Cisco switch configuration.

Hi Experts,

If I were to see the following two entries in the configuration of a Cisco 3750 switch what do they mean? They seem to refer to each other.
DColinAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Michael HughettICT Field Systems AnalystCommented:
I think you are missing your example.
DColinAuthor Commented:
Sorry about that.

access-list 121 permit tcp 10.180.87.40 0.0.0.3 10.180.87.64 0.0.0.11
access-list 121 permit tcp 10.180.87.64 0.0.0.11 10.180.87.40 0.0.0.3
Michael HughettICT Field Systems AnalystCommented:
They are ACL entries making it possible for the 2 machines to talk to each other.

But unless you have an entry to deny communications between all your computers above these entries, the entries should not be necessary.  If they are in the same IP range and subnet  they should already be able to talk to each other.  Do have them really segmented?  Vlans?
SolarWinds® VoIP and Network Quality Manager(VNQM)

WAN and VoIP monitoring tools that can help with troubleshooting via an intuitive web interface. Review quality of service data, including jitter, latency, packet loss, and MOS. Troubleshoot call performance and correlate call issues with WAN performance for Cisco and Avaya calls

DColinAuthor Commented:
They are on seperate VLANs.

What does the 0.0.0.3 enrty mean and how does it ralate to the 10.180.87.40 ip and likewise with the 0.0.0.11 entry?
Michael HughettICT Field Systems AnalystCommented:
mikebernhardtCommented:
Well it's possible, but unlikely, that those are 2 separate networks. You have to look at the Layer 3 interfaces. If those are on the same LAN then as mentioned, those entries are useless because the traffic would never leave the LAN.

Either way, 0.0.0.11 isn't a valid mask. Are you sure that's what's there?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
DColinAuthor Commented:
mikebernhardt,

I think you are correct that the 0.0.0.11 is incorrect because as far as I know that was the last change made and the switch is not working correctly now. What does 10.180.87.40 0.0.0.3 mean with respect to the mask. Does it mean permit ip's 10.180.87.40, 10.180.87.41, 10.180.87.42 (3 ip's from 10.180.87.40)?
mikebernhardtCommented:
To get the mask, simply subtract the 3 from 255. So it's 255.255.255.252, which means .40-.43
DColinAuthor Commented:
mikebernhardt,

I have just been told by someone else that 10.180.87.40 0.0.0.3 means ips 10.180.87.40, 10.180.87.41, 10.180.87.42, 10.180.87.43 that is a four ip range in total. So would 10.180.87.40 255.255.255.252 mean the same thing or is my other person giving me wrong information?
mikebernhardtCommented:
We are saying the same thing. What I told you is that you can extrapolate the subnet mask represented by that inverse mask by subtracting it from 255. So 0.0.0.3 covers the same network as a 255.255.255.252 subnet mask. The addresses that someone gave you are the same addresses I just listed when I said ".40-.43"
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Switches / Hubs

From novice to tech pro — start learning today.