Wild card mask for a range of hosts?

Darwin84Darwin84 Member Posts: 19 ■□□□□□□□□□
in CCNA & CCENT
Hi all,

First post here...

I couldn't find this in the ICND2 book I have, or from many hours of searching online..

What is the maths used to determine the wild card mask for a range of ip hosts?

Any help with this would be amazing, this seems to be the last thing that I'm kicking myself about, and it's doing my head in haha.

Regards
· Share on FacebookShare on Twitter

Comments

  • networker050184networker050184 Mod Posts: 11,962 Mod
    Not sure what you are asking. Can you clarify your question or give an example?
    An expert is a man who has made all the mistakes which can be made.
    · Share on FacebookShare on Twitter
  • Darwin84Darwin84 Member Posts: 19 ■□□□□□□□□□
    Woah, that was fast icon_smile.gif

    Okay, so I'm looking to deny, let's say telnet access from a range of hosts, but not the full subnet.

    For example, from the 192.168.1.0 /27 network
    hosts 192.168.1.1 -> 192.168.1.15

    Thanks
    · Share on FacebookShare on Twitter
  • fadhilfadhil Member Posts: 200
    to obtain a wildcard mask take 255.255.255.255 minus a subnet mask of a network
    for example 192.16.1.0/27
    255.255.255.255
    - 255.255.255.224
    0 .0 .0 .31 this will a wildcard mask of of that network.
    but the above wildcard mask will work for 32 host.
    for hosts
    hosts 192.168.1.1 -> 192.168.1.15
    the wild card mask will be 0.0.0.14
    · Share on FacebookShare on Twitter
  • joluis9joluis9 Member Posts: 35 ■■□□□□□□□□
    I didn't give too much thought. But I think you can do deny to 192.168.1.0 0.0.0.16. That would deny only from .1 to .15 basically making it a /28 which is inside the /27 network you have. I'd try it and see if it work.
    · Share on FacebookShare on Twitter
  • networker050184networker050184 Mod Posts: 11,962 Mod
    You have two options. Write it out in binary and find the interesting bits and build your mask off that.

    The easier way for a simple one like this is to use your subnetting abilities you already have! You want to match on .1-.15 and that this is a block size of 16. A /28 which is 255.255.255.240 uses a block size of 16. The inverse of your subnet mask give you the wildcard needed for your ACL 0.0.0.15.

    Is that what you are asking?
    An expert is a man who has made all the mistakes which can be made.
    · Share on FacebookShare on Twitter
  • Darwin84Darwin84 Member Posts: 19 ■□□□□□□□□□
    Thanks very much, all of you. I think I've got it sussed..

    One thing that I'm still wondering, what if I was to want to mask from .16 to 30?
    · Share on FacebookShare on Twitter
  • networker050184networker050184 Mod Posts: 11,962 Mod
    You would deny 192.168.1.16 0.0.0.15.
    An expert is a man who has made all the mistakes which can be made.
    · Share on FacebookShare on Twitter
  • fadhilfadhil Member Posts: 200
    Darwin84 wrote: »
    Thanks very much, all of you. I think I've got it sussed..

    One thing that I'm still wondering, what if I was to want to mask from .16 to 30?
    write an ip address that you want to start for example 192.168.1.16 0.0.0.14.
    · Share on FacebookShare on Twitter
  • Darwin84Darwin84 Member Posts: 19 ■□□□□□□□□□
    Wow, thanks everyone.. got it now. icon_smile.gif

    Feeling a bit silly, as now that I can see it, it makes perfect sense.

    Guys, thanks.
    · Share on FacebookShare on Twitter
  • networker050184networker050184 Mod Posts: 11,962 Mod
    No problem. Welcome to the forums!
    An expert is a man who has made all the mistakes which can be made.
    · Share on FacebookShare on Twitter
  • Darwin84Darwin84 Member Posts: 19 ■□□□□□□□□□
    Cheers man.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.