unknown access list command

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-15-2015 01:56 PM - edited 03-08-2019 01:22 AM
Hi,
what is the result of this access list when applying to interface
access-list 115 permit ip 0.0.0.0 255.255.255.0 any
they write the subnet mask instead of wild mask or what
I tried on router and it accepted but I could not imagine what range it will permit?
thanks
- Labels:
-
Other Switching
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-15-2015 02:14 PM
look at it with the same ACL-logic as always:
0: match the bit in the address-part
1: don't match the bit in the address-part
This ACE doesn't care what is in the first, second and third octet, but matches on the "0" in the forth octet. As this is rarely useful, I would assume that it just was a misconfiguration, that resulted from the try to allow a particular /24 network where accidentally a subnet-mask was configured instead of a wildcard-mask:
e881(config)#access-list 100 permit ip 172.16.10.0 255.255.255.0 any e881(config)#do sh access-list 100 Extended IP access list 100 10 permit ip 0.0.0.0 255.255.255.0 any e881(config)#
