# wildcard mask range number question in chapter exam ?

pinkiaiii
Posts:

**216**Member
in CCNA & CCENT

was doing chapter exam and got this question

What single access list statement matches all of the following networks?

192.168.16.0

192.168.17.0

192.168.18.0

192.168.19.0

with following answers possible:

What single access list statement matches all of the following networks?

192.168.16.0

192.168.17.0

192.168.18.0

192.168.19.0

with following answers possible:

**access-list 10 permit 192.168.0.0 0.0.15.255****access-list 10 permit 192.168.0.0 0.0.0.255**

**access-list 10 permit 192.168.16.0 0.0.15.255**

how to calculate range of addresses,as opposed to using 0.0.0.0 or 255 as to allow all addresses in that range**access-list 10 permit 192.168.16.0 0.0.3.255**

Now i went with first answer even thou i know basic formula is to take away subnet mask from 255 thus in my mind for single ip it would been 255-16,which obviously isnt correct and my second choice was 3rd ACL which isnt correct.

So how does 0.0.3 fit addresses 16 to 19 on third octet,is it just any number as how many networks past 16 mark one wants to include ? since did binary on 16 which is 00010000 and 3 is 00000011 so a bit bummped upNow i went with first answer even thou i know basic formula is to take away subnet mask from 255 thus in my mind for single ip it would been 255-16,which obviously isnt correct and my second choice was 3rd ACL which isnt correct.

So how does 0.0.3 fit addresses 16 to 19 on third octet,is it just any number as how many networks past 16 mark one wants to include ? since did binary on 16 which is 00010000 and 3 is 00000011 so a bit bummped up

0

## Comments

944Member ■■■■■■■□□□Without looking/reading you answers:

1) You have to identify the Summarization that covers all

4subnets.Which would be --> 192.168.16.0

/22Which is also written:

192.168.16.0

255.255.252.0

~If you don't understand how i arrived at this point... you should stop, and go review how "Subnet Summarization" is done.

2) Now that you know the Subnet is 255.255.252.0....

You simply subtract 255 from each octet to get your Wildcard:

0.0.3.255

Thus, i would guess the answer is -->192.168.16.0and0.0.3.255

Hope this Helps :]216Memberas remember given example on the board for a minute or so,where one puts networks in binary then chops of at (magical number) to drop the load of router going trough every possible network.

thus in my example just figuring out now from that brief minutes example one would put down networks thus at this question focusing on third octet which is 16,then if writing it down 00010000,would be 128+64+32+16=240,thus one is left with 10 bytes,even thou theoretically one cant go past 30 :]

so 32-10=/22 cidr mask then getting 252 and

255-252=3

Anyways you will probably laugh your head off my attempt at this since just tried to get that number somehow following your example and trying implement what i have leant, thus making balls of myself,since even getting that number still cant understand how it would accompany next 3 networks,and if say one would need 5 or more networks in same scenario and math behind it.

Yeah will stop at point you told and will look at subnet summarization

944Member ■■■■■■■□□□Yes, that's what i meant to call it :]

i tried to read the rest of your post... but i had difficulty following.

But, the MAGIC NUMBER is "4" (in the example you provided).

Do you "get" that?

If not... try another teacher.

Understanding the ZEROS & ONEs is great.... but only if it is explained effectively.

I answered your question without grabbing a pencil. I did it ALL in my head.

I recommend watching this guy:

https://www.youtube.com/playlist?list=PL33E07ECCA73C0755

he taught me EVERYTHING.

His "MAGIC NUMBER" lessons Start at video # 37, and go through at least video 55.

If he can teach me... then he can teach you.

Here is his Summarization lesson:

216MemberAs for understanding what i tried to do,i sort of got the idea with that number 4,since once seen your reply tried to apply route summarization from memory,thus did all that calculations in head and wrote it out stright into reply,trying to come up with that subnet mask you wrote,thus thats why i said it will probably make someone like you laugh,given your signature i eat subneting .

will def go trough videos as need as much material as i can,since i can grasp the concept just not the brightest in math,not yet anyway.

944Member ■■■■■■■□□□well, im sure that your teacher will help show you all how.

At the beginning of 2015... i didn't know ANY of this; so you dont have to be a SuperGenius to understand this stuff :]

here's a great site for practicing subnets:

i recommending trying it for 10-15 minutes per day

243Memberyes answer is

access-list 10 permit 192.168.16.0 0.0.3.255

3 wild card is subnetting 4 , and thus encompasses 16,17,18,19

216Member+1 on danscourses,the guy has thought me more ,as compared sitting in lectures.

764Member ■■■■□□□□□□Blog: https://hackfox.net

216MemberBut still weak on class B,heres example question:

[h=2]What subnet mask would you use for the 172.23.0.0 network, such that you can get 240 subnets and 200 hosts per subnet?[/h]

now i went with the answer of /22,while wasn't sure about using /23 just because now knowing answer and rereading question,that 240-200 was bit of throw off.But as someone who knows subneting will see that either mask is wrong,thus not sure how its worked out to be default class c mask on class b subnet.

Just trying to comfortable with such questions,not sure would that go into ccna scope but seems very close.

266Member216MemberAnother ACL question with wildcard bits that easy rumbled my mind

access-list 50 permit 192.168.122.128 0.0.0.63 will ip 192.168.122.195 will be permitted or denied ?

since seeing ip 192.168.122.195 its subent mask would be 255.255.255.0,but then am i right to think it should actually be seen as 255.255.255.255 (-) minus .63 thus getting answer 192 and it would seem since i see the number clearly now its deny because it falls under 195.

I know some might seem annoyed by such questions,but i found that it really helps practice subneting and wildcard bits,subnet masks-since eventually it will have to come together,and seeing not only single ip or subnet but few factors to consider really makes my brain to push for it.

944Member ■■■■■■■□□□ha!

It's a trick Question :]

I actually had to read it TWICE, before i figured it out (took about 30 seconds).

but Again.... i solved it withOUT a pen/pencil; just counted with my fingers.

the answer is

/24also known as:

255.255.255.0Watch Dan's video on VLSM; (video # 53 & 54).

So... how do you solve this type of Q:

A)

Recognize that they are giving you a requirement for TWO things:

a certain # of

Subnets,and a certain # of

HOSTSwithin each subnet.So which do you focus on?

Well... it kind of depends :]

But to keep things simple ---> Focus on the

# of Hosts.(it takes precedence)

C)

You do this by multiplying by POWERS of 2: (hopefully you see where im going)

The requirement in your question is asking for

200 Hosts.Thus, the solution is simply:

2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 = 256 (total addresses)

Now, count up How many "2"s you have. (this is where i used my fingers).

the Answer is ---> 8.

8 Bits.

8

BORROWEDbits.They were borrowed from the 32 (the max/total # of bits).

Thus,

32 (

total bits) - 8 (host bits) = 24 (left-over-for-the-subnet) bits.aka --->

/24Eyeball Test:

If you still don't believe me.... then allow me to point to the Obvious.

Here are the addresses of the 240 subnets:

172.23.0.

[0-255]172.23.1.

[0-255]172.23.2.

[0-255]172.23.3.

[0-255]...

172.23.237.

[0-255]172.23.238.

[0-255]172.23.239.

[0-255]Finito!

(fyi, this was EASY to do.... but VERY hard to explain. lol)

764Member ■■■■□□□□□□Blog: https://hackfox.net

216MemberThat class B mask will only apply for classful networks. If you are breaking up the network, you are not using the classful mask.

can you shed more light on that sentence ? if i understand correctly if ip would been say 172.15.x.x it would be class-less ip to begin with,since class b is 172.16 to 172.32 ?Btw all stuff that i type out its from head no pen or paper either,but seems still long ways to go before applying it correctly

944Member ■■■■■■■□□□imo,

I wouldnt worry about "what is Class B" and what not.

it DOESN'T matter At ALL.

(in fact, it kind of confuses things)

Instead, just focus on identifying the

SUBNET MASK.That's ALL you ever need.

perfect example.

if the wildcard is

0.0.0.63....then i subtract 255 from EACH octet to get the Subnet Mask:

255.255.255.192

From here, we know the MAgic Number is 64, right?

So the address range of the ACL is:

192.168.122.

[128-191]ANd so,

the address in question --> 192.168.122.195

is NOT on the ACL's subnet.

Thus, DENIED (implicitly)

216Memberaccess-list 20 permit 192.0.2.11 0.0.0.15 will ip 192.0.2.17 be denied or permited

would it be smth like this:focusing on number eleven last octetso in this example ip isnt classfull how does one calculate it ?

00001011 11

00001100 12

00001101 13

00001110 14

00001111 15

00010000 16

00010001 17

So splitting it like this i can see now that anything past 15 would be different mask thus 17 not falling into that category,thus denied but wonder is there a way just by looking at mask to make calculations like that in simpler way ?rather then listing all bits as i did above thus loosing couple minutes of writing them out.

and similar one :access-list 10 permit 192.168.15.0 0.0.0.3 will ip 192.168.15.5 will be permitted

if looking at 0 to 5 here it would be

00000000 0

00000001 1

00000010 2

00000011 3

00000100 4

00000101 5

thus when all is written out its clear that after number 3 number 4-5 changes all mask but comparing first and second questions there isnt clear cut off point like in the first one,where cut off line is clear at 4 bits mark which coincidentally is 15 when converted into decimal,thus for some reason i get confused with route summarization and wildcard masks when given such questions,so i guess my question should i just focus on wildcard mask number to determine if given ip is in that range.

944Member ■■■■■■■□□□i like your method of solving the questions.

You write out the BINARY.... and then you Look for when it splits.

Good stuff :]

YES!!

The MAGIC NUMBER reveals all.

lol

Temporarily, forget about the ZEROS and ONES.

Grab a pencil/paper and WRITEOUT this table:

"

SUBNET MASK" --- "Magic #"__________________________

255.255.255.

0- - - -- 256255.255.255.

128---- 128255.255.255.

192-- -- 64255.255.255.

224-- -- 32255.255.255.

240-- -- 16255.255.255.

248-- -- 8255.255.255.

252---- 4255.255.255.

254---- 2______________________

There is a Pattern here.... can you Find it?

(i

BOLDthe last octet... as a hint.)ANswer:

The 'Last Octet' is NOT the other Octets (255).

lol

Okay, just kidding.

The "

Last Octet" + the "Magic Number" will Always Equal =256.THAT is the PAttern.

Go and take another look at the table.... Do you see it now?

So, just by Looking at any

SUbnet Mask... you can Quicklyy get theMAGIC Number.Okay great, so Now WHat??Well, the

Magic Numbertells you theSIZEof its subnet.Or, better stated:

the

Magic Numbertells you theRANGEof its subnet.For example:

Let's look at your home LAN --->

192.168.1.0I'm guessing your Magic # is probably

256.So, the Size/Range of your subnet is:

192.168.1.

[0-255]You follow?

Now,

what if the Magic # was

128?Well, your LAN would be either:

192.168.1.

[0-127]or

192.168.1.

[128-255]Two possible SUbnets... but both Ranges are 128 addresses.

---

ANd, Now, its your Turn!

what if the Magic # was

64?:]Give me the RANGES for the Subnets266MemberI hope I'm not going to come unstuck, but I'm seeing that the block size is one higher than the wildcard mask. In the example the mask is 15 on the last octet so the block size is 16. Therefore the host ranges are 0-15, 16-31 etc (we can stop here because we've identified the host addresses already). As we can see, 11 falls in the 0-15 subnet and 17 in the 16-31 subnet - different subnets so they can't see each other, so it will be denied.

And the same still works for this one. The mask is 63 so the block size is 64, therefore the host ranges are 0-63, 64-127, 128-191 and 192-255. The 128 host is in the 3rd range while the 195 host is in the 4th range, so again the answer is denied.

216Memberalso thanks wolfkhat

ranges for 64 second bit =4subnets

0-64 usable 1 -62

64-128 65-126

128-192 129-191

192-256 193-254

now if i were given b class ip i would of had troubles doing it but slowly getting to them as well,just for the fact that it would be harder to list some networks specially those that turn out to be say 255 as valid address,or when last octet turns next one thus simple example where say 172.18.20.xxx>172.18.21.0,xxx since dont know what sort of mask would make it turn to next,is it /24 or /23

I guess its a lot of practice and having good teacher that makes such things overcoming in days rather then weeks.But because of your given examples at least i learned something of value today thus,day not wasted

944Member ■■■■■■■□□□Wrong!!!

but you are 95% there:

0-

63____ 1 -6264-

127__ 65-126128-

191_ 129-191192-

255_ 193-254I did

BOLDso that you see the difference :]ha!

Its Not as hard as you think.

the

Magic #Actually repeats:__________________________

/16 _ 255.255.

0.0- - - -- 256/17 _ 255.255.

128.0---- 128/18 _ 255.255.

192.0-- -- 64/19 _ 255.255.

224.0-- -- 32/20 _ 255.255.

240.0-- -- 16/21 _ 255.255.

248.0-- -- 8/22 _ 255.255.

252.0---- 4/23 _ 255.255.

254.0 ---- 2/24 _ 255.255.255.

0---- 256______________________

So,

in your example of:

"172.18.

20.xxx - 172.18.21.xxx"It's the 3rd octet that we focus on.

And we see that the Range/Size is

2. (which includes '20' and '21').So, looking at the table, which

Subnet Maskwill it be?216Member944Member ■■■■■■■□□□well, it appears that i am

a Good explainer of subnets.notlol

The subnet

Rangeis2(because you want to include '20' to '21').To state it another way:

If the

Rangeis 2,then the

MAGIC#is also 2.('Range' and 'Magic #' are the SAME thing)

Looking at the 'Magic #' table that i post earlier...

the correct subnet mask is a

/23aka,

255.255.254.0In fact,

if you WROTE OUT the entire Subnet Mask Table... then you would see that it actually Repeats every 8 bits.

( i will post it separately; hopefully it helps; not Complicates)

944Member ■■■■■■■□□□/8 __ 255.

0.0.0 _____ 256/9 __ 255.

128.0.0 ___ 128/10 _ 255.

192.0.0 ___ 64/11 _ 255.

224.0.0 ___ 32/12 _ 255.

240.0.0 ___ 16/13 _ 255.

248.0.0 ___ 8/14 _ 255.

252.0.0 ___ 4/15 _ 255.

254.0.0 ___ 2/16 _ 255.255.

0.0 _____ 256/17 _ 255.255.

128.0 ___ 128/18 _ 255.255.

192.0 ___ 64/19 _ 255.255.

224.0 ___ 32/20 _ 255.255.

240.0 ___ 16/21 _ 255.255.

248.0 ___ 8/22 _ 255.255.

252.0 ___ 4/23 _ 255.255.

254.0 ___ 2/24 _ 255.255.255.

0_____ 256/25 _ 255.255.255.

128___ 128/26 _ 255.255.255.

192___ 64/27 _ 255.255.255.

224___ 32/28 _ 255.255.255.

240___ 16/29 _ 255.255.255.

248___ 8/30 _ 255.255.255.

252___ 4/31 _ 255.255.255.

254___ 2So, in your example,

if the Range is '2',

then the correct Subnet Mask is limited to either

/15,/23, or/31.If in another example,

the Range is '16',

then the correct Subnet Mask is limited to either

/12,/20, or/28.Hopefully, you see the pattern :]

216Member0.0 _____ 256/17 _ 255.255.

128.0 ___ 128/18 _ 255.255.

192.0 ___ 64/19 _ 255.255.

224.0 ___ 32/20 _ 255.255.

240.0 ___ 16/21 _ 255.255.

248.0 ___ 8/22 _ 255.255.

252.0 ___ 4/23 _ 255.255.

254.0 ___ 2is there a mistake made by you or am i just missing something since looking at that chart it should work out that there are 512 hosts thus if applied to that ip address should be 20.0> 21.255 .

since thats my clutch every time when it comes to last bit thus not sure whether you are right and its correct,or i cant even read the chart properly.since according to it /23 is 128subnets and that makes 510 usable hosts

944Member ■■■■■■■□□□The table i wrote out for you... does NOT represent

# of HOSTS.THAT is your mistake.

It simply gives you all the MAGIC NUMBERS.

That's why i called it the "

Magic #Table"."Magic #" is another name for "Range", which is another name for "Block Size" (as your picture illustrates).

Do NOT tell yourself that "Magic#/Range/BlockSize" is the SAME As

# of HOSTS.They are NOT the same.

With all that being said.... Yes, you are absolutely correct about the 512 addresses :]

THEY INCLUDE:

172.18.20.

[0-255]through 172.18.21.[0-255]You are getting off track.

But, to answer your question,

Yes, there ARE indeed

128subnets.And, there are (512)

510usuable hostsONeachSubnet.Your EYES do NOT deceive you. You ARE reading it Correctly :]

But you still don't "get" it, correct?

Well, Fear Not!

I am here to get you to the Finish Line.

Grab a pencil/paper and STart writing them out UNTIL you

getit :]I will help! Let's Start with the first subnet (Always

ZERO):1st subnet: 172.18.

[0].0 - 172.18.[1].2552nd subnet: 172.18.

[2].0 - 172.18.[3].2553rd subnet: 172.18.

[4].0 - 172.18.[5].2554th subnet: 172.18.

[6].0 - 172.18.[7].2555th subnet: 172.18.

[8].0 - 172.18.[9].2556th subnet: 172.18.

[10].0 - 172.18.[11].2557th subnet: 172.18.

[12].0 - 172.18.[13].255....

You can Keep going until you have written them All out.

lol

216Memberand you basically laid out all the ground work with them 7 lines since can see the pattern clearly on using /23 and doing rest,should only given me first line

7th subnet: 172.18.

[12].0 - 172.18.[13].2558th subnet: 172.18.[14].0 - 172.18.[15].225

9th subnet 172.18.16.0 - 172.18.[17].225

will need to come up with different masks and will lay out couple examples to see if im getting it right

944Member ■■■■■■■□□□And there was a kind

&patientPerson who took the time to help meit.getYep! Keep practicing the sub-masks that give you trouble.

Besides,

explaining things to You, helps keep them fresh for Me :]

Let's do another one:

Assume that you have an address that starts with:

172.18.0.0and the subnet mask is:

255.255.192.0So,

a) Tell me what the

Magic #is.b) Write Out all the Subnet Ranges (just like you did in your last post)

:]

216Memberok your masks magic number is 64 and since borrowing 2 bits it would be /18,so if im correct i hope so :] lets begin.

172.18.0.0

172.18.0.64

172.18.0.128

172.18.0.192

172.18.1.0

172.18.1.64

172.18.1.128

172.18.1.192

172.18.2.0

so for gods sake i hope that after 192 next number jumps to third octet.and since doing all this in my head will also guess that this mask creates 64 subnets and /23 512 /22 1024 /21 2048 /20 4096 /19 8192 (/18 16384 hosts).

or is it

172.18.0.0

172.18.64.0

172.18.128.0

172.18.192.0-

172.18.255.255ok i see i made mocery of myself as had to take a glimpse to see how many subnets were created using one of the tables i have and its obvious now that second line above would be correct

conclusion that i came to that weather its class c or class b bits borrowed creates same amount of subnets as following class c ?so not quite sure is magic number 4 or 64

944Member ■■■■■■■□□□So CLose.... SO VERY CLOSE :]

100% Correct!!100% INCORRECT!!

lol

Hmm.... i think i understand "how" you were thinking.

Let me give you a tip: There is

NO JUMPING.NONE

Once you get to

256... you have Gone TOO FAR.STOP :]

Please Stop.

lol. You don't have to count that high :]

100% CORRECT!!!!!!

lol

Its all Good, my friend. You figured it out yourself.

That's what matters :]

Okay, so let's wrap this up.

The Magic # is still

64.And you are also correct that the Subnet-Mask is /18.

Now, here is the piece you don't Know:

Take a CLOSE look at the SUbnet MAsk.

255.255.

192.0From Left to Right... LOOK for the OCTET that is

NOT"255".The 1st octet is "255".

The 2nd octet is also "255".

But, the 3rd octet is

NOT"255". (it's 192).THAT is how you Know

WHICHoctet you are working in.(Seriously.... that's it)

That is the reason your Second Guess was Correct. It's the 3rd octet!

Do you follow?

216Member128,64,[32],16,8,4,2,1 getting 192 followed up to here. then if id was to apply by some mistake another bit (32) it would be too far thus that third number indicates that all calculations should be done in 3 octet-thats the tricky part i dont understand since in my head looking at that table,i would be hard pressed to know at what point it would turn over to 4th octet,as 20 posts back had similar issue with question creating mask for 240 hosts and 200 subnets-seems like im going in circles hereAnd yeah you were dead right on my thinking what happens when reaching 192 or any other block size that is close to 256-but its clear now that it turns next octet,or two depending on block size

. Also numbers of hosts written out was just to practice it from memory,since i know there might be one or few questions asking similar for certain number of hosts and subnets likely thus,just typing it out didn't take long to get number or that mask-only made mistake on subnets created.

Also to keep memory fresh yesterday did lab on extended acls and question poped up in my head ,basically was working on two pcs in lab that were hooked to switch and router-1 on one side and same topology on other side thus the two being connected over serial link. one of questions was to write out extended acl list to prevent two pcs from my side being able to telnet to router B which would be second router over serial link,and permit same pcs to telnet to router that was on my side router A. thus used this line as my first one:

access-list 100 deny tcp 192.168.1.1 192.168.3.2 eq telnet,and second line wasaccess-list 100 deny tcp 192.168.1.200 192.168.3.2 eq telnet,since applied just random IP to both pcs on same network,so question would it been possible to use some sort of wildcard as to avoid writing two separate ACL lines.Since its only 2 ips and just few click to change ip number-but was thinking of some sort ACL just to block whole range from that network 192.168.1.1 to deny it up to192.168.1.200,guess it would be easier to block whole network then again what sort of mask one would need to use-smth like 0.0.254.0 thus network being 1 makes it odd and acl would block odd number network/s