Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

meaning of "ip host 0.0.0.0" ?

Hello,

last I saw a config of an ISP-router. There was an ACL with the statement "ip host 0.0.0.0 any log".

What meaning has this statemant ?

Regards,

Alexander Czutka

1 REPLY
VIP Purple

Re: meaning of "ip host 0.0.0.0" ?

Hello Alexander,

AFAIK, this statement is used for anti-spoofing purposes. According to RFC 3330:

0.0.0.0/8:Addresses in this block refer to source hosts on "this" network. Address 0.0.0.0/32 may be used as a source address for this host on this network; other addresses within 0.0.0.0/8 may be used to refer to specified hosts on this network.

A full access list denying all RFC 3330 special use addresses usually looks like this:

Deny special-use address sources.

!--- Refer to RFC 3330 for additional special use addresses.

access-list 110 deny ip host 0.0.0.0 any

access-list 110 deny ip 127.0.0.0 0.255.255.255 any

access-list 110 deny ip 192.0.2.0 0.0.0.255 any

access-list 110 deny ip 224.0.0.0 31.255.255.255 any

HTH,

Georg

3486
Views
0
Helpful
1
Replies
CreatePlease to create content