Cisco IP subnetting 101: Learn more about all 1s and all 0s subnet masks

After reading David Davis' recent two-part series about the basics of Cisco IP subnetting, members asked for more. This week, David responds to one member's question about all 1s and all 0s subnet masks.

I recently wrote a two-part series about the basics of Cisco
IP subnetting (“Cisco
IP subnetting 101: Five things you should know” and “Cisco IP
subnetting 101: Five more things you should know”). In response,
several TechRepublic members posted comments in the articles’ discussions or
contacted me with questions and requests for more advanced information about IP
subnetting.

I’ve decided to highlight some of these requests over the
next couple weeks and address these members’ questions. So, let’s get started: TechRepublic
member Shumkh wanted to know more
about the two special cases of all 1s and all 0s subnets.

“My understanding is [that] using all 0s as the subnet
mask means putting the network interface into Promiscuous Mode. Can you expand more on the practical application
of these two special subnet masks?”

First, let’s review some IP addressing and subnetting basics.
Every network interface has an IP address and a subnet mask. The subnet mask
tells the interface which devices are on the local LAN and which devices are
outside the LAN.

For the devices outside the LAN, the router sends that
traffic to the default gateway. If a router is the device in question, it may
have specific routes to those destinations, and it may or may not have a
default gateway.

All 1s subnet masks

Administrators sometimes use an all 1s subnet mask to
indicate that they’re talking about a single IP address or a single host. For
example, you could create an access control list entry that looked something like
the following example:

Access-list 1 deny 1.1.1.1 0.0.0.0

0.0.0.0 is the wildcard mask for 255.255.255.255. This access list specifies that we only want to deny the 1.1.1.1 host—not a range of hosts or a network.

Another use for the all 1s subnet mask is on an interface
that only has a single IP address with no other devices on that interface. What’s
the purpose of such an interface? One reason is a loopback interface. Here’s an
example:

Router(config)# interface loopback 1
Router(config-if)# ip address 2.2.2.2 255.255.255.255

Router(config)# interface loopback 2
Router(config-if)# ip address 2.2.2.3 255.255.255.255

These interfaces only have a single IP address, and there
are no other hosts connected to these interfaces.

You could also use an all 1s subnet mask to create a route that
looks something like the following example:

ip route 1.1.1.1 255.255.255.255 2.2.2.2

This tells the router to only route traffic bound for the single
host 1.1.1.1 to the 2.2.2.2 network. Again, the subnet mask of 255.255.255.255
tells the router to only send traffic for the 1.1.1.1 single host to the
2.2.2.2 next hop.

All 1s IP address

The all 1s IP address—255.255.255.255 (as a destination IP
address)—is a special IP address. This IP address is the “all hosts”
broadcast address. Sending a packet to this IP address will send it to all hosts
on the network.

All 0s IP address and
subnet mask

Zero/zero (0/0) is a special route in the routing table of a
router or on a PC. The zero/zero route is the default. In other words, it means
if you don’t know where to send traffic, send it here. It looks like this:

0.0.0.0/0.0.0.0

Or

IP 0.0.0.0 Subnet Mask 0.0.0.0 Destination x.x.x.x

All 0s subnet masks

If a PC is having trouble getting an IP address from a DHCP
server, it will sometimes have an IP address of 0.0.0.0 and a subnet mask of
0.0.0.0. These addresses are not normal—and not useable.

A subnet mask that’s all 0s (e.g., IP address: 192.168.1.1, subnet
mask 0.0.0.0) is invalid, and it doesn’t mean that a PC is in Promiscuous Mode.
Promiscuous Mode has nothing to do with IP addressing, which is at Layer 3 (the
network layer). Instead, Promiscuous Mode has everything to do with Layer 2
(the data-link layer).

Each packet that comes to a computer on an Ethernet network has
a hardware (MAC) address. When a computer receives a particular packet, it
checks the MAC address to see if the packet’s address is for that computer. If
not, the network card rejects the packet. When in Promiscuous Mode, the network
card doesn’t reject the packet—and, in fact, accepts and reads all packets.

Systems that are in Promiscuous Mode—and not because the
administrator put them in this mode—are a security risk. There are ways to find
systems in this mode. For more information, check out this PDF from
SecurityFriday: “Detection
of Promiscuous Nodes Using ARP Packets.”

Stay tuned: Next time, I’ll address another member’s
question about advanced IP subnetting.

Miss a column?

Check out the Cisco Routers and Switches
Archive, and catch up on David Davis’ most recent columns.

Want to learn more
about router and switch management? Automatically
sign up for our free Cisco Routers and Switches newsletter, delivered each
Friday!

David Davis has worked
in the IT industry for 12 years and holds several certifications, including
CCIE, MCSE+I, CISSP, CCNA, CCDA, and CCNP. He currently manages a group of
systems/network administrators for a privately owned retail company and
performs networking/systems consulting on a part-time basis.

TechRepublic Premium editorial calendar: IT policies, checklists, toolkits and research for download

TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.

Payroll

The Best Human Resources Payroll Software of 2023

With a lot of choices in the market, we have highlighted the top six HR and payroll software options for 2023.

A computer running Windows 11. — Image: Microsoft.

Software

Windows 11 update brings Bing Chat into the taskbar

Microsoft's latest Windows 11 allows enterprises to control some of these new features, which also include Notepad, iPhone and Android news.

A software engineer works from home. — Image: tanatat/Adobe Stock

CXO

Tech jobs: No rush back to the office for software developers as salaries reach $180,000

Salaries for remote roles in software development were higher than location-bound jobs in 2022, Hired finds.

Project management process to manage and develop with resources to deliver quality product, agile development cycle, businessman project manager balance on clock juggling project management elements. — Image: Nuthawut/Adobe Stock

Software

The 10 best agile project management software for 2023

With so many agile project management software tools available, it can be overwhelming to find the best fit for you. We've compiled a list of 10 tools you can use to take advantage of agile within your organization.

A user typing a password. — Image: Song_about_summer/Adobe Stock

Security

1Password is looking to a password-free future. Here’s why

With phishing-based credentials theft on the rise, 1Password CPO Steve Won explains why the endgame is to 'eliminate’ passwords entirely.

PURPOSE The purpose of this policy from TechRepublic Premium is to provide guidelines for employee performance reviews, which will clearly document accomplishments and areas of opportunity via an encouraging and thought-provoking analysis. This will assist in determining the next steps for employees as well as their future at the organization. This policy can be customized ...

PURPOSE The purpose of this policy from TechRepublic Premium is to provide guidelines for requesting, filing and permitting paid/unpaid time off as well as to ensure coverage during holidays, vacation(s) and other absences where staffing levels must be consistent to meet the needs of the business. From the policy: TIME OFF GUIDELINES All time off ...

Cisco IP subnetting 101: Learn more about all 1s and all 0s subnet masks