Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Access list

i have a genral question abt wild card mask.....like if we wanna allow or deny a whole class we write 210.54.8.0 0.0.0.255 but some time we use 210.54.8.0 0.0.0.0........like both thing r same so in which scenario we will use all o's and in which scenarios we will use 255.........at he last....thanks in advance

1 REPLY

Re: Access list

Hi shahryar

The theory behind the access-list wild cards mask is : 0 is considered to be exact match and

1 is considered to be a wild card or dont care

so in the ablove example 210.54.8.0 0.0.0.255 the last octet is all 1s and hence represent dont care bits. i.e match the first 3 octets exactly while ignoring the 4th octet

but if you have 210.54.8.0 0.0.0.0 configured,it is asking it to match all the 4 octets exactly which would basically mean to match a single host.

(actually cisco converts the mask 0.0.0.0 as host and 255.255.255.255 as any)

HTH

Narayan

102
Views
0
Helpful
1
Replies