exact prefix match
Below is from p190,Routing TCP/IP,Vol 2,Jeff Doyle
“Access-list 101 permit ip host 192.168.192.0 host 255.255.248.0
The usage of access list 101 might be a bit strange. Normally,the first address specifid in an extended ip access list is the source address,and the second address is the destination . In this application,however,the first address is the route prefix,and the second address is the prefix’s mask.
The reason such an odd access list is necessary is because the exact prefix must be identified. If access-list 1 permit 192.168.192.0 0.0.7.255 were used,it would match both the aggregate 192.168.192.0/21 and the more-specific route 192.168.192.0/24.”
“Access-list 101 permit ip host 192.168.192.0 host 255.255.248.0
The usage of access list 101 might be a bit strange. Normally,the first address specifid in an extended ip access list is the source address,and the second address is the destination . In this application,however,the first address is the route prefix,and the second address is the prefix’s mask.
The reason such an odd access list is necessary is because the exact prefix must be identified. If access-list 1 permit 192.168.192.0 0.0.7.255 were used,it would match both the aggregate 192.168.192.0/21 and the more-specific route 192.168.192.0/24.”
posted by Jun Wen at 9:28 PM
0 Comments:
Post a Comment
<< Home