THE SCHOOL OF CISCO NETWORKING (SCN): WILDCARD MASK:
Contact No:   ### / ###/ ###
Welcome To The IT Knowledge Base Sharing Freeway "Study With The Zero Fees / Zero Money" Web - If We Believe, That If We Have Knowledge, Let Others Light Their Candles With It. - Our Motivation Has Brought Us Together To Offer Our Helping Hands To The Needy Ones Please. "Student Expectations And Satisfaction Is Always Our Highest Priority")

'Love All, Serve All, Help Ever Hurt Never'

Please Welcome To The "Zero Fees And Zero Money SCN Community Study Page"

We Like To Share Our Stuff With Everyone And Hope You Will Find Something Useful Here. Enjoy Our Collection And Come Back Again And Again, We'll Do Our Best To Make It Always Interesting For You. All Our Stuff Always Available May Be 100% Totally Freely. Use Only For Non-Commercial Purposes Only!

THE SCHOOL OF CISCO NETWORKING (SCN) Is A IT Support Community – Based, Non - Profit Volunteer Organizations, Offering Our Assistance And Support To Developmental Our Services Dedicated To All.

Because Large Section Of Our Students In This World, Especially In Villages, Who Are Under Privileged Expecting For Equal Opportunity In Terms Of Money And Education. We Feel The Sufferings Of Talented Students Losing Their Opportunity To Shine Because Of Their Poor Financial Status. So We Thought That Professional Education Will Be Providing Them Freely.

Our Web Site Is To Give An Easy Way To Understand Each And Every Student Who Are Going To Start CISCO Lab Practice Without Any Doubts And Our ARTICLES STUFF Are Always 100% Totally Free For Everyone, Which Is Belongings To THE SCHOOL OF CISCO NETWORKING (SCN).

Also This Guide Provides Technical Guidance Intended To Help All Network Students, Network Administrators And Security Officers Improve Of Their Demonstrated Ability To Achieve Specific objectives Within Set Timeframes.

Hands - On Experience Is An Invaluable Part Of Preparing For The Lab Exam And Never Pass Up An Opportunity To Configure Or Troubleshoot A Router ( If You Have Access To Lab Facilities, Take Full Advantage Of Them) There Is No Replacement For The Experience You Can Gain From Working In A Lab, Where You Can Configure Whatever You Want To Configure And Introduce Whatever Problems You Want To Introduce, Without Risk Of Disrupting A Production Network.

For Better View Of Our Web Page - Please Use Any Latest Web Browser, Such As (Mozilla Firefox, Google Chrome, Opera, Safari, Internet Explorer, Torch, Maxthon, Sea Monkey, Avant Browser, Deepnet Explorer, And Etc ), Because Some Elements Or Scripts Are Not Work In The Old Web Browser (It Might Not Be Displayed Properly Or Are Not Appearing properly!). Thank You For Your Time And Best Of Luck!

Your Sincerely – Premakumar Thevathasan.
"Our Motivation Has Brought Us Together To Offer Our Helping Hands To The Needy Once Please,Thank You."

WILDCARD MASK:

WILDCARD MASK:

Dear Web User:

For Better View Of This Web Page, Please Use Any Latest Web Browser, Because Some Elements Are Not Work In The Old Web Browser (Might Not Be Displayed Properly Or Are Not Appearing properly!). The Target Audience Is Anyone Who Desires A Practical And Technical Introduction To The Field Of Networking. This Includes High School, Community College, And Lifelong-Learning Students Who Are Interested In Careers As Network Technicians, Network Engineers, Network Administrators, And Network Help-Desk Staff.

Plz Note:

Some Topics That You Might Want To Pursue On Your Own That We Did Not Cover In This Article Are Listed Here. This Page Discusses “Wildcard Mask”, And Also We Request To The Students, Please Go Through All The Articles That Are We Posted In This Web Site And Also Identify All The CISCO IOS Commands In The Lab Practice Before Going To Access This Page. Experience Is The Sequence Of Hands-On LABs.Thank You!

FOR MORE REFERENCES:

◙ - ➤  For More Reference - > BASIC COLLECTION OF NETWORKING CONCEPTS:

◙ - ➤  For More Reference - > IPv4 & IPv6:

◙ - ➤  For More Reference - >IP ADDRESSING AND SUBNETTING:

◙ - ➤  For More Reference - > VARIABLE LENGTH SUBNET MASK (VLSM):

◙ - ➤  For More Reference - > BASIC NETWORKING QUESTIONS AND ANSWER:

◙ - ➤  For More Reference- > IP ROUTING QUESTIONS AND ANSWERS:


WILDCARD MASK


WILDCARD MASK:

A Wildcard Mask Is A Sequence Of Numbers That Streamlines Packet Routing Within The Subnets Of A Proprietary Network. Wildcards Also Known As Inverse Masks Are Mostly Used When Configuring Mask For IP ACL. Masks Are Used With IP Addresses In IP ACLs To Specify What Should Be Permitted And Denied. Masks In Order To Configure IP Addresses On Interfaces Start With 255 And Have The Large Values On The Left Side,

For Example, IP Address 172.16.2.14 With A 255.255.255.0 Mask. Masks For IP ACLs Are The Reverse, In This Example, Mask 0.0.0.255. This Is Sometimes Called An Inverse Mask Or A Wildcard Mask. When The Value Of The Mask Is Broken Down Into Binary (0s And 1s), The Results Determine Which Address Bits Are To Be Considered In Processing The Traffic. A 0 Indicates That The Address Bits Must Be Considered (Exact Match); A 1 In The Mask Is A "No".

Wild Card Mask Is Just The Opposite Or Reverse Of A Subnet Mask. Subnet Mask Is A 32 Bits Value Which Differentiate The Host Portion & Network Portion Of An IP Address. Where Network Portion Is Designate By The 1's & Host Portion 0's. Wild Card Mask Defines Which IP Addresses Are Allowed And Which Are Blocked. Wild Card Mask Matches (Wildly With A Zero) Everything In The Network Portion Of An IP Address. Where 0's Defines The Accurate Match Where Non Zero Value Defines Any Value On The Corresponding Octete.

The Wildcard Mask Usually Shows A String Of Binary Digits Over The Subnet Number, Telling The Router The Parts Of The Subnet Number To Look At. A Binary "0" Over A Particular Digit In The Subnet Number Represents The Message "Pay Attention To This Digit. Similarly A “1” Represents The Message “Ignore This Digit”. All The Binary “1”S In A Subnet Mask Is Replaced By “0”S And All The “0”S Is Replaced By “1”S In A Wild Card Mask.

THE RULES OF WILDCARD MASK (So There Are Two Basic Rules Of A Wild Card Mask):

◙ - ➤  0-Bit = Match
◙ - ➤  1-Bit = Ignore

ACLs Statements Include Wildcard Masks.

 A Wildcard Mask Is A String Of Binary Digits Telling The Router Which Parts Of The Subnet Number To Look At.
 The Numbers 1 And 0 In The Mask Identify How To Treat The Corresponding IP Address Bits.


 Wildcard Masks Are Referred To As An Inverse Mask.

Wildcard Masks And Subnet Masks Differ In The Way They Match Binary 1s And 0s. Wildcard Masks Use The Following Rules To Match Binary 1s And 0s:

 Wildcard Mask Bit 0 - Match The Corresponding Bit Value In The Address
 Wildcard Mask Bit 1 - Ignore The Corresponding Bit Value In The Address

WHAT CAN WILD CARD MASKS TARGET?

  A Single Host (Or A Single IP Address)
  An Entire Network (I.E, Class A, B, Or C)
  An Entire Subnet
  A Range Of IP Addresses

TARGETING A SINGLE HOST:

To Target A Single Host With A Wild Card Means That Every Bit Within The IP Address Of The Host Must Match. The Bit That Means We Are Matching Is A Zero (0-Bit). So A Wild Card Mask For A Host Would Be -- 0.0.0.0

TARGETING AN ENTIRE NETWORK:

To Target An Entire Network Means That Every Bit Within The NETWORK Portion Of The IP Address Must Match. All Others We Can Ignore. So For A Class-C Network (I.E., 192.168.1.0) The Wild Card Mask Would Be -- 0.0.0.255

TARGETING A SUBNET:

To Target A Particular Subnet (Not Classful) We Will Still Need To Match On Every Bit On The NETWORK Portion, However Now We Need To Find The Proper Bit Boundary In The Last Octet Used By Our Network. For Example We Need To Find The Wild Card Mask For The Network 192.168.1.128/25. The Easiest Way To Do This Is To Simply Subtract The Subnet Mask (255.255.255.128) From 255.255.255.255. 255.255.255.255 Minus 255.255.255.128 Equals A Wild Card Mask Of -- 0.0.0.127

 THE FIRST EXAMPLE THE WILDCARD MASK STIPULATES THAT EVERY BIT IN THE IP 192.168.1.1MUST MATCH EXACTLY.

 The Wildcard Mask Is 0.0.0.0.

 IN THE SECOND EXAMPLE, THE WILDCARD MASK STIPULATES THAT ANYTHING WILL MATCH.

 The Wildcard Mask Is 255.255.255.255.

 IN THE THIRD EXAMPLE, THE WILDCARD MASK STIPULATES THAT IT WILL MATCH ANY HOST WITHIN THE 192.168.1.0 /24 NETWORK.

 The Wildcard Mask Is 0.0.0.255.

In Example 1, The First Two Octets And First Four Bits Of The Third Octet Must Match Exactly.

 This Checks For 192.168.16.0 To 192.168.31.0
 The Wildcard Mask Is 0.0.15.255.

Example 2 , A Wildcard Mask That Matches The First Two Octets, And The Least Significant Bit In The Third Octet.

 The Result Is A Mask That Would Permit Or Deny All Hosts From Odd Subnets (/24) From The 192.168.0.0 Major Network.
 The Wildcard Mask Is 0.0.254.255.

CALCULATING WILDCARD MASKS EASILY BY SUBTRACTING THE SUBNET MASK FROM 255.255.255.255.

Example 1: Assume You Wanted To Permit Access To All Users In The 192.168.3.0 Network.

 Because The Subnet Mask Is 255.255.255.0, You Could Take The 255.255.255.255 And Subtract From The Subnet Mask.

 The Solution Produces The Wildcard Mask 0.0.0.255.


Example 2: Now Assume You Wanted To Permit Network Access For The 14 Users In The Subnet 192.168.3.32 /28. The Subnet Mask For The IP Subnet Is 255.255.255.240,

 Take 255.255.255.255 And Subtract The Subnet Mask 255.255.255.240

 The Solution This Time Produces The Wildcard Mask 0.0.0.15.


Example 3: Assume You Wanted To Match Only Networks 192.168.10.0 And 192.168.11.0.

 Take 255.255.255.255 And Subtract The Subnet Mask 255.255.254.0.

 The Result Is 0.0.1.255.



EXAMPLE 1:


The Following Example Can Be Used To Specify All IP Addresses Of A Classs B Network, 172.16.0.0, Which Is Subnetted By Using A Class C Subnet Mask (172.16.0.0/24).

THE BINARY REPRESENTATION OF ABOVE NETWORK ADDRESS, SUBNET MASK AND WILD CARD MASK IS AS SHOWN BELOW:

IP Address - 10101100.00010000.00000000.00000000
Subnet Mask - 11111111.11111111.11111111.00000000
Wildcard Mask - 00000000.00000000.00000000.11111111

THE DECIMAL REPRESENTATION OF THE ABOVE IP ADDRESS AND WILDCARD MASK IS GIVEN BELOW.

172.16.0.0 0.0.0.255

The Above Example States That The Values Of First Three Octects Should Exactly Match And The Values Of The Last Octet Can Be Any. This Statement Can Match All The IP Addresses Of 172.16.0.0/24 Network.


EXAMPLE 2:


The Following Example Can Be Used To Specify All IP Addresses Of A Classs B Network, 172.16.240.0/20 (Subnet Mask 255.255.240.0). Click The Following Link To Learn More About Class B Subnetting.

THE BINARY REPRESENTATION OF ABOVE NETWORK ADDRESS, SUBNET MASK AND WILD CARD MASK IS AS SHOWN BELOW:

IP Address - 10101100.00010000.0000 | 0000.00000000
Subnet Mask - 11111111.11111111.1111 | 0000.00000000
Wildcard Mask - 00000000.00000000.0000 | 1111.11111111

THE DECIMAL REPRESENTATION OF THE ABOVE IP ADDRESS, SUBNET MASK AND WILDCARD MASK ARE GIVEN BELOW:

IP Address - 172.16.240.0
Subnet Mask - 255.255.240.0
Wildcard Mask -0.0.15.255


EXAMPLE3:


The Values For Subnet Mask Can Be 128,192,224,240,248,252,254 And 255, Take Network Address 192.168.20.0 / 24 (Class C)

E.G #3.1:

Network Address (Binary) - 11000000.10101000.0001100.00000000
Subnet Mask - 255.255.255.0 (Decimal)
Mask - 11111111.11111111.11111111.00000000 (Binary)

Subtract The Normal Mask From 255.255.255.255 In Order To Determine The ACL Inverse Mask Or Wilcard. In This Example, The Inverse Mask Is Determined For Network Address 192.168.20.0 With A Normal Mask Of 255.255.255.0.

- 255.255.255.255
- 255.255.255.0
= 0. 0. 0. 255 - This Is The Wild Card Or Inverse Mask

E.G #3.2:

Subnet Mask Of 255.255.255.192

- 255.255.255.255
-255.255.255.192
= 0. 0. 0. 63 (This Is The Wildcard)

Calculating Wilcards Is Fun If You Could Understand That Is Just Simple Subtraction Of The Net Mask Of A Given IP Address From 255.255.255.255.


EXAMPLE4:


10.0.1.0 = 00001010.00000000.00000001.00000000
0.0.0.255 = 00000000.0000000.00000000.11111111

The Theory Says That The Zero Bits Of The Wildcard Mask Have To Match The Same Position In The IP Address. So, Let's Write The Wildacard Mask Below The IP Address:

00001010.00000000.00000001.00000000
00000000.00000000.00000000.11111111

As You Can See From The Output Above, The Last Octet Doesen't Have To Match, Because The Wildcard Mask Bits Are All Ones. The First 24 Bits Have To Match, Because Of The Wildcard Mask Bits Of All Zeros. So, In This Case, Wildcard Mask Will Match All Addresses That Begins With 10.0.1.X. In Our Case, Only One Network Will Be Matched, 10.0.1.0/24.

WHAT IS WE WANT TO MATCH BOTH 10.0.0.0/24 AND 10.0.1.0/24? THAN WE WILL HAVE TO USE DIFFERENT WILDCARD MASK. We Need To Use The Wildcard Mask Of 0.0.1.255. WHY IS THAT? WELL, WE AGAIN NEED TO WRITE DOWN ADDRESSES IN BINARY:

00001010.00000000.00000000.00000000 = 10.0.0.0
00001010.00000000.00000001.00000000 = 10.0.1.0
00000000.00000000.00000001.11111111 = 0.0.1.255

From The Output Above, We Can See That Only The First 23 Bits Have To Match. That Means That All Addresses In The Range Of 10.0.0.0 – 10.0.1.255 Will Be Matched.



CONCLUSION:

The Goal Of This Article Is To Give An Easy Way To Understand The “WILDCARD MASK" And Also We Hope This Guide Will Help Every Beginner Who Are Going To Start Cisco Lab Practice Without Any Doubts. Some Topics That You Might Want To Pursue On Your Own That We Did Not Cover In This Article Are Listed Here!

Hands - On Experience Is An Invaluable Part Of Preparing For The Lab Exam And Never Pass Up An Opportunity To Configure Or Troubleshoot A Router ( If You Have Access To Lab Facilities, Take Full Advantage Of Them) There Is No Replacement For The Experience You Can Gain From Working In A Lab, Where You Can Configure Whatever You Want To Configure And Introduce Whatever Problems You Want To Introduce, Without Risk Of Disrupting A Production Network. Thank You And Best Of Luck

This Article Written Author By: Mr. Premakumar Thevathasan - CCNA And CCNP (Routing & Switching), MCSE, MCSA, MCSA - MSG, CIW Security Analyst, CompTIA Certified A+ And Etc.

WARNING AND DISCLAIMER:

Routers Direct And Control Much Of The Data Flowing Across Computer Networks. This Guide Provides Technical Guidance Intended To Help All Network Students, Network Administrators And Security Officers Improve Of Their Demonstrated Ability To Achieve Specific objectives Within Set Timeframes.

This Document Carries No Explicit Or Implied Warranty. Nor Is There Any Guarantee That The Information Contained In This Document Is Accurate. Every Effort Has Been Made To Make All Articles As Complete And As Accurate As Possible, But No Warranty Or Fitness Is Implied.

It Is Offered In The Hopes Of Helping Others, But You Use It At Your Own Risk. The Author Will Not Be Liable For Any Special, Incidental, Consequential Or Indirect Any Damages Due To Loss Of Data Or Any Other Reason That Occur As A Result Of Using This Document. But No Warranty Or Fitness Is Implied. The Information Provided Is On An "As Is" Basic. All Use Is Completely At Your Own Risk.

Home Page Of - > The School Of Cisco Networking (SCN)

Page Of - > SCN InF4 TECH

Contact Details / About Us Page

To Send Email


Window Minimize / Window Maximize

No comments: