CCIE Pursuit Blog

April 3, 2009

Lab Tip: Sometimes IOS is a Lying Whore!!!

One of the cardinal rules of labbing (and production work) is that you verify what you’ve configured soon after you configure it.  I was doing a lab today in which I needed to use an ip accounting-list to limit IP Accounting to a specific subnet (155.1.0.0/16).

Here’s what I entered:

Rack1R1(config)#ip accounting-list 155.1.0.0 255.255.0.0

Here’s how it showed up in the configuration:

Rack1R1(config)#do sh run | i ip accounting-list
ip accounting-list 0.0.0.0 255.255.0.0

Luckily: a) I looked at my configuration shortly after I entered it, and b) I’ve seen this ‘error’ before.  I must have used a network mask when IOS expected wildcard bits.  I usually screw up access-lists the same way.

Access-lists expect wildcard bits:

Rack1R1(config)#access-list 99 permit 155.1.0.0 ?
A.B.C.D  Wildcard bits
log      Log matches against this entry
<cr>

Rack1R1(config)#access-list 99 permit 155.1.0.0 0.0.255.255

IP addresses expect a network mask:

Rack1R1(config-if)#ip address 155.1.123.123 ?
A.B.C.D  IP subnet mask

Rack1R1(config-if)#ip address 155.1.123.123 255.255.0.0

I must have boned up the configuration of the accounting-list by not paying attention to IOS help or just plugging in a network mask because I presumed that was what the command required.  Which is odd because I don’t use ‘ip acounting-list’ that often so I should have been using IOS help.  That’s when I discovered that IOS was fucking with me:

Rack1R1(config)#ip accounting-list 155.1.0.0 ?
A.B.C.D  IP address mask

WTF?  A quick trip to the Cisco documentation showed that IOS was lying to me:

ip accounting-list

wildcard – Wildcard bits to be applied to the ip-address argument.

This could be an error in the IOS code (12.3(14)T7).  Either way I would have lost points on the lab if I had not verified my configuration.  As I stated earlier, it’s a very good idea to get into the habit of double-checking your configurations.  99.9% of the time the error will be yours, but one in a great while IOS will stab you in the back.  🙂

Advertisements

4 Comments »

  1. Your running into the following bug:
    CSCs77002
    ip add for command “ip accounting-list” is nvgened incorrectly.

    Since it’s a cosmetic bug they will be slow to fix it. I agree it’s confusing

    Comment by booby gibson — April 3, 2009 @ 7:42 am | Reply

  2. Hmmm good post. I would have probably made the same mistake.

    Comment by Dana — April 3, 2009 @ 1:58 pm | Reply

  3. I think I ran into the same issue running through an IE lab a little while back. Lesson learned… Verify, verify, verify!

    Comment by jrensink78 — April 4, 2009 @ 9:24 am | Reply

  4. […] Lab Tip: Sometimes IOS is a Lying Whore!!! […]

    Pingback by A hét érdekeségei - April 30, 2009 | xcke's blog — April 30, 2009 @ 3:33 am | Reply


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at WordPress.com.

%d bloggers like this: