Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Confusion on wildcard masks

What exactly is the wildcard mask doing in this line:

access-list 10 deny 192.168.10.128 0.0.0.31

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Confusion on wildcard masks

Hi Guys,

For the Wildcard mask, I have a best practise to calculate it as follows:

1- you take the original Subnetmask of the Network ID and Subtract it by(255.255.255.255).

Example:

you have the Network : 192.168.10.128/27

192.168.10.128 255.255.255.224

** always take (255.255.255.255) -

(255.255.255.224)

equals = 0.0.0.31 (wildcard mask)

So the wildcard mask for 192.16.10.128/27

equals 192.168.10.128 0.0.0.31, which will match 31 bit hosts from 129 - 159.

Note: the last octet 159 is the broadcast of the subnet & its included in the calculation.

Regards,

Mohamed Sobair

4 REPLIES
Silver

Re: Confusion on wildcard masks

It will deny all IP address start from

192.168.10.128 to 139 {129 and 140 both will comver}

Block size is 0 to 31 mean it covers 32 Ip address.

Regards,

Dharmesh Purohit

New Member

Re: Confusion on wildcard masks

Hello,

The host range should be 192.168.10.129 to 192.168.10.158 which will be denied. Or i understood it wrong. 192.168.10.128/27

c
New Member

Re: Confusion on wildcard masks

Purohit,

I guess it is a typo. Shouldn't it be 192.168.10.128 to 159 ?

regards,

Re: Confusion on wildcard masks

Hi Guys,

For the Wildcard mask, I have a best practise to calculate it as follows:

1- you take the original Subnetmask of the Network ID and Subtract it by(255.255.255.255).

Example:

you have the Network : 192.168.10.128/27

192.168.10.128 255.255.255.224

** always take (255.255.255.255) -

(255.255.255.224)

equals = 0.0.0.31 (wildcard mask)

So the wildcard mask for 192.16.10.128/27

equals 192.168.10.128 0.0.0.31, which will match 31 bit hosts from 129 - 159.

Note: the last octet 159 is the broadcast of the subnet & its included in the calculation.

Regards,

Mohamed Sobair

126
Views
0
Helpful
4
Replies
CreatePlease login to create content