Tag: wildcard

Wildcard mask – What’s the difference from subnet mask?

What is Wildcard Masking?

Wildcard mask is like any other computer IP address basically a group od zeroes and ones (o and 1). To be short, in wildcard mask all number one (1) mean “I don’t care about that position”, and all zeroes (0) mean “I care about that position in binary address”. Let’s take an example where Access list with wildcardmask will be able to deny fourth subnet and alow next four and so on for all /24 subnets of supernetwork.

In the access-list we put an network;

We know that 255 means 1111 1111 in binary.
We know that 251 means 1111 1011 in binary.

In the line we could change to any other kind of because in this situation our ACL will not care about the bits in the first, second and last octet. We could write it will fit in our example.

One more thing to make myself more clear. If we use deny in ACL, this ACL will not filter only network, but every network in the whole 32bit range from to in which third octet has an zero (0) in 6th position. To filter only those subnets that are part of supernet we would need to use deny because in that way we will say that we care about first and second octet of the address.


| Continue Reading.. |