Skip navigation
Cisco Learning Home > Certifications > Routing & Switching (CCNA) > Discussions

_Communities

This Question is Not Answered 1 Correct Answer available (4 pts) 2 Helpful Answers available (2 pts)
42161 Views 16 Replies Latest reply: May 20, 2011 1:32 PM by dkelley RSS 1 2 Previous Next

Currently Being Moderated

Wildcard Mask VS Subnet Mask

Nov 10, 2008 11:25 PM

Chetan 539 posts since
Jul 26, 2008

 

Hi Guys,

 

 

Here is a question that has always disturbed me from the day I came to know of these two words:

 

 

1. Subnet Mask

 

 

2. Wildcard Mask

 

 

 

 

 

When we configure an IP address on an interface, when we give network command in DHCP pool, when we specify the inside global range in NAT Pool we use SUBNET MASK

 

 

When we configure networks in OSPF, when we configure networks in EIGRP (not compulsory though), and in ACLs, we use WILDCARD MASK.

 

 

Why had CISCO experts decided to use two different concepts to accomplish the same aim ?

 

 

For example,

 

 

192.168.1.0 / 0.0.0.255 ( WildCard Notation) specify IP Range 192.168.1.0 to 192.168.1.255

 

 

and

 

 

192.168.1.0 / 255.255.255.0 (Subnet Mask Notation) also specify the same IP Range 192.168.1.0 to 192.168.1.255.

 

 

Then why did CISCO programmers preferred using two concepts while developing protocols Although single concept would have solved their problem..

 

 

 

 

 

Where am I lacking in the understanding of these concepts ?

 

 

 

 

 

Please note that I am not asking how to use these concepts or where to use them , Rather My question is why to use TWO concepts instead of one ??

 

 

Kindly elucidate,,...

 

 

 

 

 

Chetan..

 

 

 

 

 

  • Scott Morris - CCDE/4xCCIE/2xJNCIE 8,396 posts since
    Oct 7, 2008
    Currently Being Moderated
    1. Nov 11, 2008 12:21 AM (in response to Chetan)
    Re: Wildcard Mask VS Subnet Mask

     

    Dude... This is CLEARLY in the Vast Collection of Useless Knowledge department... And it scares me that I know the answer.

     

     

    Can we play Cisco Trivial Pursuit?

     

     

    Anyway... Access Lists actually came before subnet masks. Remember way back when we lived in an evil classful world. So back in like 1985, when access-lists came about it was actually easier to code in assembler to do a NAND operation instead of an AND. Thus the wildcarding.

     

     

    When we evolved into subnets (isn't everyone studying for their CCENT/CCNA exams so incredibly happy about that progress?) someone figured out not only that normal human beings weren't used to thinking "backwards" like the ACL masks, but there had to be some backwards compatibility with all the ancient IOS versions. So subnet masks being "new' took their own form. ACLs being "legacy" stayed the same.

     

     

    And thus is life.

     

     

    I'm going to bed now. I win.

     

     

    Scott

    smorris@internetworkexpert.com

     

     

     

     

     

  • Conwyn 7,914 posts since
    Sep 10, 2008

    Hi Chetan

     

    The NAND gate were one of the faster instructions.

     

     

    The logic is (0,0)->1 (0,1)->1 (1,0)->1 but (1,1)->0

     

     

    So if you have a address 11110000 (240) NAND 00001111 you get 11111111

     

     

    For 11111111 (255) NAND 00001111 you get 11111111

     

     

    So you know the first four bits are 1111 which is what you are testing and the bottom four you could not care about

     

     

    And the final result is all 1's or True.

     

     

    I must admit I had forgotten all this see (http://www.cs.bu.edu/~best/courses/cs101/S95/lectures/FromTransistorsToGates.html )

     

     

    Regards Conwyn

  • cnewby 75 posts since
    Apr 21, 2008
    Currently Being Moderated
    3. Nov 11, 2008 2:18 PM (in response to Conwyn)
    Re: Wildcard Mask VS Subnet Mask

    Hi Conwyn,

     

    I'm not sure that the NAND function can be used as a mask.

    Truth table for NAND, AND and OR is .....

    A B NAND AND OR

    0 0 1 0 0

    0 1 1 0 1

    1 0 1 0 1

    1 1 0 1 1

     

    Lets look at two 8 bit numbers 163 (10100011) and 227 (11100011) and use a wild card mask of 15 (00001111) to "ignore" the lower four bits, and thus compare 160 with 224 which should not match. Then use a subnet mask 240 (11110000).

     

    Using the NAND function

    10100011 (163)

    00001111 ( 15)

    11111100 (252)

     

    11100011 (227)

    00001111 ( 15)

    11111100 (252)

     

    The result of the operation on these two different yields the same value. Therefore this cannot work as a mask function!

     

    Lets try using the AND Function (which we know works).

    AND function

    10100011 (163)

    11110000 (240)

    10100000 (160)

     

    11100011 (227)

    11110000 (240)

    11100000 (224)

    This works, it correctly separates higher bits and ignores lower bits with 0's

     

    Now lets try the wild card mask and the OR function.

    OR function

    10100011 (163)

    00001111 ( 15)

    10101111 (175)

     

    11100011 (227)

    00001111 ( 15)

    11101111 (239)

    This also works, it correctly separates higher bits and ignores lower bits with 1's

     

    Is my thinking correct here?

     

    Charles

  • cnewby 75 posts since
    Apr 21, 2008
    Currently Being Moderated
    4. Nov 11, 2008 2:19 PM (in response to cnewby)
    Re: Wildcard Mask VS Subnet Mask

    It looks like the Rich text/space compression is intent on messing up my truth table

    so here it is on separate lines

    A B NAND

    0 0 1

    0 1 1

    1 0 1

    1 1 0

     

    A B AND

    0 0 0

    0 1 0

    1 0 0

    1 1 1

     

    A B OR

    0 0 0

    0 1 1

    1 0 1

    1 1 1

     

    Charles

  • Conwyn 7,914 posts since
    Sep 10, 2008
    Currently Being Moderated
    5. Nov 11, 2008 2:30 PM (in response to cnewby)
    Re: Wildcard Mask VS Subnet Mask

     

    Hi Charles

     

     

    I think you have mis understood the purpose of the wild card mask is to check whether all bits are set in the 0 part of the mask so 15,14,13,12 can be compared with the mask 12 (0011). We were speculating about NAND

     

     

    Let me have a think. It night here.

     

     

    Regards Conwyn

     

     

  • B Haines 660 posts since
    Jun 28, 2008

    Scott,

    I have a quick question. I have heard two separate statements in regard to subnet masks and wildcard masks. One side said that they are inversely proportional (which is what I have always seen) but I have read statements where it is stated that there is no relation and that they are NOT inversely proportional... Any insight?

     

     

    By the way, congratz.. Jeremy Ciaora (from CBTNuggets videos) didn't know the answer to the above question either.. said so in the CCNA videos)..

  • cnewby 75 posts since
    Apr 21, 2008
    Currently Being Moderated
    8. Nov 11, 2008 3:51 PM (in response to Chetan)
    Re: Wildcard Mask VS Subnet Mask

    Hi Chetan,

     

    I agree the NAND gate was/is the building blocks of the other Logic gates. However the way I read the original reply to post was the NAND operation was used with a wildcard mask.

     

    Charles

  • cnewby 75 posts since
    Apr 21, 2008
    Currently Being Moderated
    9. Nov 11, 2008 3:49 PM (in response to B Haines)
    Re: Wildcard Mask VS Subnet Mask

    Hi Scott,

     

    In my opinion yes! In fact I use this the check that I formulated my wildcard masks appropriately

     

    Consider a 16 bit mask (old class B) this would be 255.255.0.0 now to represent this as a wildcard mask, 0.0.255.255 so adding (OK Logical OR) the two together we get 255.255.255.255. Now this works at any bit boundary you may care to use.

    subnet mask 255.255.255.240 = WC mask 0.0.0.15 => 255.255.255.255. This has saved me many times

     

    HTH

     

    Charles

  • Scott Morris - CCDE/4xCCIE/2xJNCIE 8,396 posts since
    Oct 7, 2008
    Currently Being Moderated
    10. Nov 11, 2008 10:51 PM (in response to B Haines)
    Re: Wildcard Mask VS Subnet Mask

     

    Excellent! So I know something Jeremy doesn't. I'm sure there's plenty of things that he knows which I don't!

     

     

    As far as the proportional thing goes that's a "yes and no" kinda thing.

     

     

    From the standpoint of if I want to filter a /24 with a 255.255.255.0 mask, I'll use a 0.0.0.255 ACL mask that's true. A /28 would be 255.255.255.240 with an inverse mask of 0.0.0.15...

     

     

    But they are not directly RELATED to each other since in the mask (subnet) we draw a line between host/network. In an ACL, each bit is treated individually.

     

     

    I don't want to go too deep because my goal is not to make CCNA's brains prematurely explode with things that aren't necessary for their exams! If you do want to dive into the ACL stuff more, I'd suggest checking out my blog entries on blog.internetworkexpert.com and just put "binary math" in the search field.

     

     

    but that's an IF YOU WANT thing, and it's not needed for the CCNA/NP exams!

     

     

    Scott

     

     

  • Conwyn 7,914 posts since
    Sep 10, 2008

     

    Hi Scott

     

     

    Just to put another spin on this. The early machines did not have storage to storage operation move A,B. they only had an accumulator so add A,B = move A to Accumulator, add B to Accumulator, Store accumulator in A.

     

     

    The test A equals B was move A to accumulator, subtract B from accumulator so if A=B accumulator = zero and then we would have a Jump if Zero instruction. In this working ZERO was true whereas nowadays you see the higher voltage 1 being on/true.

     

     

    The process we are trying to define is really (NOT mask) AND value (mask,value,result) ={(0,0,0),(0,1,1),(1,0,0),(1,1,0)} and this looks like a AND table rotated anticlockwise, Hence perhaps there was not a super clever method of checking bits

     

     

    Regards Conwyn

     

     

  • cnewby 75 posts since
    Apr 21, 2008
    Currently Being Moderated
    12. Nov 12, 2008 9:51 AM (in response to Conwyn)
    Re: Wildcard Mask VS Subnet Mask

     

    Hi,

     

    I think the discussion on NAND / Wildcard mask has (nearly ) reached the limit of usefulness for the thread at large.

    However I enjoy trying to figure out how some of these more obscure processes are actually implemented. So with that in mind, I still don't follow where the NAND logic operation helps with (essentially) doing a comparison between to binary values. The mask process works with contiguous (Subnet) OR non-contiguous masks.

     

    I can see how NAND / Subnet mask will yield a complemented value of a binary value.

     

     

     

     

     

    So when 2 addresses (say) are NAND'd with a subnet type mask and the results compared, a match will correctly be identified.

     

    Charles

     

  • B Haines 660 posts since
    Jun 28, 2008

    Thanks Scott,

     

    Checking it out now!

  • B Haines 660 posts since
    Jun 28, 2008
    Currently Being Moderated
    14. Nov 12, 2008 6:48 PM (in response to B Haines)
    Re: Wildcard Mask VS Subnet Mask

    By the way Scott, I love your site.. Where else can one read on how to xConnect pseudowires with VPLS and the like??? Constantly flipping from there to the internet so that I can figure out what's going on.. LoL

     

    Thanks again for the binary link! It's giving me some trouble at the moment (still on part 1.. LoL) but it's a challenge and a learning experience!

Actions

More Like This

  • Retrieving data ...

Bookmarked By (3)