Solved: Basic subnetting question has me stumped

hfakoor222 · ‎04-08-2024

Question in Book:

The following ACE is typed into configuration mode on a router: access-list 1 permit
10.44.38.0 0.0.3.255. If this statement had instead used a different mask, with nothing else
changed, which of the following choices for mask would result in a match for source IP address
10.44.40.18?
a. 0.0.1.255
b. 0.0.5.255
c. 0.0.7.255
d. 0.0.15.255

I answered B. Book says it is D.

To me B seems obvious that it covers both .38 and .40:

To go from 38 to 40 the 2^5 seems to cover it... unless it's implying that it needs to match all 8 bits?? (See below)

10.44.38.0 in binary:

00001010.00101100.00100110.00000000

10.44.40.18 in binary:

00001010.00101100.00101000.00010010

Someone shed some light onto this?

indra7867 · ‎04-08-2024

Hi, I think The trick is to understand what is valid subnet and then go for wildcard mask for it.
So,
access-list 1 permit 10.44.38.0 0.0.3.255 <<< This is talking of /22 network, so pair is 0-3,4-7,8-11,...,36--39 ,40--43>>>

so 10.44.40.18 will be out of range for /22 , as 3rd octed .38. and .40. will not be in same subnet.

access-list 1 permit 10.44.38.0 0.0.5.255 <<This seems to be invalid mask,You cannot use 255.255.250.0 >>

access-list 1 permit 10.44.38.0 0.0.7.255 <</21, So valid pairs of subnet are 0-7,32--39,40--47,Hence this is not included>>

Hence option D is correct answer as 0.0.15.255 - cover 0-15,16--31 ,32 - 47 so, 3rd octet is covered in option D

View solution in original post

indra7867 · ‎04-08-2024

Hi, I think The trick is to understand what is valid subnet and then go for wildcard mask for it.
So,
access-list 1 permit 10.44.38.0 0.0.3.255 <<< This is talking of /22 network, so pair is 0-3,4-7,8-11,...,36--39 ,40--43>>>

so 10.44.40.18 will be out of range for /22 , as 3rd octed .38. and .40. will not be in same subnet.

access-list 1 permit 10.44.38.0 0.0.5.255 <<This seems to be invalid mask,You cannot use 255.255.250.0 >>

access-list 1 permit 10.44.38.0 0.0.7.255 <</21, So valid pairs of subnet are 0-7,32--39,40--47,Hence this is not included>>

Hence option D is correct answer as 0.0.15.255 - cover 0-15,16--31 ,32 - 47 so, 3rd octet is covered in option D

Joseph W. Doherty · ‎04-08-2024

"The trick is to understand what is valid subnet and then go for wildcard mask for it."

Although ACE masks often are most used to match prefixes, they don't have to, which this question doesn't actually require.

"0.0.5.255 <<This seems to be invalid mask"

Actually it's a valid mask, just not correct for the question.

The question was to match a specific IP, not a subnet that encompasses that IP.

Joseph W. Doherty · ‎04-08-2024

Answer D is correct. BTW, it's not the only mask that would work.

The purpose of a mask is to make the two bit configurations alike.

Compare your two binary values, what bits must be changed to make them alike.

Also try a mask of 0.0.14.255.

Joseph W. Doherty · ‎04-08-2024

Perhaps this will help.

10.44.38.0 in binary: 00001010.00101100.00100110.00000000
10.44.40.18 in binary:00001010.00101100.00101000.00010010
differences: ^^^ ^ ^
you need a mask to eliminate the differences
the minimum mask: 00000000.00000000.00001110.00010010 or 0.0.14.18
or the D answer mask: 00000000.00000000.00001111.11111111 or 0.0.15.255
answers A, B and C don't handle all the correct bits in the 3rd octet