IT Employment

General discussion


Wildcard masks with a twist

By pfafman ·
I bring a question to the folks here on the forums to try and help me explain a wrinkle I recently encountered with respect to wildcard masks...

Now, as I understood wildcard masks, they behave similary to subnet masks in that as you start placing bits in the mask, it works (for subnets) as a contiguous placement from left to right.


You cannot have something like:


Now for wildcard masks (and I refer to them when used in Cisco Access Control Lists) they simply work right to left.


However, I encountered on a Cisco exam a question that would challenge this assumption. The wildcard mask I was given to work with was! I must confess that while I am not fluid with wildcard masks, I do understand their basic mechanics - except for this.

Can anyone suggest a method of logic of how this mask would be utilized to filter a particular subnet?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

It's been a while....

by richsargent In reply to Wildcard masks with a twi ...

but when wildcard masks are used in ACLs then I always would look at it this way:
1's mean that it is ignored(the 1 looks like an I for ignore
0's mean that it needs to be examined to see if there is a match for the ACL

block any thing that match the first 3 octets but ignore(1) the last octet because it already matches

There is alot more to it from what I can remember but it seems to escape at the moment. Hope this helps.

Related Discussions

Related Forums