05-23-2011 12:56 AM - edited 03-06-2019 05:11 PM
Hi all,
Didn't want it to come to this but I am stumped by a ACL that is using a mask of 0.255.240.7. This does not fit with my understanding of valid masks...
I am working with some existing config and trying to understand what is going on. It is as though the mask was written to capture certain ranges of 3rd and 4th octet. However it is as thought the mask starts as a wildcard and then tries to be a SM and then back to WildCard...
Please educate me.
05-23-2011 01:12 AM
Hi,
Please post the actual ACLs. Seems we are going to do the math on this problem.
Toshi
05-23-2011 02:06 AM
Hi,
wildcard masks must be interpreted in binary where bits turned on mean don't care about these positions in the ip address.
So here 0.255.40.7 in binary is 00000000.11111111.00101000.00000111
So the first 8 bits must be equal, you don't care about the next 8 bits then the next 2 must be equal as well as 4th, 6th, 7th and 8th, then in final octet you don't care about the last 3 bits.
But as toshi said we need the ACL to calculate which IPs we are masking.
Regards.
Alain.
05-23-2011 05:18 AM
Hi again,
Thanks for the reply.
It's permit udp 10.0.12.8 0.255.240.7 any range 5004 5005
I guess I have never attempted anything this specific before.
05-23-2011 05:29 AM
Hi,
using a nice free Boson Wildcard mask checker tool:
"IP Address: 10.0.12.8
Wildcard mask: 0.255.240.7
First Octet Match(es)
10
Second Octet Match(es)
0- 255
Third Octet Match(es)
12
28
44
60
76
92
108
124
140
156
172
188
204
220
236
252
Fourth Octet Match(es)
8- 15"
HTH,
Milan
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide