[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Access list

To: <mtinka at africaonline.co.ug>
Subject: RE: Access list
From: antonio at nambu.uem.mz
Date: Thu, 20 Feb 2003 09:07:35 +0200
Cc: afnog at afnog.org
Content-description: Mail message body
Content-transfer-encoding: 7BIT
Content-type: text/plain; charset=US-ASCII
Delivered-To: afnog-archive at lists.eahd.or.ug
Delivered-To: afnog-outgoing at afnog.org
Delivered-To: afnog at afnog.org
In-reply-to: <JGEDIFNCIJKMEAAEJLFKKEFJCLAA.mtinka at africaonline.co.ug>
References: <Pine.LNX.4.44.0302191759420.18241-100000 at x22.ripe.net>
Sender: owner-afnog at afnog.org

And your network numbers should be in the order 0,2,4,8,16,32,64,etc...

cheers,



On 20 Feb 2003 at 8:22, Mark Tinka wrote:

> Essentially, you simply have to master one concept; your netmask wildcard
> should be one number less than the number of hosts you need to specify.
> However, please remember that valid ranges of the netmask wildcard
> definitions are in values of 1, 3, 5, 7, 9, 11, 13, 15... e.t.c up to 255.
> 
> Regards,
> 
> Mark Tinka - CCNA
> Network Engineer
> Africa Online Uganda
> 5th Floor, Commercial Plaza
> 7 Kampala Rd,
> Tel:   +256-41-258143
> Fax:   +256-41-258144
> E-mail: mtinka at africaonline.co.ug
> Web:     www.africaonline.co.ug
> 
> 
> 
> -----Original Message-----
> From: owner-afnog at afnog.org [mailto:owner-afnog at afnog.org]On Behalf Of
> Bruce Campbell
> Sent: Wednesday, February 19, 2003 8:14 PM
> To: afnog at afnog.org
> Subject: Re: Access list
> 
> 
> On Wed, 19 Feb 2003, Scott Weeks wrote:
> 
> > Oops, I was running off to an emergency in the data center.  I should've
> > waited to send the email until afterwards...
> 
> A handy tool to have is the old 'aggis'[1], which can nicely tell you the
> requisite subnet magic to put in cisco ACLs, eg:
> 
> $ aggis -D 192.168.33.50 - 192.168.33.58
> 
>   The range of nets from 192.168.33.50 to 192.168.33.58/32(0) can be
>   represented by:
> 
>      192.168.33.50/31(0.0.0.1)  (  2 hosts: 192.168.33.50 - 192.168.33.51 )
>      192.168.33.52/30(0.0.0.3)  (  4 hosts: 192.168.33.52 - 192.168.33.55 )
>      192.168.33.56/31(0.0.0.1)  (  2 hosts: 192.168.33.56 - 192.168.33.57 )
>      192.168.33.58/32(0)  (  1 host:  192.168.33.58 )
> 
> If you've got control over the actual range of addresses, it'll make your
> future ACL work much easier to put it in a neat bit boundary, eg:
> 
>   The range of nets from 192.168.33.48 to 192.168.33.55/32(0) can be
>   represented by:
> 
>      192.168.33.48/29(0.0.0.7)  (  8 hosts: 192.168.33.48 - 192.168.33.55 )
> 
> --==--
> Bruce.
> 
> [1] I cannot find an official distribution site anymore, so grab it
>     from http://www.amsterdamned.org/~bc/aggis .
> 
> 
> 
> -----
> This is the afnog mailing list, managed by Majordomo 1.94.5
> 
> To send a message to this list, e-mail afnog at afnog.org
> To send a request to majordomo, e-mail majordomo at afnog.org and put
> your request in the body of the message (i.e use "help" for help)
> 
> This list is maintained by owner-afnog at afnog.org
> 
> 
> 
> 
> -----
> This is the afnog mailing list, managed by Majordomo 1.94.5
> 
> To send a message to this list, e-mail afnog at afnog.org
> To send a request to majordomo, e-mail majordomo at afnog.org and put
> your request in the body of the message (i.e use "help" for help)
> 
> This list is maintained by owner-afnog at afnog.org
> 




-----
This is the afnog mailing list, managed by Majordomo 1.94.5

To send a message to this list, e-mail afnog at afnog.org
To send a request to majordomo, e-mail majordomo at afnog.org and put
your request in the body of the message (i.e use "help" for help)

This list is maintained by owner-afnog at afnog.org

References:
- Re: Access list
  - From: Bruce Campbell <bruce.campbell at ripe.net>
- RE: Access list
  - From: "Mark Tinka" <mtinka at africaonline.co.ug>

Prev by Date: RE: Access list
Next by Date: RE: Access list
Prev by thread: RE: Access list
Next by thread: RE: Access list
Index(es):
- Date
- Thread