what is the meaning of "ip host 0.0.0.0" ?
Hello,
last I saw a config of an ISP-router. There was an ACL with the statement "ip host 0.0.0.0 any log".
What meaning has this statemant ?
Regards,
Alexander Czutka
2002-10-5
Re: meaning of "ip host 0.0.0.0" ?
Hello Alexander,
AFAIK, this statement is used for anti-spoofing purposes. According to RFC 3330:
0.0.0.0/8:Addresses in this block refer to source hosts on "this" network. Address 0.0.0.0/32 may be used as a source address for this host on this network; other addresses within 0.0.0.0/8 may be used to refer to specified hosts on this network.
A full access list denying all RFC 3330 special use addresses usually looks like this:
Deny special-use address sources.
!--- Refer to RFC 3330 for additional special use addresses.
access-list 110 deny ip host 0.0.0.0 any
access-list 110 deny ip 127.0.0.0 0.255.255.255 any
access-list 110 deny ip 192.0.2.0 0.0.0.255 any
access-list 110 deny ip 224.0.0.0 31.255.255.255 any
HTH,
Georg
扫一扫
835
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
