Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > netmask and access-list?

Reply
Thread Tools

netmask and access-list?

 
 
Captain
Guest
Posts: n/a
 
      07-10-2003
Normally to define a a full class c subnet
I would use:

192.168.1.0 netmask 255.255.255.0

However, when defining an access-list,
the same group of IPs would be:

access-list 150 permit ip 192.168.1.0 0.0.0.255

Why the reverse in the netmask?


Also, if I want to define an access-list
for just the last 64 IPs of a class C, what
would the mask be?

ie.
192.168.1.192 netmask 255.255.255.192



 
Reply With Quote
 
 
 
 
Barry Margolin
Guest
Posts: n/a
 
      07-10-2003
In article <(E-Mail Removed)>,
Captain <(E-Mail Removed)> wrote:
>Normally to define a a full class c subnet
>I would use:
>
>192.168.1.0 netmask 255.255.255.0
>
>However, when defining an access-list,
>the same group of IPs would be:
>
>access-list 150 permit ip 192.168.1.0 0.0.0.255
>
>Why the reverse in the netmask?


It's not a netmask, it's a wildcard bitmask. The choice of whether to use
0's or 1's to indicate the don't-care bits is arbitrary, and Cisco decided
to do it this way for whatever reasons they had over 15 years ago.

>Also, if I want to define an access-list
>for just the last 64 IPs of a class C, what
>would the mask be?
>
>ie.
>192.168.1.192 netmask 255.255.255.192


permit ip 192.168.1.192 0.0.0.63

Basically, just subtract the octets in the netmask from 255 to get the
wildcard mask that matches all the addresses in the subnet.

--
Barry Margolin, http://www.velocityreviews.com/forums/(E-Mail Removed)
Level(3), Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
IP address and matching it to a network/netmask john@fcs.uga.edu C Programming 1 05-02-2006 04:05 PM
Strange netmask on PIX logs (712). AM Cisco 1 02-25-2005 10:27 PM
Net::Netmask and cidrs2inverse function fedexarg Perl Misc 0 10-04-2004 08:42 PM
Default Netmask on VPN Client Pete Mainwaring Cisco 0 02-19-2004 02:32 PM
netmask calculation trick Walter Roberson Cisco 4 02-02-2004 05:48 PM



Advertisments