the mask would be 00000001.ffff.ffff.ffff. This mask matches networks 102 and 103,
which are identical except for the final bit in the network part of the address. The mask
means, "all bits in the network must match network 102, except for the last bit in the
network number." (All Fs for the node mean that any node number will match.)
100, any protocol, any socket. These packets are denied. The second entry in 903 permits all
protocols, all source networks, and, by implication, all destination networks; in other words,
this statement changes the default to be "permit all else."
in Nashville and Boston cannot reach network 100.
address. It also has a "permit everything else" statement at the end of the list, but because
standard IPX access lists do not use the any keyword, 1 is used to signify any.
servers will be the internal IPX addresses (1000.0000.0000.0001 and 1001.0000.0000.0001).
Packets sent to networks 1000 and 1001 will not be matched until the "permit all" at the end of
the lists.
packets close to the source, and because the client initiates the process of connecting to a server,
the filters all were placed at the remote routers and not in Atlanta. Each filter matches packets
sourced in their local IPX networks and destined for network 1000 (if filtering packets destined
for Server 1), or destined for network 1001 (if filtering packets destined for Server 2). Examples
7-26 through 7-28 show the configurations necessary to create IPX packet filters to satisfy the
criteria.