Hardcore Techie
wildcard mask
This is my issue with wildcard mask.if im giving an ip network and a subnet mask its not difficult to calculate the wildcard mask but my problem is when they ask for a range of host to block via ACl and then they ask for a wildcard to go with it for example. 172.13.1.0 255.255.255.0. Then they ask to block the first 5 ip addresses thats when i have difficulty finding the mask. anyone know a quick formula or some form of document to assist me? thanks
The price of anything is the amount of life you exchange for it.
Henry David Thoreau
Junior Techie
Your example is unclear because you gave the mask, but if you are given the ip network the wildcard would be one less than the block size. For example if the network is 192.12.7.0 with a /27 or 255.255.255.224 then the block size is 32 and the wildcard is 31 which would be written as 0.0.0.31. Hope I answered the question.
Hardcore Techie
Kevon i know how to calculate that kind of of wildcard as i stated above but this is when i have an issue. If it was requested of me to block the first 5 ip address from network 192.12.7.0 /24 from sending traffic. so in other words block 192.12.7.1 - 192.12.7.5 how would i write the wildcard mask in this example for my ACL.Originally Posted by kevon
The price of anything is the amount of life you exchange for it.
Henry David Thoreau
Newbie
Hi,
In your case, what I would do is break down the current subnet. So, I will have an ACL blocking 192.12.7.0/29 and permit the rest
ip access-list ext TEST
deny ip 192.168.7.0 0.0.0.7 any
permit ip any any
Newbie
Its important to note that the number of host you want to block/permit has to be to the power of 2. example, you can block/pemit 2, 4, 8, 16, or 32 hosts.. but not 5. Same approach as subnetting. Hope this helps.
Posting Permissions
Reply With Quote