CCENT, CCNA, CCNP, CCDA, CCDP, CCDE, CCIE, CCSP, CCVP, CCIP.
User avatar
markrohlf
New Member
Posts:
41
Joined:
Fri Mar 11, 2005 11:31 am

ANDing with a Wildcard Mask

Tue Mar 15, 2005 10:36 am

Hello all;

Ok ... everyone remember when you first learned subnetting? You learned about the anding process.

So when you have an IP and SnM, you can AND them to get your subnet number.

For example

IP - 192.168.1.129
Mask - 255.255.255.224

11000000.10101000.00000001.10000001
11111111.11111111.11111111.11100000
------------------------------------------------
11000000.10101000.00000001.10000000

Ok ... straight forward ... great ... no problem.

So ... here is my question.

How does the ANDing process work when applying a wildcard mask in ... say ... an ACL statement, or an OSPF network statement.

How does the router do the math?

For example.

Router(config)#access-list 199 permit ip 172.16.0.0 0.0.255.255 any log

10101100.00010000.00000000.00000000
00000000.00000000.11111111.11111111
------------------------------------------------
00000000.00000000.00000000.00000000

Of course ... this does not make sense ... so the ANDing process works differently. Or it doesn't AND it at all.

So ... how does the router do the math?

thanx
mr
*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*
Mark Alan Rohlf, MIT, CCNA, CCAI
Network Administrator - Memorial Health Systems
"Batches? We don' need no steenking batches!"

User avatar
dpocoroba
CCIE #18559
Posts:
824
Joined:
Thu Dec 09, 2004 6:38 pm
Certs:
CCIE R&S

Tue Mar 15, 2005 11:22 am

Not sure about ANDing (never learned it that way :) ) but anyways. The best way to calculate the inverse mask for ACL/OSPF etc is pretty simple. I posted it on here before however I cant find my link.

Take 255 - you subnet.

So ex: say you have 255.255.255.252
The inv: 0.0.0.3

255.255.255.240 = 0.0.0.15

Not sure exactly how the router "knows" what to do with the inverse mask.. it just knows :)


DP
"Knowledge is contagious, infect"

HCLs
Member
Posts:
210
Joined:
Mon Jan 31, 2005 5:48 am

Tue Mar 15, 2005 11:27 am

What i think...
might be the router just looks how many the 0-bits the Wildcard mask has and then uses them for the matching process.
In this case:

IP - 10101100.00010000.00000000.00000000
WM- 00000000.00000000.11111111.11111111

We have 16 "0-bits" in the wildcard mask => match only the first 16 bits from the IP. You are right, the AND-ing doesn't make any sense, the XOR, OR , NOT, too. So i think it just matches the 0-bits in the wildcard mask with the IP and uses the result. :(
Did you update today? -> www.windowsupdate.com

'

Return to Cisco Certifications

Who is online

Users browsing this forum: nestiern and 11 guests