[c-nsp] Access-list Question
Reuben Farrelly
reuben-cisco-nsp at reub.net
Wed May 16 03:16:26 EDT 2007
Tony Li wrote:
> On May 15, 2007, at 11:23 PM, Scott Granados wrote:
>
>> Well can't we don't care bit ourselves around to masking or something
>> consistent? It is confusing at times although it's interesting to
>> know
>> that's the origin.
>
>
> If it were up to me (it's not ;-), the UI would be extended to accept
> prefix format as well as the existing format. Thus, you could type
> 192.168.1.0 0.0.0.255 or 192.168.1/24. Note that trying to do
> something that is NOT backward compatible is just a non-starter.
> Think of the number of deployed systems out there...
>
> Tony
How about a global config command like:
ip access-list non-wildcard-acl
which will then accept the new format only, (the non wildcard based one),
defaulting to OFF so that the old format is the common case and backward
compatibility is there for those who are used to the old way and those who
explicitly want the new format can opt in to it?
That way you could appease both sides of the argument without breaking a
thing... and even store the config in the old format if need be.
reuben
More information about the cisco-nsp
mailing list