FAQ-Do the ACLs Support Inconsecutive Masks

Publication Date:  2015-07-01 Views:  139 Downloads:  0
Issue Description
Do the ACLs Support Inconsecutive Masks?
Solution
Yes.

For example, there are two ACL rules:

Rule 1: rule permit ip source 192.168.1.0 0.0.0.254
Network segment 192.168.1.0 can match rule 1 only if the last eight bits are even, such as 192.168.1.4 & 255.255.255.1 = 192.168.1.0 & 255.255.255.1.

Rule 2: rule 5 permit ip source 192.168.1.1 0.0.0.254
Network segment 192.168.1.0 can match rule 2 only if the last eight bits are odd, such as 192.168.1.5 & 255.255.255.1 = 192.168.1.1 & 255.255.255.1.

On the live network, the inconsecutive masks (such as policy-based routing) are recommended for load balancing. The even/odd mode is one of inconsecutive mask modes. You can also choose other modes. For example, set the inverse mask to 0.0.0.252. Then the last two bits (in binary mode) of the IP address can be 00, 01, 10, or 11.

END