| Exam 400-101 | Question id=897 | Infrastructure Security |
You want to create a named ACL to use in a route map that allows redistribution of the following subnets:
192.168.3.0/24
192.168.4.0/24
192.168.5.0/24
192.168.6.0/24
192.168.7.0/24
192.168.8.0/24
192.168.9.0/24
Which of the following commands should you issue in order to fulfill your objective?
| A. |
permit 192.168.3.0 0.0.7.255 | |
| B. |
permit 192.168.0.0 0.0.15.255 | |
| C. |
permit 192.168.0.0 255.255.240.0 | |
| D. |
permit 192.168.3.0 255.255.248.0 |
You should issue the permit 192.168.0.0 0.0.15.255 command. The basic syntax of the permit command is permit source wildcard-mask. A 20bit subnet mask, which corresponds to the wildcard mask 0.0.15.255, will aggregate 16 contiguous 24bit subnets. Therefore, a 20bit mask can be used to allow redistribution of addresses from 192.168.0.0 through 192.168.15.255, which includes all of the subnets in this scenario.
You should not issue the permit 192.168.3.0 0.0.7.255 command. A 21bit subnet mask, which corresponds to the wildcard mask 0.0.7.255, would aggregate eight contiguous 24bit subnets. Although there are only seven subnets in this scenario, the 21bit mask boundary falls between the 192.168.7.0/24 subnet and the 192.168.8.0/24 subnet. Therefore, the permit 192.168.3.0 0.0.7.255 command would allow redistribution of only the addresses from 192.168.0.0/24 through 192.168.7.255/24.
You should not issue the permit 192.168.0.0 255.255.240.0 command or the permit 192.168.3.0 255.255.248.0 command. The permit command accepts wildcard masks, not subnet masks.