Distribute List List, Distribute

23-1-2010 14:33

A. Router RAR1 will accept only route 10.10.0.0/19 from its BGP neighbor.
B. Router RAR1 will send only route 10.10.0.0/19 to its BGP neighbor.
C. Only traffic with a destination from 10.10.0.0/19 will be permitted.
D. Only traffic going to 10.10.0.0/19 will be permitted.

what you gonna choose ?
the answer is A : but someone tell me why ? i know what the distribute list does ,but look at access-list it's extended access-list. what does this command means exactly ?

this format should be like this : access-list 101 permit ip [source ip] [wild card mask of source] [dest ip] [wild card mask].
and look at the dest ip : it's 255.255.224.0 ,it's invalid IP ,isn't it ? and the  wild card mask 0.0.0.0 means exactly match.

To permit only the supernet 10.10.0.0/19, use an extended access list, such as access-list 101 permit ip 10.10.0.0 0.0.0.0 255.255.224.0 0.0.0.0. Refer to access-list (IP extended) for the format of the extended access-list command.

In our example, the source is 10.10.0.0 and the source-wildcard of 0.0.0.0 is configured for an exact match of source. A mask of 255.255.224.0, and a mask-wildcard of 0.0.0.0 is configured for an exact match of source mask. If any one of them (source or mask) does not have a exact match, the access list denies it.

This allows the extended access-list command to permit an exact match of source network number 10.10.0.0 with mask 255.255.224.0 (and thus, 10.10.0.0/19).

so 255.255.224.0 here is the mask of 10.10.0.0 ,not a destionation IP. and  access-list 101 permit ip 10.10.0.0 0.0.0.0 255.255.224.0 0.0.0.0 means that ,it permits 10.10.0.0 255.255.224.0 (/19) ,is it right ? but why they have to put 0.0.0.0 to exact match ?