Posts Tagged ‘access-list minimization’

Nov
25

Problem Statement

A popular task in CCIE-level scenarios requires creating an access-list matching a set of prefixes using the minimum number of access-list entries. Typically, such scenarios were relatively easy, so figuring out a combination of subnet prefix and wildcard mask was more or less intuitive. However, a good question would be if there exist a generic algorithm for constructing such “minimal” access-lists. To give you a better feel of the problem, let’s start with an example. Look at the following access-list matching nine different subnets:

ip access-list standard TEST
 permit 138.0.0.0
 permit 170.0.0.0
 permit 177.0.0.0
 permit 185.0.0.0
 permit 204.0.0.0
 permit 205.0.0.0
 permit 206.0.0.0
 permit 207.0.0.0
 permit 234.0.0.0

Continue Reading

Tags: , , ,

Categories

CCIE Bloggers