|
Posted by max on October 28, 2006, 8:52 am
If you were Registered and logged in, you could reply and use other advanced thread options
Hi all,
I noticed a question in a CCNA lab for ACL's, it is as follows...
'Create an access list that will prevent the even numbered hosts from
pinging but permit the odd numbered one.'
The answer is 'access-list 2 permit 192.168.14.1 0.0.0.254'
I understand wildcard masking but for the life of me i cant figure this
answer :(
I know this is not a ccna forum but its the only place where i could
think to get a decent answer.
Any help would be greatly appreciated.
Max
|
  | |
Posted by John Agosta on October 28, 2006, 10:50 am
If you were Registered and logged in, you could reply and use other advanced thread options
> Hi all,
>
> I noticed a question in a CCNA lab for ACL's, it is as follows...
>
> 'Create an access list that will prevent the even numbered hosts from
> pinging but permit the odd numbered one.'
>
> The answer is 'access-list 2 permit 192.168.14.1 0.0.0.254'
Broken answer.
This access list permits any IP traffic from two addresses only -
192.168.14.1 and 192.168.14.0.
Assuming 192.168.14.0 is not a legal host id, then the list permits all IP
traffic from .1 only.
The following list is closer to the solution .....
access-list 199 deny icmp 0.0.0.0 255.255.255.254 any echo
access-list 199 permit any any
The above permits any traffic from any host with the exception of pings
originating from an even numbered host.
The source address, 0.0.0.0, could be any even numbered IP at all - the wild
card mask is just checking for the
least significant bit being set to a "zero" value, which makes the whole
address an 'even' number.
|
|
Posted by Paul Matthews on October 28, 2006, 11:37 am
If you were Registered and logged in, you could reply and use other advanced thread options
max wrote:
>Hi all,
>
>I noticed a question in a CCNA lab for ACL's, it is as follows...
>
>'Create an access list that will prevent the even numbered hosts from
>pinging but permit the odd numbered one.'
>
>The answer is 'access-list 2 permit 192.168.14.1 0.0.0.254'
>
>I understand wildcard masking but for the life of me i cant figure this
>answer :(
Rught. Remember addresses are just a binary stream. a 1 in the wild card is a
don't care.
What that pattern means is match on the first three octets, and the last bit.
Take the groupings of octets separately. The first thre zeros mean address
needs to be 192.168.14.n the last octet binary pattern is;
0000 0001 The wild card mask is
1111 1110
That means don't care for the first seven bits, last be we care, and the bit in
the pattern is set, to to match on the last octet the last bit must be set, ire
the address must be odd.
P.
--
Paul Matthews
paul@cattytown.me.uk
http://www.hepcats.co.uk
|
|
Posted by SNOW_WHITE on October 30, 2006, 3:24 am
If you were Registered and logged in, you could reply and use other advanced thread options
Max,
Paul was right on explaining the wildcard bits. Since the last bit in
an octet, equates to 1, whenever this eight octet is set to 1, it makes
any combination of eight bits to be an odd number. Always remember
that wildcards, AKA inverse mask, means 0 to match and 1 to ignore.
max wrote:
> Hi all,
>
> I noticed a question in a CCNA lab for ACL's, it is as follows...
>
> 'Create an access list that will prevent the even numbered hosts from
> pinging but permit the odd numbered one.'
>
> The answer is 'access-list 2 permit 192.168.14.1 0.0.0.254'
>
> I understand wildcard masking but for the life of me i cant figure this
> answer :(
>
> I know this is not a ccna forum but its the only place where i could
> think to get a decent answer.
>
> Any help would be greatly appreciated.
>
> Max
|
|
Posted by eager on November 13, 2006, 11:44 am
If you were Registered and logged in, you could reply and use other advanced thread options
> Hi all,
>
> I noticed a question in a CCNA lab for ACL's, it is as follows...
>
> 'Create an access list that will prevent the even numbered hosts from
> pinging but permit the odd numbered one.'
>
> The answer is 'access-list 2 permit 192.168.14.1 0.0.0.254'
>
> I understand wildcard masking but for the life of me i cant figure this
> answer :(
>
> I know this is not a ccna forum but its the only place where i could
> think to get a decent answer.
>
> Any help would be greatly appreciated.
>
> Max
Subnet masks : match all bits that are on (all 1s) ignore all bits that are
off (all 0s)
Wild card: match all bits that are off (all 0s) ignore all bits that are on
(all 1s)
To understand it better, the above wild card as a subnet would be:
255.255.255.1
I have read somewhere the advantages of using a wild card instead of subnet,
but i do not remember where.
|
| Similar Threads | Posted | | subnet mask question | October 22, 2006, 2:13 pm |
| OSPF wildcard | June 9, 2005, 12:48 am |
| I have a WildCard ACL Confision dilemma :'( | June 29, 2005, 10:48 am |
| subnet mask of /32 | June 5, 2008, 5:10 pm |
| EIGRP Default Mask? | September 16, 2005, 2:10 pm |
| IP Address and subnet mask and cIDR? | May 9, 2005, 2:32 pm |
| IP Address and subnet mask and cIDR? | December 23, 2005, 8:16 pm |
| Question about sample test question | November 16, 2005, 1:01 pm |
| CCNA test question, uh, question... | March 10, 2006, 12:50 pm |
| VTP question | March 11, 2005, 6:17 am |
|
|
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map