雏鹰部落

 找回密码
 立即注册

QQ登录

只需一步,快速开始

搜索
查看: 1528|回复: 2

[讨论/求助] 对于acl匹配不甚理解

[复制链接]
发表于 2015-9-26 12:34:13 | 显示全部楼层 |阅读模式
top:
R1---R2--R3
R1:
interface Ethernet0/0
ip address 192.168.1.1 255.255.255.0
half-duplex
!

ip route 0.0.0.0 0.0.0.0 192.168.1.2
R2:
interface Ethernet0/0
ip address 192.168.1.2 255.255.255.0
ip access-group 1 in
half-duplex
!
interface Ethernet0/1
ip address 192.168.2.2 255.255.255.0
half-duplex
!

access-list 1 permit 192.168.1.1
access-list 1 deny   192.168.1.0 0.0.0.255

R3:
!
interface Ethernet0/0
ip address 192.168.2.1 255.255.255.0
half-duplex
!

ip route 0.0.0.0 0.0.0.0 192.168.2.2


R1 ping R3:
R1#ping 192.168.2.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/37/68 ms
R1#

通了!!!为什么会通了呢,求指点!!!
 楼主| 发表于 2015-9-26 12:35:58 | 显示全部楼层
R2#show ip access-lists 1
Standard IP access list 1
    20 permit 192.168.1.1 (35 matches)
    10 deny   192.168.1.0, wildcard bits 0.0.0.255
R2#
R2#
忘记加上序号了,求大神指点,为啥先匹配20,后匹配10?
发表于 2015-10-9 17:20:45 | 显示全部楼层
看看
回复

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

QQ|熊猫同学技术论坛|小黑屋| 网络工程师论坛 ( 沪ICP备09076391 )

GMT+8, 2024-11-21 19:57 , Processed in 0.073324 second(s), 18 queries , Gzip On.

快速回复 返回顶部 返回列表