Compute an access-list to match even or odd networks

Posted on October 27, 2008 by ciscotips

One of my old student who is preparing for CCNP asked me on how to write an access-list for permitting/denying even or odd networks. So I am just pasting my email reply to him

Here is a simple tip to write an access-list for even or odd networks.

Lets say we are asked to permit all odd or permit all even for 192.168.1.0/24 ?

We’ll play the game with last octet or I should say the least significant bit of last octet.

-If it is 0, the IP address will be Even

-If it is 1, the IP address will be Odd 

192.168.1.00000001 = 192.168.1.1 – odd

192.168.1.00000011 = 192.168.1.3  – odd

192.168.1.00000010 = 192.168.1.2   even

192.168.1.00000100 = 192.168.1.4   even

FOR Even Networks

The IP address will be 192.168.1.0

With the wild card mask as 0.0.0.254

254 = 11111110

Here, 0 means DO CARE of the last bit in IP address (must be ZERO)

Hence ACL will be

access-list 1 permit 192.168.1.0  0.0.0.254

For Odd Networks

The IP address will be 192.168.1.1

With the wild card mask as 0.0.0.254

254 = 11111110

Here, 0 means DO CARE of the last bit in IP address (must be ONE)

Hence ACL will be

access-list 1 permit 192.168.1.1 0.0.0.254
 

  

Filed under: Access-lists, IP Routing, Router, Technology and Software, ccie, security

« Day 3, 4 and 5 of Narbik’s Bootcamp Changes to CCIE Lab and Written Exam Question Format and Scoring »

8 Responses

  1. kaushal, on October 29th, 2008 at 9:48 pm Said:

    Hi Looks like we can achieve Odd networks other and simple way

    What is being denied by Even Networks can be allowed
    and What is being allowed by Even Networks should be denied…

    Simple

    access-list 1 deny 192.168.1.0 0.0.0.254
    access-list 1 permit any

    Kaushal

    Reply
  2. ciscotips, on October 29th, 2008 at 10:08 pm Said:

    Yeps you are right!

    Are you the same Kaushal who gave CCIE (security) lab exam in sanjose on April 23rd?

    -Raman

    Reply
  3. Hasib Ahmed, on November 13th, 2008 at 7:46 pm Said:

    I found some very useful information on your blog. I am a new blogger and i have very little khowledge about blogging. I found some very important blogging tips here. Thank you very much. With your help i created my own blog http://epshi.com . Look at my blog and please tell me what i required more. Thank you again.

    Reply
  4. Danny Tsai, on February 7th, 2009 at 6:36 pm Said:

    Wildcard masking technique to match bits is not widely known to the general, but the people who do understand it definitely knows their stuff. So does anyone know how to do this for IPv6 ACLs??

    Reply
  5. blok ip berdasarkan even and odd « In The World Without Limitation, on February 27th, 2009 at 2:28 am Said:

    [...] WOW ternyata bisa. berdasarkan artikel yang saya temukan di situs ini… [...]

    Reply
  6. Compute an access-list to match even or odd networks | linkfeedr, on April 12th, 2009 at 7:41 pm Said:

    [...] an access-list to match even or odd networks This article was found on Cisco Tips & Tricks. Click here to visit the full article on the original website.One of my old student who is preparing for CCNP asked me on how to write an access-list for [...]

    Reply
  7. Harrison Freeman, on April 14th, 2009 at 1:27 pm Said:

    thank for the tip i was a bit confuse about this one

    Reply

Leave a Reply