Important question on McGahan ACL consolidation

Hi, I saw the post from our noble McGahan and that was an interesting way to consolidate two complex ACLs.

Let's say if you are asked to consolidate in minimal entries, without any leakage, the following:

My conclusion is that without allowing any leakage I can't consolidate the above. I applied the AND and XOR method (for the first two entries and the the bottom 2 entries 107.) McGahan showed us and I came up with:

access-list 1 permit

access-list 1 permit

The problem is that I see other networks are caught by this.
Can someone confirm I am right that I can't consolidate these ACLs without leakage?



  • Hello,

    Yes, I found that there will be leakage, if reverse mask is not one of 128, 64, 32, 16, 8, 4, 2, 1. That is if reverse mask is having >= 2 set bits then there can be leakage while trying to consolidate 2 addresses. Please correct me if wrong.

    Thanks and Regards,


Sign In or Register to comment.