Help with access list

Answered Question
Jun 27th, 2008

Is there an easier way to understand the wildcard mask when configuring ACLs? I hardly understand how to get the correct wcm.

I have this problem too.
0 votes
Correct Answer by Jon Marshall about 8 years 5 months ago

Chris

Easiest way for me is to flip the bits from the normal subnet mask (sb) eg.

sb -> 255.255.255.0 = wcm -> 0.0.0.255

sb -> 255.255.0.0 = wcm -> 0.0.255.255

They are the easy ones, where there is a 255 in the sb make it a 0 for the wcm and where there is a 0 in the sb make it a 255 in the wcm.

To come up a wildcard mask for others eg.

sb -> 255.255.255.128 = wcm = 0.0.0.127

sb -> 255.255.255.192 = wcm = 0.0.0.63

sb -> 255.255.255.248 = wcm 0.0.0.7

quick way to work out - take the octet that isn't 255 and subtract it from 256 then subtract 1 ie.

sb -> 255.255.255.192 =

256 - 192 = 64 - 1 = 63 so

wcm = 0.0.0.63

sb -> 255.255.224.0 =

256 - 224 = 32 - 1 = 31 so

wcm = 0.0.31.255

Hope that makes sense

Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Jon Marshall Fri, 06/27/2008 - 19:31

Chris

Easiest way for me is to flip the bits from the normal subnet mask (sb) eg.

sb -> 255.255.255.0 = wcm -> 0.0.0.255

sb -> 255.255.0.0 = wcm -> 0.0.255.255

They are the easy ones, where there is a 255 in the sb make it a 0 for the wcm and where there is a 0 in the sb make it a 255 in the wcm.

To come up a wildcard mask for others eg.

sb -> 255.255.255.128 = wcm = 0.0.0.127

sb -> 255.255.255.192 = wcm = 0.0.0.63

sb -> 255.255.255.248 = wcm 0.0.0.7

quick way to work out - take the octet that isn't 255 and subtract it from 256 then subtract 1 ie.

sb -> 255.255.255.192 =

256 - 192 = 64 - 1 = 63 so

wcm = 0.0.0.63

sb -> 255.255.224.0 =

256 - 224 = 32 - 1 = 31 so

wcm = 0.0.31.255

Hope that makes sense

Jon

Actions

This Discussion