Good explantion man!! [IMAGE] ----- Original Message ----- From: "Bryan Bartik" To: "JEREMY FURR (RIT Student)" Cc: [email protected] Subject: Re: [OSL | CCIE_RS] ACL Wildcards Date: Fri, 5 Jun 2009 21:50:00 -0600
I don't know of any books but there is a video in the R&S Blended Learning Solution with some examples and exercises. This is how I do it: Focusing on your third octet you have 5 10 13 14 In binary that is: 0000 0101 0000 1010 0000 1101 0000 1110 We will not be able to use a one-line ACL with this. The only way a one line ACL can match only 4 networks is if the the number of differing bits is 2 (2^2 = 4). In this case we have 4 differing bits, so the least amount of networks we could match with a one-line ACL would be 2^4=16. But we may be able to break it into 2 ACLs. 5 and 13 only differ in one bit (bit 3) 10 and 14 only differ in one bit (bit 2) So we can use 1 ACL line for each. Here is 5 and 10: 0000 0101 0000 1101 --------------- 0000 0101 AND = 5 0000 1000 XOR = 8 192.168.5.0 0.0.8.0 Now for 10 and 14 0000 1010 0000 1110 --------------- 0000 1010 AND = 10 0000 0100 XOR = 4 192.168.10.0 0.0.4.0 So you would have a 2 line ACL 192.168.5.0 0.0.8.0 192.168.10.0 0.0.4.0 -hth On Fri, Jun 5, 2009 at 8:11 AM, JEREMY FURR (RIT Student) <[email protected]> wrote: Does anyone know of a website or book that explains well how ACL wildcards work? I have been trying to filter out four blocks from a bunch of route advertisments but just can't get the three I want through, this is what I have R2 is originating 192.168.2.0/24 through 192.168.15.0/24 in RIP to R1. I want to only accept blocks 192.168.5.0, 192.168.10.0, 192.168.13.0 and 192.168.14.0 If I use acl with 192.168.10.0 0.0.4.0, I will get 10 and 14 but not thirteen. For the 5 network I just use the 192.168.5.0 0.0.0.255. Any thoughts or help would be appreciated. Jeremy Furr [email protected] -- Bryan Bartik CCIE #23707 (R&S), CCNP Sr. Support Engineer - IPexpert, Inc. URL: http://www.IPexpert.com Desmond Black, In Pursuit of CCIE!! India -- Be Yourself @ mail.com! Choose From 200+ Email Addresses Get a Free Account at www.mail.com
