[c-nsp] non-CIDR netmasks in ACLs
Jon Lewis
jlewis at lewis.org
Tue May 17 14:32:04 EDT 2005
On Tue, 17 May 2005, Christopher E. Brown wrote:
> > It'll work just fine.
>
> Better to say it may work. Getting the system to accept the line is one
> things, working another.
>
> I have seen masks like this /more or less/ work, but not block exactly
> the range expected. (Specially on platforms with hardware accel for
> this type of thing)
I've used it in service-policy class-maps where a many site deployment
for a particular customer might always have the device needing QoS on
10.?.?.4, and to simplify configs, put exacty the same extended
access-list on all their CPE and it's worked.
access-list 150 permit ip 10.0.0.4 0.255.255.0 any
These have all been small (1600/800) routers.
----------------------------------------------------------------------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the cisco-nsp
mailing list