Folks--
I'm sure this goes under access list questions 101 but...
assuming that I have 10.111.216.0/20 to work with. I enter the following
to get it routed where I want to go:
ip route 10.11.216.0 255.255.248.0 Serial0/0/2
Now I want to apply a basic filter to prevent spoofing.
access-list 101 deny ip 10.11.216.0 0.0.248.255 any
access-list 101 permit ip any any
access-list 102 permit ip 10.11.216.0 0.0.248.255 any
access-list 102 deny ip any any
(I have other single class C address in these lists and on the same
interfaces so I know that lists are applied properly)
However when I issue a wri term I see that they now read as:
access-list 101 deny ip 10.11.208.0 0.0.248.255 any
access-list 101 permit ip any any
access-list 102 permit ip 10.11.208.0 0.0.248.255 any
access-list 102 deny ip any any
Which tells me I've boned something somewhere. If this is an RTFM type
thing, please point me to M and gladly RTF out if it.
-=> raymond <=-
/--------------------------------------------------------------------
/ Raymond DeRoo (RD89) | voice: 1-708-482-2965
/ rderoo@speedchoice.com | fax: 1-708-482-0376
/
/ "Doesn't matter how much we may know about some things, there
/ will always be an expert around the corner who can teach us a
/ thing or two about some other things."