PrepAway - Latest Free Exam Questions & Answers

Which single Cisco IOS ACL entry permits IP addresses from 172.16.80.0 to 172.16.87.255?

Which single Cisco IOS ACL entry permits IP addresses from 172.16.80.0 to 172.16.87.255?

PrepAway - Latest Free Exam Questions & Answers

A.
permit 172.16.80.0 0.0.3.255

B.
permit 172.16.80.0 0.0.7.255

C.
permit 172.16.80.0 0.0.248.255

D.
permit 176.16.80.0 255.255.252.0

E.
permit 172.16.80.0 255.255.248.0

F.
permit 172.16.80.0 255.255.240.0

Explanation:
www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00800a5b9a.shtm
l
ACL Summarization
NotE. Subnet masks can also be represented as a fixed length notation. For example,
192.168.10.0/24
represents 192.168.10.0 255.255.255.0.
This list describes how to summarize a range of networks into a single network for ACL
optimization. Consider
these networks.
192.168.32.0/24
192.168.33.0/24
192.168.34.0/24
192.168.35.0/24
192.168.36.0/24
192.168.37.0/24
192.168.38.0/24
192.168.39.0/24
The first two octets and the last octet are the same for each network. This table is an explanation

of how to summarize these into a single network.
The third octet for the previous networks can be written as seen in this table, according to the octet
bit position and address value for each bit.
Decimal 128 64 32 16 8 4 2 1
32 0 0 1 0 0 0 0 0
33 0 0 1 0 0 0 0 1
34 0 0 1 0 0 0 1 0
35 0 0 1 0 0 0 1 1
36 0 0 1 0 0 1 0 0
37 0 0 1 0 0 1 0 1
38 0 0 1 0 0 1 1 0
39 0 0 1 0 0 1 1 1
M M M M M D D D
Since the first five bits match, the previous eight networks can be summarized into one network
(192.168.32.0/21 or 192.168.32.0 255.255.248.0). All eight possible combinations of the three loworder bits are relevant for the network ranges in question. This command defines an ACL that
permits this network. If you subtract 255.255.248.0 (normal mask) from 255.255.255.255, it yields
0.0.7.255.
access-list acl_permit permit ip 192.168.32.0 0.0.7.255


Leave a Reply