Wildcard mask is very different from subnet mask.
The values for subnet mask can be 128,192,224,240,248,252,254 and 255.
On the other hand, wild card mask values are: 127,63,31,15,7,3,1 and 0.
The tip out here is that simply subtract subnet mask value from 255.
In ACLS and OSPF network statements, we use wild card mask, 127 will be: 011111111 which means match the first bit and ignore the other 7.
I will try to post as many tips as i can in coming days.
I want to add a comment about ACLs, here ACLs specifically means IOS (router ACLs ). Pix ACLs use subnet mask.
Comment by vjamnal — June 7, 2006 @ 6:27 am
I am looking for any good tutorial/howto/information to learn ACL.
Can you advice some materials please?
Comment by marwooj — September 19, 2006 @ 6:01 am
Check for this site,
http://www.2000trainers.com/
This site is really good if you want to learn basics.
Comment by Pradeep Yadav — April 27, 2009 @ 3:12 am
Hi Marwooj
Below is a pretty useful document on ACL’s.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_cr/secur_c/scprt3/scacls.htm
let me know if you have any specific questions.
-Sikandar Singh
Comment by Sikandar — September 19, 2006 @ 6:11 am
For a tip on determining wildcard masks for ip ranges look at the total range of your ip addresses (192.161.12.67 – 192.168.33.101), look at each octet and subtract the difference from the smallest number to the largest number. This will determine the value for that octet. So for the small example above the difference in the first octet is 192 – 192 = 0, second octet 168 – 161 = 7, third octet 33 – 12 = 21, and the fourth octet 101 – 67 = 34 making your wildcard mask 0.7.21.67. Easy pease japaneasy.
Comment by God — May 2, 2008 @ 12:46 am
oh my god. u are totally wrong.
Comment by azo — June 17, 2009 @ 6:15 pm
Oh my God ! your example is false God !
Don’t forget “On the other hand, wild card mask values are: 127,63,31,15,7,3,1 and 0.”
But the basic idea is not so bad
Comment by Rico — July 11, 2008 @ 9:13 pm