What exactly is the wildcard mask doing in this line:
access-list 10 deny 192.168.10.128 0.0.0.31
For the Wildcard mask, I have a best practise to calculate it as follows:
1- you take the original Subnetmask of the Network ID and Subtract it by(255.255.255.255).
you have the Network : 192.168.10.128/27
** always take (255.255.255.255) -
equals = 0.0.0.31 (wildcard mask)
So the wildcard mask for 126.96.36.199/27
equals 192.168.10.128 0.0.0.31, which will match 31 bit hosts from 129 - 159.
Note: the last octet 159 is the broadcast of the subnet & its included in the calculation.