ACL with 'host' keyword used for filtring RIP update
i'm a little bit confused about two syntaxes of an extended ACL. From my knowledge, the key-world 'HOST' define a /32 @.
in WB.v5 RS (RIPv2 Filtering with Extended Access-Lists), they used a syntax with the 'host' keyword for a subnet @ (/24)
access-list 100 deny ip host 126.96.36.199 host 188.8.131.52
here: 184.108.40.206 is a loopback @ and 220.127.116.11 is a /24 subnet.
From IOS: R9(config)#access-list 100 deny ip host 18.104.22.168 ?
A.B.C.D Source address
any Any source host
host A single destination host
object-group Source network object group
You can see that after the 'host' key-word, the IOS is expecting 'a single destination'
So i used this config.: access-list 100 deny ip host 22.214.171.124 126.96.36.199 0.0.255 and it worked.
- If it was the real exam, the two solutions are valid ?
- My be the difference don't matter because about an update, not for security purpose (?)
Many thanks in advance,