Options
Wild card mask for a range of hosts?
Darwin84
Member Posts: 19 ■□□□□□□□□□
in CCNA & CCENT
Hi all,
First post here...
I couldn't find this in the ICND2 book I have, or from many hours of searching online..
What is the maths used to determine the wild card mask for a range of ip hosts?
Any help with this would be amazing, this seems to be the last thing that I'm kicking myself about, and it's doing my head in haha.
Regards
First post here...
I couldn't find this in the ICND2 book I have, or from many hours of searching online..
What is the maths used to determine the wild card mask for a range of ip hosts?
Any help with this would be amazing, this seems to be the last thing that I'm kicking myself about, and it's doing my head in haha.
Regards
Comments
-
Options
networker050184
Mod Posts: 11,962 Mod
Not sure what you are asking. Can you clarify your question or give an example?An expert is a man who has made all the mistakes which can be made. -
OptionsDarwin84
Member Posts: 19 ■□□□□□□□□□
Woah, that was fast
Okay, so I'm looking to deny, let's say telnet access from a range of hosts, but not the full subnet.
For example, from the 192.168.1.0 /27 network
hosts 192.168.1.1 -> 192.168.1.15
Thanks -
Optionsfadhil
Member Posts: 200
to obtain a wildcard mask take 255.255.255.255 minus a subnet mask of a network
for example 192.16.1.0/27
255.255.255.255
- 255.255.255.224
0 .0 .0 .31 this will a wildcard mask of of that network.
but the above wildcard mask will work for 32 host.
for hosts
hosts 192.168.1.1 -> 192.168.1.15
the wild card mask will be 0.0.0.14 -
Optionsjoluis9
Member Posts: 35 ■■□□□□□□□□
I didn't give too much thought. But I think you can do deny to 192.168.1.0 0.0.0.16. That would deny only from .1 to .15 basically making it a /28 which is inside the /27 network you have. I'd try it and see if it work.
-
Optionsnetworker050184
Mod Posts: 11,962 Mod
You have two options. Write it out in binary and find the interesting bits and build your mask off that.
The easier way for a simple one like this is to use your subnetting abilities you already have! You want to match on .1-.15 and that this is a block size of 16. A /28 which is 255.255.255.240 uses a block size of 16. The inverse of your subnet mask give you the wildcard needed for your ACL 0.0.0.15.
Is that what you are asking?An expert is a man who has made all the mistakes which can be made. -
OptionsDarwin84
Member Posts: 19 ■□□□□□□□□□
Thanks very much, all of you. I think I've got it sussed..
One thing that I'm still wondering, what if I was to want to mask from .16 to 30? -
Optionsnetworker050184
Mod Posts: 11,962 Mod
You would deny 192.168.1.16 0.0.0.15.An expert is a man who has made all the mistakes which can be made.
-
Optionsfadhil
Member Posts: 200
write an ip address that you want to start for example 192.168.1.16 0.0.0.14.Thanks very much, all of you. I think I've got it sussed..
One thing that I'm still wondering, what if I was to want to mask from .16 to 30? -
OptionsDarwin84
Member Posts: 19 ■□□□□□□□□□
Wow, thanks everyone.. got it now.
Feeling a bit silly, as now that I can see it, it makes perfect sense.
Guys, thanks. -
Optionsnetworker050184
Mod Posts: 11,962 Mod
No problem. Welcome to the forums!An expert is a man who has made all the mistakes which can be made.
