another subnet binary question question
pinkiaiii
Member Posts: 216
in CCNA & CCENT
got stuck at subnet practice question need to allow only hosts from 192.168.146.0,x.x.147.0,x.x.148.0,x.x.149.0 ips to connect to to server trough acl.
answers are :
ip access-list 10 permit ip 192.168.146.0 0.0.1.255
ip access-list 10 permit ip 192.168.148.0 0.0.1.255
now i undestand that wildcard mask is used so regular mask would be 255.255.254.0 /23 < 0.0.1.255
and if converting into binary range of
1001.0010 146
1001.0011 147
1001.0100 148
1001.0101 149
thus i can see where difference appears on these 4 ips 146-147,148-149 but why does last bit is able to fit two addresses into it ? its like im missing some sort of rule.
answers are :
ip access-list 10 permit ip 192.168.146.0 0.0.1.255
ip access-list 10 permit ip 192.168.148.0 0.0.1.255
now i undestand that wildcard mask is used so regular mask would be 255.255.254.0 /23 < 0.0.1.255
and if converting into binary range of
1001.0010 146
1001.0011 147
1001.0100 148
1001.0101 149
thus i can see where difference appears on these 4 ips 146-147,148-149 but why does last bit is able to fit two addresses into it ? its like im missing some sort of rule.
Comments
-
Techytach Member Posts: 140Well a more realistic answer would be:
ip access-list 10 permit ip 192.168.146.0 0.0.3.255
for the listed ranges.
Not sure I understand what you are asking at the end of the post. -
pinkiaiii Member Posts: 216well you provided 192.168.146.0 0.0.0.3 address this means wildcard mask will accommodate 146 and 147,148,149 thus yes correct mask,in my case question only gave masks with 1.255 or 0.255,but how does single bit in this instance last 1 fit two addresses or is it just the way it works out,guess maybe lookning to deep into it
-
sschwieterman Member Posts: 42 ■■□□□□□□□□Well a more realistic answer would be:
ip access-list 10 permit ip 192.168.146.0 0.0.3.255
for the listed ranges.
Not sure I understand what you are asking at the end of the post.
The above ACL would actually permit the address range of 192.168.144.0 - 192.168.147.255, which is why it is split into two ACLs in pinkiaiii's original post.
In a /23 subnet mask, the third octet of the network address will always be a multiple of two. In a /22 subnet mask, the third octet of the network address will always be a multiple of four.
To answer the original question, if I understand it correctly: A /23 subnet mask inherently allows for 512 IPs total. Because we are only given 0-255 (256 IPs) per octet, we will need to borrow a bit from the from the third octet to allow for the addressing space.
For example:
/24 (11111111.11111111.11111111.00000000) would permit 192.168.146.0 - 192.168.146.255
/23 (11111111.11111111.11111110.00000000) would permit 192.168.146.0 - 192.168.147.255
Hope that helps. Others might be able to explain it more clearly. -
GDaines Member Posts: 273 ■■■□□□□□□□well you provided 192.168.146.0 0.0.0.3 address this means wildcard mask will accommodate 146 and 147,148,149 thus yes correct mask,in my case question only gave masks with 1.255 or 0.255,but how does single bit in this instance last 1 fit two addresses or is it just the way it works out,guess maybe lookning to deep into it
Wildcard mask is always Block size -1. Rather than writing out what each therefore equates to, see the attached chart.answers are :
ip access-list 10 permit ip 192.168.146.0 0.0.1.255
ip access-list 10 permit ip 192.168.148.0 0.0.1.255
In brief you have a wildcard mask of 1, so a block size of 2 addresses which in your answers are 146/147 and 148/149. It's already been stated that you could have had a wildcard mask of 3 giving a block size of 4 addresses, but you have to be careful where the 4 addresses fall as I think it might be 144-147 making Techytach wrong. -
Techytach Member Posts: 140sschwieterman ahhh yea, I'm wrong. I took too many shortcuts doing that in my head. Always check where the network lies. Tricky.
-
sschwieterman Member Posts: 42 ■■□□□□□□□□sschwieterman ahhh yea, I'm wrong. I took too many shortcuts doing that in my head. Always check where the network lies. Tricky.
I've also done it my fair share of times! -
volfkhat Member Posts: 1,075 ■■■■■■■■□□well you provided 192.168.146.0 0.0.0.3 address this means wildcard mask will accommodate 146 and 147,148,149 thus yes correct mask,in my case question only gave masks with 1.255 or 0.255,but how does single bit in this instance last 1 fit two addresses or is it just the way it works out,guess maybe lookning to deep into it
You are confusing yourself.
This question is Not really about Wildcards.
This is actually just a basic Subnetting question.
If the subnet Mask = 255.255.254.0
and the Subnet Address = 192.168.146.0
The solution is to --> identify the broadcast address.
So... what is the answer?
:] -
volfkhat Member Posts: 1,075 ■■■■■■■■□□thus i can see where difference appears on these 4 ips 146-147,148-149 but why does last bit is able to fit two addresses into it ? its like im missing some sort of rule.
No one else understood your question... because you used the incorrect term.
You used the word --> "bit".
But the correct word is "octet".
You are trying to ask:why does last octet is able to fit two addresses into it ? its like im missing some sort of rule.
And the answer is:
It doesn't.
Please read/answer my previous post... i think you will begin to straighten yourself out :]