help on this access-list

Hello everbody:

I am a newbie on this forum and this is the first topic I post, hope I can get help from someone who is warmhearted

I am preparing CCIE R&S exame, I have met a problem configuring access-list , here is an example from the material

Router bgp 3 network mask Neighbor remote-as 1 Neighbor route-map SETCOMMUNITY out

route-map SETCOMMUNITY permit 10 mat ip address 101

access-list 101 permit ip host

The explanation for the last access-list was this is to match network only, in another word, it excludes other entries starts with 172.16

I am confused by the "host" used in the access-list ? what does it mean ? from what I understand this is like a Mask-wildcard, but it appears at the 'destination-wildcard' position in the extended-ACL .

Can somebody help me on this ?



Reply to
Loading thread data ...

host is equivalent to

in other words matching on a /16 prefix mask

Reply to

Then it should be

access-list 101 permit ip host host

The ACL you showed permits 172.16.x.y/16, for any values of x and y, because you're wildcarding the last two octets of the prefix.

Of course, a route for 172.16.x.y, where x and y are not 0, makes no sense with a /16 prefix length -- it should either be rejected as an error or treated as equivalent to

Reply to
Barry Margolin Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.