I recently wrote a two-part series about the basics of Cisco
IP subnetting (“Cisco
IP subnetting 101: Five things you should know”
and “Cisco IP
subnetting 101: Five more things you should know”
). In response,
several TechRepublic members posted comments in the articles’ discussions or
contacted me with questions and requests for more advanced information about IP

I’ve decided to highlight some of these requests over the
next couple weeks and address these members’ questions. So, let’s get started: TechRepublic
member Shumkh wanted to know more
about the two special cases of all 1s and all 0s subnets.

“My understanding is [that] using all 0s as the subnet
mask means putting the network interface into Promiscuous Mode. Can you expand more on the practical application
of these two special subnet masks?”

First, let’s review some IP addressing and subnetting basics.
Every network interface has an IP address and a subnet mask. The subnet mask
tells the interface which devices are on the local LAN and which devices are
outside the LAN.

For the devices outside the LAN, the router sends that
traffic to the default gateway. If a router is the device in question, it may
have specific routes to those destinations, and it may or may not have a
default gateway.

All 1s subnet masks

Administrators sometimes use an all 1s subnet mask to
indicate that they’re talking about a single IP address or a single host. For
example, you could create an access control list entry that looked something like
the following example:

Access-list 1 deny is the wildcard mask for This access list specifies that we only want to deny the host—not a range of hosts or a network.

Another use for the all 1s subnet mask is on an interface
that only has a single IP address with no other devices on that interface. What’s
the purpose of such an interface? One reason is a loopback interface. Here’s an

Router(config)# interface loopback 1
Router(config-if)# ip address

Router(config)# interface loopback 2
Router(config-if)# ip address

These interfaces only have a single IP address, and there
are no other hosts connected to these interfaces.

You could also use an all 1s subnet mask to create a route that
looks something like the following example:

ip route

This tells the router to only route traffic bound for the single
host to the network. Again, the subnet mask of
tells the router to only send traffic for the single host to the next hop.

All 1s IP address

The all 1s IP address— (as a destination IP
address)—is a special IP address. This IP address is the “all hosts”
broadcast address. Sending a packet to this IP address will send it to all hosts
on the network.

All 0s IP address and
subnet mask

Zero/zero (0/0) is a special route in the routing table of a
router or on a PC. The zero/zero route is the default. In other words, it means
if you don’t know where to send traffic, send it here. It looks like this:
IP Subnet Mask Destination x.x.x.x

All 0s subnet masks

If a PC is having trouble getting an IP address from a DHCP
server, it will sometimes have an IP address of and a subnet mask of These addresses are not normal—and not useable.

A subnet mask that’s all 0s (e.g., IP address:, subnet
mask is invalid, and it doesn’t mean that a PC is in Promiscuous Mode.
Promiscuous Mode has nothing to do with IP addressing, which is at Layer 3 (the
network layer). Instead, Promiscuous Mode has everything to do with Layer 2
(the data-link layer).

Each packet that comes to a computer on an Ethernet network has
a hardware (MAC) address. When a computer receives a particular packet, it
checks the MAC address to see if the packet’s address is for that computer. If
not, the network card rejects the packet. When in Promiscuous Mode, the network
card doesn’t reject the packet—and, in fact, accepts and reads all packets.

Systems that are in Promiscuous Mode—and not because the
administrator put them in this mode—are a security risk. There are ways to find
systems in this mode. For more information, check out this PDF from
SecurityFriday: “Detection
of Promiscuous Nodes Using ARP Packets.”

Stay tuned: Next time, I’ll address another member’s
question about advanced IP subnetting.

Miss a column?

Check out the Cisco Routers and Switches
, and catch up on David Davis’ most recent columns.

Want to learn more
about router and switch management? Automatically
sign up for our free Cisco Routers and Switches newsletter
, delivered each

David Davis has worked
in the IT industry for 12 years and holds several certifications, including
CCIE, MCSE+I, CISSP, CCNA, CCDA, and CCNP. He currently manages a group of
systems/network administrators for a privately owned retail company and
performs networking/systems consulting on a part-time basis.