wildcard mask range number question in chapter exam ?

pinkiaiiipinkiaiii Posts: 216Member
was doing chapter exam and got this question

What single access list statement matches all of the following networks?
192.168.16.0
192.168.17.0
192.168.18.0
192.168.19.0





with following answers possible:



access-list 10 permit 192.168.0.0 0.0.15.255
access-list 10 permit 192.168.0.0 0.0.0.255
access-list 10 permit 192.168.16.0 0.0.15.255
access-list 10 permit 192.168.16.0 0.0.3.255

Now i went with first answer even thou i know basic formula is to take away subnet mask from 255 thus in my mind for single ip it would been 255-16,which obviously isnt correct and my second choice was 3rd ACL which isnt correct.

So how does 0.0.3 fit addresses 16 to 19 on third octet,is it just any number as how many networks past 16 mark one wants to include ? since did binary on 16 which is 00010000 and 3 is 00000011 so a bit bummped up
how to calculate range of addresses,as opposed to using 0.0.0.0 or 255 as to allow all addresses in that range icon_exclaim.gif























«1

Comments

  • volfkhatvolfkhat Posts: 944Member ■■■■■■■□□□
    This is Really a math-question testing your knowledge on SUBNETS.


    Without looking/reading you answers:
    1) You have to identify the Summarization that covers all 4 subnets.
    Which would be --> 192.168.16.0 /22
    Which is also written:
    192.168.16.0
    255.255.252.0

    ~If you don't understand how i arrived at this point... you should stop, and go review how "Subnet Summarization" is done.

    2) Now that you know the Subnet is 255.255.252.0....
    You simply subtract 255 from each octet to get your Wildcard:
    0.0.3.255

    Thus, i would guess the answer is --> 192.168.16.0 and 0.0.3.255

    Hope this Helps :]
  • pinkiaiiipinkiaiii Posts: 216Member
    +1 and thank you,dont think we even covered subnet summarization in the course yet,would route summarization be same result ?

    as remember given example on the board for a minute or so,where one puts networks in binary then chops of at (magical number) to drop the load of router going trough every possible network.

    thus in my example just figuring out now from that brief minutes example one would put down networks thus at this question focusing on third octet which is 16,then if writing it down 00010000,would be 128+64+32+16=240,thus one is left with 10 bytes,even thou theoretically one cant go past 30 :]
    so 32-10=/22 cidr mask then getting 252 and

    255-252=3

    Anyways you will probably laugh your head off my attempt at this since just tried to get that number somehow icon_redface.gif following your example and trying implement what i have leant, thus making balls of myself,since even getting that number still cant understand how it would accompany next 3 networks,and if say one would need 5 or more networks in same scenario and math behind it.

    Yeah will stop at point you told and will look at subnet summarization icon_silent.gif
  • volfkhatvolfkhat Posts: 944Member ■■■■■■■□□□
    ROUTE SUMMARIZATION!
    Yes, that's what i meant to call it :]


    i tried to read the rest of your post... but i had difficulty following.

    But, the MAGIC NUMBER is "4" (in the example you provided).
    Do you "get" that?

    If not... try another teacher.
    Understanding the ZEROS & ONEs is great.... but only if it is explained effectively.

    I answered your question without grabbing a pencil. I did it ALL in my head.

    I recommend watching this guy:
    https://www.youtube.com/playlist?list=PL33E07ECCA73C0755

    he taught me EVERYTHING.

    His "MAGIC NUMBER" lessons Start at video # 37, and go through at least video 55.

    If he can teach me... then he can teach you.

    Here is his Summarization lesson:
    https://www.youtube.com/watch?v=8TFV2VycauM&index=8&list=PL045B070715AA1FE9
    
  • pinkiaiiipinkiaiii Posts: 216Member
    Thanks for clearing that up really icon_thumright.gif,as said it was only discussed for few minutes since current lecturer decided that weed skip most of routing protocols and get used to ACLs,so its a bit bouncing around chapters before we resume after new years.

    As for understanding what i tried to do,i sort of got the idea with that number 4,since once seen your reply tried to apply route summarization from memory,thus did all that calculations in head and wrote it out stright into reply,trying to come up with that subnet mask you wrote,thus thats why i said it will probably make someone like you laugh,given your signature i eat subneting icon_cool.gif.
    will def go trough videos as need as much material as i can,since i can grasp the concept just not the brightest in math,not yet anyway.
  • volfkhatvolfkhat Posts: 944Member ■■■■■■■□□□
    oh i see now :]

    well, im sure that your teacher will help show you all how.

    At the beginning of 2015... i didn't know ANY of this; so you dont have to be a SuperGenius to understand this stuff :]

    here's a great site for practicing subnets:
    www.[B][B]subnetting[/B][/B].[B][B]net[/B][/B]/[B][B]Subnetting[/B][/B].aspx?mode=practice
    



    i recommending trying it for 10-15 minutes per day
  • satishtechsatishtech Posts: 243Member
    which book is the chapter from ?

    yes answer is access-list 10 permit 192.168.16.0 0.0.3.255
    3 wild card is subnetting 4 , and thus encompasses 16,17,18,19
  • pinkiaiiipinkiaiii Posts: 216Member
    its from netacad chtp9 on ACLs chapter test-thus as mentioned , because of skipping many chapters to do acls,this was a throw off question that got me interested how it came to that number.

    +1 on danscourses,the guy has thought me more ,as compared sitting in lectures.
  • MooseboostMooseboost Senior Member Posts: 767Member ■■■■□□□□□□
    Understanding wild card masking will require a good understanding of subnetting and route summarization. Essentially, I think of wild card as the inverse of a subnet. In order to have a better understanding of flipping the bits, I would understand subletting from a binary point. Chris Bryant has some good videos about it.
    2019 Certification Goals: OSCE OSWE
    Blog: https://hackfox.net
  • pinkiaiiipinkiaiii Posts: 216Member
    Agree on knowing subneting right is cruicial,thus trying to do them tests on site that volfkhat has posted,

    But still weak on class B,heres example question:

    [h=2]What subnet mask would you use for the 172.23.0.0 network, such that you can get 240 subnets and 200 hosts per subnet?[/h]
    now i went with the answer of /22,while wasn't sure about using /23 just because now knowing answer and rereading question,that 240-200 was bit of throw off.But as someone who knows subneting will see that either mask is wrong,thus not sure how its worked out to be default class c mask on class b subnet.

    Just trying to comfortable with such questions,not sure would that go into ccna scope but seems very close.
  • GDainesGDaines Posts: 272Member ■■■□□□□□□□
    I like this question because I just stared at it blankly which made me realize I have to revisit subnetting and wildcard masks before going anywhere near an exam center. I 'get' them, but clearly I haven't memorized them enough yet.
  • pinkiaiiipinkiaiii Posts: 216Member
    subnetting.net - Subnet Questions and Answers im practicing them in the link that i got provided,but I know im not even close to being comfortable as variety of questions i get can mislead me easily.

    Another ACL question with wildcard bits that easy rumbled my mind

    access-list 50 permit 192.168.122.128 0.0.0.63 will ip 192.168.122.195 will be permitted or denied ?

    since seeing ip 192.168.122.195 its subent mask would be 255.255.255.0,but then am i right to think it should actually be seen as 255.255.255.255 (-) minus .63 thus getting answer 192 and it would seem since i see the number clearly now its deny because it falls under 195.

    I know some might seem annoyed by such questions,but i found that it really helps practice subneting and wildcard bits,subnet masks-since eventually it will have to come together,and seeing not only single ip or subnet but few factors to consider really makes my brain to push for it.
  • volfkhatvolfkhat Posts: 944Member ■■■■■■■□□□
    pinkiaiii wrote: »
    But still weak on class B,heres example question:

    What subnet mask would you use for the 172.23.0.0 network, such that you can get 240 subnets and 200 hosts per subnet?

    ha!
    It's a trick Question :]

    I actually had to read it TWICE, before i figured it out (took about 30 seconds).
    but Again.... i solved it withOUT a pen/pencil; just counted with my fingers.

    the answer is /24
    also known as: 255.255.255.0

    Watch Dan's video on VLSM; (video # 53 & 54).

    So... how do you solve this type of Q:
    A)
    Recognize that they are giving you a requirement for TWO things:
    a certain # of Subnets,
    and a certain # of HOSTS within each subnet.

    B)
    So which do you focus on?
    Well... it kind of depends :]
    But to keep things simple ---> Focus on the # of Hosts.
    (it takes precedence)

    C)
    You do this by multiplying by POWERS of 2:
    2 x 2 = 4             (4 total addresses)
    2 x 2 x 2 = 8        (8 total addresses)
    2 x 2 x 2 x 2 = 16  (16 total addresses)
    
    (hopefully you see where im going)

    The requirement in your question is asking for 200 Hosts.
    Thus, the solution is simply:
    2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 = 256 (total addresses)

    Now, count up How many "2"s you have. (this is where i used my fingers).
    the Answer is ---> 8.
    8 Bits.
    8 BORROWED bits.

    They were borrowed from the 32 (the max/total # of bits).

    Thus,
    32 (total bits) - 8 (host bits) = 24 (left-over-for-the-subnet) bits.
    aka ---> /24

    Eyeball Test:
    If you still don't believe me.... then allow me to point to the Obvious.
    Here are the addresses of the 240 subnets:
    172.23.0.[0-255]
    172.23.1.[0-255]
    172.23.2.[0-255]
    172.23.3.[0-255]
    ...
    172.23.237.[0-255]
    172.23.238.[0-255]
    172.23.239.[0-255]

    Finito!
    (fyi, this was EASY to do.... but VERY hard to explain. lol)
  • MooseboostMooseboost Senior Member Posts: 767Member ■■■■□□□□□□
    Remember, if they are asking for a range of hosts or subnets - that you will need to use VLSM. That class B mask will only apply for classful networks. If you are breaking up the network, you are not using the classful mask.
    2019 Certification Goals: OSCE OSWE
    Blog: https://hackfox.net
  • pinkiaiiipinkiaiii Posts: 216Member
    good breakdown volfkhat,since you managed to solve it in less then 30sec and with fingers shows u know it instantly now.

    That class B mask will only apply for classful networks. If you are breaking up the network, you are not using the classful mask.

    can you shed more light on that sentence ? if i understand correctly if ip would been say 172.15.x.x it would be class-less ip to begin with,since class b is 172.16 to 172.32 ?
    Btw all stuff that i type out its from head no pen or paper either,but seems still long ways to go before applying it correctly icon_study.gif
  • volfkhatvolfkhat Posts: 944Member ■■■■■■■□□□
    I'm no whiz....i just had a great instructor.

    imo,
    I wouldnt worry about "what is Class B" and what not.
    it DOESN'T matter At ALL.
    (in fact, it kind of confuses things)

    Instead, just focus on identifying the SUBNET MASK.
    That's ALL you ever need.
    pinkiaiii wrote: »
    access-list 50 permit 192.168.122.128 0.0.0.63 will ip 192.168.122.195 will be permitted or denied ?

    perfect example.
    if the wildcard is 0.0.0.63....
    then i subtract 255 from EACH octet to get the Subnet Mask:
    255.255.255.192

    From here, we know the MAgic Number is 64, right?

    So the address range of the ACL is:
    192.168.122.[128-191]

    ANd so,
    the address in question --> 192.168.122.195
    is NOT on the ACL's subnet.

    Thus, DENIED (implicitly)
  • pinkiaiiipinkiaiii Posts: 216Member
    one more example of route summarization acl

    access-list 20 permit 192.0.2.11 0.0.0.15 will ip 192.0.2.17 be denied or permited

    so in this example ip isnt classfull how does one calculate it ?

    would it be smth like this:focusing on number eleven last octet

    00001011 11
    00001100 12
    00001101 13
    00001110 14
    00001111 15

    00010000 16
    00010001 17

    So splitting it like this i can see now that anything past 15 would be different mask thus 17 not falling into that category,thus denied but wonder is there a way just by looking at mask to make calculations like that in simpler way ?rather then listing all bits as i did above thus loosing couple minutes of writing them out.

    and similar one :access-list 10 permit 192.168.15.0 0.0.0.3 will ip 192.168.15.5 will be permitted

    if looking at 0 to 5 here it would be

    00000000 0
    00000001 1
    00000010 2
    00000011 3
    00000100 4
    00000101 5

    thus when all is written out its clear that after number 3 number 4-5 changes all mask but comparing first and second questions there isnt clear cut off point like in the first one,where cut off line is clear at 4 bits mark which coincidentally is 15 when converted into decimal,thus for some reason i get confused with route summarization and wildcard masks when given such questions,so i guess my question should i just focus on wildcard mask number to determine if given ip is in that range.
  • volfkhatvolfkhat Posts: 944Member ■■■■■■■□□□
    Okay,
    i like your method of solving the questions.
    You write out the BINARY.... and then you Look for when it splits.
    Good stuff :]
    pinkiaiii wrote: »
    ...thus denied but wonder is there a way just by looking at mask to make calculations like that in simpler way ?rather then listing all bits as i did above thus loosing couple minutes of writing them out.

    YES!!

    The MAGIC NUMBER reveals all.
    lol

    Temporarily, forget about the ZEROS and ONES.

    Grab a pencil/paper and WRITEOUT this table:

    "SUBNET MASK" --- "Magic #"
    __________________________
    255.255.255.0 - - - -- 256

    255.255.255.128 ---- 128
    255.255.255.192 -- -- 64
    255.255.255.224 -- -- 32
    255.255.255.240 -- -- 16

    255.255.255.248 -- -- 8
    255.255.255.252 ---- 4
    255.255.255.254 ---- 2
    ______________________

    There is a Pattern here.... can you Find it?
    (i BOLD the last octet... as a hint.)

    ANswer:
    The 'Last Octet' is NOT the other Octets (255).

    lol
    Okay, just kidding.
    The "Last Octet" + the "Magic Number" will Always Equal = 256.

    THAT is the PAttern.
    Go and take another look at the table.... Do you see it now?

    So, just by Looking at any SUbnet Mask... you can Quicklyy get the MAGIC Number.

    Okay great, so Now WHat??

    Well, the Magic Number tells you the SIZE of its subnet.

    Or, better stated:
    the Magic Number tells you the RANGE of its subnet.


    For example:
    Let's look at your home LAN ---> 192.168.1.0

    I'm guessing your Magic # is probably 256.
    So, the Size/Range of your subnet is:
    192.168.1.[0-255]

    You follow?

    Now,
    what if the Magic # was 128?
    Well, your LAN would be either:
    192.168.1.[0-127]
    or
    192.168.1.[128-255]

    Two possible SUbnets... but both Ranges are 128 addresses.

    ---
    ANd, Now, its your Turn!
    what if the Magic # was 64?

    Give me the RANGES for the Subnets :]
  • GDainesGDaines Posts: 272Member ■■■□□□□□□□
    pinkiaiii wrote: »
    one more example of route summarization acl

    access-list 20 permit 192.0.2.11 0.0.0.15 will ip 192.0.2.17 be denied or permited

    I hope I'm not going to come unstuck, but I'm seeing that the block size is one higher than the wildcard mask. In the example the mask is 15 on the last octet so the block size is 16. Therefore the host ranges are 0-15, 16-31 etc (we can stop here because we've identified the host addresses already). As we can see, 11 falls in the 0-15 subnet and 17 in the 16-31 subnet - different subnets so they can't see each other, so it will be denied.
    pinkiaiii wrote: »
    Another ACL question with wildcard bits that easy rumbled my mind

    access-list 50 permit 192.168.122.128 0.0.0.63 will ip 192.168.122.195 will be permitted or denied ?

    And the same still works for this one. The mask is 63 so the block size is 64, therefore the host ranges are 0-63, 64-127, 128-191 and 192-255. The 128 host is in the 3rd range while the 195 host is in the 4th range, so again the answer is denied.
  • pinkiaiiipinkiaiii Posts: 216Member
    GDaines i guess thats what i was missing just looking at block size and determining whether its in same subnet or on different one.

    also thanks wolfkhat :)

    ranges for 64 second bit =4subnets

    0-64 usable 1 -62
    64-128 65-126
    128-192 129-191
    192-256 193-254

    now if i were given b class ip i would of had troubles doing it :) but slowly getting to them as well,just for the fact that it would be harder to list some networks specially those that turn out to be say 255 as valid address,or when last octet turns next one thus simple example where say 172.18.20.xxx>172.18.21.0,xxx since dont know what sort of mask would make it turn to next,is it /24 or /23

    I guess its a lot of practice and having good teacher that makes such things overcoming in days rather then weeks.But because of your given examples at least i learned something of value today thus,day not wasted icon_thumright.gif
  • volfkhatvolfkhat Posts: 944Member ■■■■■■■□□□
    pinkiaiii wrote: »
    ranges for 64 second bit = 4 subnets

    0-64 usable 1 -62
    64-128 65-126
    128-192 129-191
    192-256 193-254

    Wrong!!!
    but you are 95% there:

    0-63 ____ 1 -62
    64-127 __ 65-126
    128-191 _ 129-191
    192-255 _ 193-254

    I did BOLD so that you see the difference :]
    pinkiaiii wrote: »
    now if i were given b class ip i would of had troubles doing it icon_smile.gif but slowly getting to them as well,just for the fact that it would be harder to list some networks,,,

    ha!
    Its Not as hard as you think.
    the Magic # Actually repeats:
    __________________________
    /16 _ 255.255.0.0- - - -- 256

    /17 _ 255.255.128.0---- 128
    /18 _ 255.255.192.0-- -- 64
    /19 _ 255.255.224.0-- -- 32
    /20 _ 255.255.240.0-- -- 16

    /21 _ 255.255.248.0-- -- 8
    /22 _ 255.255.252.0---- 4
    /23 _ 255.255.254.0 ---- 2

    /24 _ 255.255.255.0 ---- 256
    ______________________

    So,
    in your example of:
    "172.18.20.xxx - 172.18.21.xxx"

    It's the 3rd octet that we focus on.
    And we see that the Range/Size is 2. (which includes '20' and '21').

    So, looking at the table, which Subnet Mask will it be?
  • pinkiaiiipinkiaiii Posts: 216Member
    well given by your example only number that suits 20-21 would be /24.Otherwise using any other mask would change network number in third octet according to magical number,if im correct thus also number making number 255 being in range as well as BR address.
  • volfkhatvolfkhat Posts: 944Member ■■■■■■■□□□
    hmmmm...

    well, it appears that i am not a Good explainer of subnets.
    lol

    The subnet Range is 2 (because you want to include '20' to '21').

    To state it another way:
    If the Range is 2,
    then the MAGIC # is also 2.
    ('Range' and 'Magic #' are the SAME thing)

    Looking at the 'Magic #' table that i post earlier...
    the correct subnet mask is a /23
    aka, 255.255.254.0


    In fact,
    if you WROTE OUT the entire Subnet Mask Table... then you would see that it actually Repeats every 8 bits.
    ( i will post it separately; hopefully it helps; not Complicates)
  • volfkhatvolfkhat Posts: 944Member ■■■■■■■□□□
    cidr _ Subnet Mask _ Magic#
    /8 __ 255.0.0.0 _____ 256
    /9 __ 255.128.0.0 ___ 128
    /10 _ 255.192.0.0 ___ 64
    /11 _ 255.224.0.0 ___ 32
    /12 _ 255.240.0.0 ___ 16
    /13 _ 255.248.0.0 ___ 8
    /14 _ 255.252.0.0 ___ 4
    /15 _ 255.254.0.0 ___ 2

    /16 _ 255.255.0.0 _____ 256
    /17 _ 255.255.128.0 ___ 128
    /18 _ 255.255.192.0 ___ 64
    /19 _ 255.255.224.0 ___ 32
    /20 _ 255.255.240.0 ___ 16
    /21 _ 255.255.248.0 ___ 8
    /22 _ 255.255.252.0 ___ 4
    /23 _ 255.255.254.0 ___ 2

    /24 _ 255.255.255.0 _____ 256
    /25 _ 255.255.255.128 ___ 128
    /26 _ 255.255.255.192 ___ 64
    /27 _ 255.255.255.224 ___ 32
    /28 _ 255.255.255.240 ___ 16
    /29 _ 255.255.255.248 ___ 8
    /30 _ 255.255.255.252 ___ 4
    /31 _ 255.255.255.254 ___ 2

    So, in your example,
    if the Range is '2',
    then the correct Subnet Mask is limited to either /15, /23, or /31.


    If in another example,
    the Range is '16',
    then the correct Subnet Mask is limited to either /12, /20, or /28.

    Hopefully, you see the pattern :]
  • pinkiaiiipinkiaiii Posts: 216Member
    /16 _ 255.255.0.0 _____ 256
    /17 _ 255.255.128.0 ___ 128
    /18 _ 255.255.192.0 ___ 64
    /19 _ 255.255.224.0 ___ 32
    /20 _ 255.255.240.0 ___ 16
    /21 _ 255.255.248.0 ___ 8
    /22 _ 255.255.252.0 ___ 4
    /23 _ 255.255.254.0 ___ 2



    is there a mistake made by you or am i just missing something since looking at that chart it should work out that there are 512 hosts thus if applied to that ip address should be 20.0> 21.255 .

    since thats my clutch every time when it comes to last bit thus not sure whether you are right and its correct,or i cant even read the chart properly.since according to it /23 is 128subnets and that makes 510 usable hosts
  • volfkhatvolfkhat Posts: 944Member ■■■■■■■□□□
    pinkiaiii wrote: »
    is there a mistake made by you or am i just missing something since looking at that chart it should work out that there are 512 hosts thus if applied to that ip address should be 20.0> 21.255 .

    The table i wrote out for you... does NOT represent # of HOSTS.
    THAT is your mistake.
    It simply gives you all the MAGIC NUMBERS.
    That's why i called it the "Magic # Table".
    "Magic #" is another name for "Range", which is another name for "Block Size" (as your picture illustrates).

    Do NOT tell yourself that "Magic#/Range/BlockSize" is the SAME As # of HOSTS.
    They are NOT the same.

    With all that being said.... Yes, you are absolutely correct about the 512 addresses :]

    THEY INCLUDE:
    172.18.20.[0-255] through 172.18.21.[0-255]
    pinkiaiii wrote: »
    since thats my clutch every time when it comes to last bit thus not sure whether you are right and its correct,or i cant even read the chart properly.since according to it /23 is 128subnets and that makes 510 usable hosts


    You are getting off track.
    But, to answer your question,
    Yes, there ARE indeed 128 subnets.
    And, there are (512) 510 usuable hosts ON each Subnet.

    Your EYES do NOT deceive you. You ARE reading it Correctly :]

    But you still don't "get" it, correct?

    Well, Fear Not!
    I am here to get you to the Finish Line.

    Grab a pencil/paper and STart writing them out UNTIL you get it :]
    I will help! Let's Start with the first subnet (Always ZERO):

    1st subnet: 172.18.[0].0 - 172.18.[1].255
    2nd subnet: 172.18.[2].0 - 172.18.[3].255
    3rd subnet: 172.18.[4].0 - 172.18.[5].255
    4th subnet: 172.18.[6].0 - 172.18.[7].255
    5th subnet: 172.18.[8].0 - 172.18.[9].255
    6th subnet: 172.18.[10].0 - 172.18.[11].255
    7th subnet: 172.18.[12].0 - 172.18.[13].255
    ....

    You can Keep going until you have written them All out.
    lol
  • pinkiaiiipinkiaiii Posts: 216Member
    LoL thx for all your time man,was tired last night and only slept 4 hours till now,so mind can play tricks.With that said not sure are you ccna or above,but you should look into giving private classes icon_cool.gif since seems you got nerves of steel when it comes to explaining stuff.

    and you basically laid out all the ground work with them 7 lines since can see the pattern clearly on using /23 and doing rest,should only given me first line icon_redface.gif

    7th subnet: 172.18.[12].0 - 172.18.[13].255
    8th subnet: 172.18.[14].0 - 172.18.[15].225
    9th subnet 172.18.16.0 - 172.18.[17].225

    will need to come up with different masks and will lay out couple examples to see if im getting it right icon_thumright.gif
  • volfkhatvolfkhat Posts: 944Member ■■■■■■■□□□
    Once upon a time... "I" was "You".

    And there was a kind & patient Person who took the time to help me get it.
    pinkiaiii wrote: »
    will need to come up with different masks and will lay out couple examples to see if im getting it right icon_thumright.gif

    Yep! Keep practicing the sub-masks that give you trouble.

    Besides,
    explaining things to You, helps keep them fresh for Me :]


    Let's do another one:
    Assume that you have an address that starts with:
    172.18.0.0
    and the subnet mask is:
    255.255.192.0

    So,
    a) Tell me what the Magic # is.
    b) Write Out all the Subnet Ranges (just like you did in your last post)

    :]
  • pinkiaiiipinkiaiii Posts: 216Member
    was first day back to college today,seemed like holidays melted half my brains,at least managed to remember most commands for ACLs-and brought topic forward about wildcards so might get some more attention come this week on the topic.


    ok your masks magic number is 64 and since borrowing 2 bits it would be /18,so if im correct i hope so :] lets begin.

    172.18.0.0
    172.18.0.64
    172.18.0.128
    172.18.0.192
    172.18.1.0
    172.18.1.64
    172.18.1.128
    172.18.1.192
    172.18.2.0

    so for gods sake i hope that after 192 next number jumps to third octet.and since doing all this in my head will also guess that this mask creates 64 subnets and /23 512 /22 1024 /21 2048 /20 4096 /19 8192 (/18 16384 hosts).

    or is it
    172.18.0.0
    172.18.64.0
    172.18.128.0
    172.18.192.0-172.18.255.255

    ok i see i made mocery of myself as had to take a glimpse to see how many subnets were created using one of the tables i have and its obvious now that second line above would be correct
    conclusion that i came to that weather its class c or class b bits borrowed creates same amount of subnets as following class c ?so not quite sure is magic number 4 or 64 icon_silent.gif
  • volfkhatvolfkhat Posts: 944Member ■■■■■■■□□□
    Oh Man.
    So CLose.... SO VERY CLOSE :]
    pinkiaiii wrote: »
    ok your masks magic number is 64 and since borrowing 2 bits it would be /18,so if im correct i hope so :] lets begin.

    100% Correct!!

    pinkiaiii wrote: »
    172.18.0.0
    172.18.0.64
    172.18.0.128
    172.18.0.192
    172.18.1.0
    172.18.1.64
    172.18.1.128
    172.18.1.192
    172.18.2.0

    100% INCORRECT!!
    lol
    pinkiaiii wrote: »
    so for gods sake i hope that after 192 next number jumps to third octet...

    Hmm.... i think i understand "how" you were thinking.
    Let me give you a tip: There is NO JUMPING.
    NONE
    Once you get to 256... you have Gone TOO FAR.
    STOP :]
    pinkiaiii wrote: »
    and since doing all this in my head will also guess that this mask creates 64 subnets and /23 512 /22 1024 /21 2048 /20 4096 /19 8192 (/18 16384 hosts).
    Please Stop.
    lol. You don't have to count that high :]
    pinkiaiii wrote: »
    or is it
    172.18.0.0
    172.18.64.0
    172.18.128.0
    172.18.192.0-172.18.255.255

    100% CORRECT!!!!!!
    lol
    pinkiaiii wrote: »
    ok i see i made mocery of myself as had to take a glimpse to see how many subnets were created using one of the tables i have and its obvious now that second line above would be correct
    Its all Good, my friend. You figured it out yourself.
    That's what matters :]
    pinkiaiii wrote: »
    conclusion that i came to that weather its class c or class b bits borrowed creates same amount of subnets as following class c ?so not quite sure is magic number 4 or 64 icon_silent.gif

    Okay, so let's wrap this up.
    The Magic # is still 64.

    And you are also correct that the Subnet-Mask is /18.

    Now, here is the piece you don't Know:
    Take a CLOSE look at the SUbnet MAsk.
    255.255.192.0

    From Left to Right... LOOK for the OCTET that is NOT "255".

    The 1st octet is "255".
    The 2nd octet is also "255".
    But, the 3rd octet is NOT "255". (it's 192).

    THAT is how you Know WHICH octet you are working in.

    (Seriously.... that's it)

    That is the reason your Second Guess was Correct. It's the 3rd octet!

    Do you follow?
  • pinkiaiiipinkiaiii Posts: 216Member
    so following your summary it comes out like 128,64,[32],16,8,4,2,1 getting 192 followed up to here. then if id was to apply by some mistake another bit (32) it would be too far thus that third number indicates that all calculations should be done in 3 octet-thats the tricky part i dont understand since in my head looking at that table,i would be hard pressed to know at what point it would turn over to 4th octet,as 20 posts back had similar issue with question creating mask for 240 hosts and 200 subnets-seems like im going in circles here icon_rolleyes.gif

    And yeah you were dead right on my thinking what happens when reaching 192 or any other block size that is close to 256-but its clear now that it turns next octet,or two depending on block size


    . Also numbers of hosts written out was just to practice it from memory,since i know there might be one or few questions asking similar for certain number of hosts and subnets likely thus,just typing it out didn't take long to get number or that mask-only made mistake on subnets created.


    Also to keep memory fresh yesterday did lab on extended acls and question poped up in my head ,basically was working on two pcs in lab that were hooked to switch and router-1 on one side and same topology on other side thus the two being connected over serial link. one of questions was to write out extended acl list to prevent two pcs from my side being able to telnet to router B which would be second router over serial link,and permit same pcs to telnet to router that was on my side router A. thus used this line as my first one:access-list 100 deny tcp 192.168.1.1 192.168.3.2 eq telnet,and second line was access-list 100 deny tcp 192.168.1.200 192.168.3.2 eq telnet,since applied just random IP to both pcs on same network,so question would it been possible to use some sort of wildcard as to avoid writing two separate ACL lines.Since its only 2 ips and just few click to change ip number-but was thinking of some sort ACL just to block whole range from that network 192.168.1.1 to deny it up to 192.168.1.200 ,guess it would be easier to block whole network then again what sort of mask one would need to use-smth like 0.0.254.0 thus network being 1 makes it odd and acl would block odd number network/s
«1
Sign In or Register to comment.