I recently wrote a two-part series about the basics of Cisco
IP subnetting (“Cisco
IP subnetting 101: Five things you should know” and “Cisco IP
subnetting 101: Five more things you should know”). In response,
several TechRepublic members posted comments in the articles’ discussions or
contacted me with questions and requests for more advanced information about IP
I’ve decided to highlight some of these requests over the
next couple weeks and address these members’ questions. So, let’s get started: TechRepublic
member Shumkh wanted to know more
about the two special cases of all 1s and all 0s subnets.
“My understanding is [that] using all 0s as the subnet
mask means putting the network interface into Promiscuous Mode. Can you expand more on the practical application
of these two special subnet masks?”
First, let’s review some IP addressing and subnetting basics.
Every network interface has an IP address and a subnet mask. The subnet mask
tells the interface which devices are on the local LAN and which devices are
outside the LAN.
For the devices outside the LAN, the router sends that
traffic to the default gateway. If a router is the device in question, it may
have specific routes to those destinations, and it may or may not have a
All 1s subnet masks
Administrators sometimes use an all 1s subnet mask to
indicate that they’re talking about a single IP address or a single host. For
example, you could create an access control list entry that looked something like
the following example:
Access-list 1 deny 22.214.171.124 0.0.0.0
0.0.0.0 is the wildcard mask for 255.255.255.255. This access list specifies that we only want to deny the 126.96.36.199 host—not a range of hosts or a network.
Another use for the all 1s subnet mask is on an interface
that only has a single IP address with no other devices on that interface. What’s
the purpose of such an interface? One reason is a loopback interface. Here’s an
Router(config)# interface loopback 1 Router(config-if)# ip address 188.8.131.52 255.255.255.255 Router(config)# interface loopback 2 Router(config-if)# ip address 184.108.40.206 255.255.255.255
These interfaces only have a single IP address, and there
are no other hosts connected to these interfaces.
You could also use an all 1s subnet mask to create a route that
looks something like the following example:
ip route 220.127.116.11 255.255.255.255 18.104.22.168
This tells the router to only route traffic bound for the single
host 22.214.171.124 to the 126.96.36.199 network. Again, the subnet mask of 255.255.255.255
tells the router to only send traffic for the 188.8.131.52 single host to the
184.108.40.206 next hop.
All 1s IP address
The all 1s IP address—255.255.255.255 (as a destination IP
address)—is a special IP address. This IP address is the “all hosts”
broadcast address. Sending a packet to this IP address will send it to all hosts
on the network.
All 0s IP address and
Zero/zero (0/0) is a special route in the routing table of a
router or on a PC. The zero/zero route is the default. In other words, it means
if you don’t know where to send traffic, send it here. It looks like this:
IP 0.0.0.0 Subnet Mask 0.0.0.0 Destination x.x.x.x
All 0s subnet masks
If a PC is having trouble getting an IP address from a DHCP
server, it will sometimes have an IP address of 0.0.0.0 and a subnet mask of
0.0.0.0. These addresses are not normal—and not useable.
A subnet mask that’s all 0s (e.g., IP address: 192.168.1.1, subnet
mask 0.0.0.0) is invalid, and it doesn’t mean that a PC is in Promiscuous Mode.
Promiscuous Mode has nothing to do with IP addressing, which is at Layer 3 (the
network layer). Instead, Promiscuous Mode has everything to do with Layer 2
(the data-link layer).
Each packet that comes to a computer on an Ethernet network has
a hardware (MAC) address. When a computer receives a particular packet, it
checks the MAC address to see if the packet’s address is for that computer. If
not, the network card rejects the packet. When in Promiscuous Mode, the network
card doesn’t reject the packet—and, in fact, accepts and reads all packets.
Systems that are in Promiscuous Mode—and not because the
administrator put them in this mode—are a security risk. There are ways to find
systems in this mode. For more information, check out this PDF from
of Promiscuous Nodes Using ARP Packets.”
Stay tuned: Next time, I’ll address another member’s
question about advanced IP subnetting.
Miss a column?
Check out the Cisco Routers and Switches
Archive, and catch up on David Davis’ most recent columns.
Want to learn more
about router and switch management? Automatically
sign up for our free Cisco Routers and Switches newsletter, delivered each
David Davis has worked
in the IT industry for 12 years and holds several certifications, including
CCIE, MCSE+I, CISSP, CCNA, CCDA, and CCNP. He currently manages a group of
systems/network administrators for a privately owned retail company and
performs networking/systems consulting on a part-time basis.