on one of the peer interfaces. Correct?

I know that BGP is TCP, but the keyworkd "IP" in the ACL is all encompassing, right?

Thanks!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎08-06-2009 05:58 PM

Joe

"0.0.0.0 255.255.255.255 means "any", yes ?"

Correct.

"If so, this line, as part of an ACL, can indeed block an eBGP connection from forming were it to be applied on one of the peer interfaces. Correct?"

Yes, if the acl was applied inbound on the interface and there was no entry before this line allowing BGP connectivity.

The keyword "ip" does indeed include TCP.

Jon

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎08-06-2009 05:58 PM

Joe

"0.0.0.0 255.255.255.255 means "any", yes ?"

Correct.

"If so, this line, as part of an ACL, can indeed block an eBGP connection from forming were it to be applied on one of the peer interfaces. Correct?"

Yes, if the acl was applied inbound on the interface and there was no entry before this line allowing BGP connectivity.

The keyword "ip" does indeed include TCP.

Jon

0 Helpful

Go to solution
visitor68
Level 4
Level 4
In response to Jon Marshall

‎08-07-2009 09:05 AM

Jon, thanks fo rth e answer.

I made a mistake, though.

The ACL's line 150 is not 0.0.0.0 255.255.255.255

it's deny ip 0.0.0.0 0.255.255.255

What exactly does this line do? It seems that its saying that all traffic coming from a source ip address of 0.X.X.X should be blocked? What kind of source address will have a 0 in the first octet?

Thanks

0 Helpful

Go to solution
John Blakley
VIP Alumni
VIP Alumni
In response to visitor68

‎08-07-2009 09:11 AM

"It seems that its saying that all traffic coming from a source ip address of 0.X.X.X should be blocked? What kind of source address will have a 0 in the first octet?"

Yes, it's to block anything sourced with a 0.x.x.x address. I would suspect a typo. =)

It could have been blackholing techniques also, but you'd see 192.168.0.0, 10.0.0.0, and 172.16.0.0 addresses in your acl as well.

HTH,

John

HTH, John *** Please rate all useful posts ***
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card