|
Home > Archive > CCNA > September 2003 > Help with the reverse mask used in ACLs
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Help with the reverse mask used in ACLs
|
|
| specialops 2003-09-19, 12:13 am |
| What's up team CCNA, I'm taking the infamous 640-607 tomorrow....I was suppose to today, but we had a very long and boring deployable architecture meeting. At any rate, I was looking over my boson questions and it was asking a couple of kind of difficult ACL questions....Here is a sample question
Q) Identify the wild card mask that will deny host 8 -15 assuming the subnet mask is 24 bit
A) Access-list 1 deny 192.6.10.8 0.0.0.7
I use to know how to do this, but its been a while, can anyone tell me in layman’s terms how these crazy fellows at boson got this answer, they don't explain it well. I understand the basic reverse mask, basically inverse the mask, but this one stumped me a little. Also if you have already taken the CCNA can I expect this sort of access-list question? Please let me know ASAP, like I said I'm taking the test tomorrow at 1400 Central time. Thanks in advance. | |
| specialops 2003-09-19, 2:38 am |
| I found the answer, it was really easy.I knew there was a trick, I just couldn't remember. Here is the answer:
To Find Wildcard Mask, Take the HIGHER minus the Lower:
157. 89. 31.255
-157. 89. 16. 0
wildcard 0. 0. 15.255
A good ACL explination can be found at:
www.boson.com/promo/guides/ip-access-list.htm | |
| ZacDogg 2003-09-22, 9:31 pm |
| That may work for that access-list(and probably any access-list you'll see on the CCNA) but what if you were told to match just odds or evens or every forth address? Learning the reason why(in binary) subtracting one from the other will match a range will greatly benefit you when you run up against having to filter address that aren't contiguous and don't fall on such convenient bits.
Zac | |
| justdoit 2003-09-23, 10:11 am |
| in wild card masks bits with values 1s mean that corresponding bits in the address are considered matched or there is no need to match them here last 3 bits are one which give the value 7 so last three bits dont need to match also in 8 in the last octet means 4th bit should be 8.And 7 in the last octet means that 4thto 7th bits in this octets are all 0 so bit fourth in the last octet should have same value as specified which is 8 for last octet .Now 8 with 1 from the last three makes 9.8 and 2 from last three bits makes 10.combination of last three bits give 0,1,2,3,4,5,6,7 add them with 8 for differen address and you get hosts 8-15 host values in the las octet space is less otherwisw I could have explained the concept in much clear words thanks |
|
|
|
|