Practicing tracerouting using windows tracert tools

What you want to trace this time?
tracert www.facebook.com

What URL you had entered to trace?
URL = www.facebook.com

Whats the answer of your traceroute about your URL's FQDN?
The FQDN is star.c10r.facebook.com

Whats the answer of traceroute about your URL server address?
His IPaddress is 31.13.79.144

How many hop to get there?
12 hops

Can you show the result of your tracerouting?
Yes, above picture is already shown it.


General info about tracing

Route tracing computer software is a utility that lists the networks
in the network or across internetwork or distant network

Router represents a point where one network connects to another network
Service: Website

Tools such as these are usually embedded with the operating system of the end device.

Wisdom of an access-list

We will observe that access-list 1 permit 192.168.1.1 0.0.0.255 is same meaning as access-list 1 permit 192.168.1.253 0.0.0.255. You see that both of these access-list permitting any traffic that are generated by 192.168.1.1 - 192.168.1.255 hosts but why we just don't write it as access-list 1 permit 192.168.1.0 0.0.0.255?

or 

maybe those 3 access-list are all same meaning?

The answer is yes, they are all same meaning.
access-list 1 permit 192.168.1.1 0.0.0.255, and
access-list 1 permit 192.168.1.253 0.0.0.255, and
access-list 1 permit 192.168.1.0 0.0.0.255
are all same meaning.

Later, I will show that is not only 3 access-list variation that we can build to block these address (192.168.1.1 - 192.168.1.255) but many.

How can it be? Well access-list is just an OR operation between IP part, the wildcard mask, and the address of an IP packet.

Any IP packet that have layer 3 address (source) that OR-ed with (IP part OR the wildcard mask) is have same result with result of IP part OR the wildcard mask they will be assumed match.


Well, First, we need a brief wisdom of binary OR operation. You can read it in here:
Second, we will learn bitwise operation behind the access-list. In this steps I will say that an access-list is just an OR operation between A, B and C. Follow me.
Third, we will answer the question.

(1) Please read the blog
(2) Recall one of our access-list: access-list 1 permit 192.168.1.1 0.0.0.255
we can re-say it correctly with: access-list 1 permit A B, where A = 192.168.1.1 and B = 0.0.0.255
We will need another variable C. So now we have A, B, and C variable.
So we re-gather them again:
A = 192.1681.1 = An IP address of an access-list
B = 0.0.0.255 = the wildcard mask of an access-list
and, C = any IP address

(3)Your friend give a hosts-list 192.168.1.3 and 192.168.1.4 to you. They want you to block these host's internet connection. Tell me your A and B on your access-list that you want to built to block the host internet conn.?
Since C = 192.168.1.3 OR 192.168.1.4 = 192.168.1.7
A = 192.168.1.3
B = 0.0.0.4
access-list 1 permit 192.168.1.3 0.0.0.4

A = 192.168.1.3
B = 0.0.0.7
access-list 1 permit 192.168.1.3 0.0.0.7

A = 192.168.1.4
B = 0.0.0.3
access-list 1 permit 192.168.1.4 0.0.0.3

A = 192.168.1.4
B = 0.0.0.7
access-list 1 permit 192.168.1.4 0.0.0.7

A = 192.168.1.7
B = 0.0.0.4
access-list 1 permit 192.168.1.7 0.0.0.4

A = 192.168.1.7
B = 0.0.0.3
access-list 1 permit 192.168.1.7 0.0.0.3

Have you count how many access-list variation that we have in this question? Yes it is 6! Where 6 came from?

2. How much host that will be block accidentally using your access-list?
Answer: If you using 1 one of question number 1 access-list you will