Suggested prerequisite reading
»Cisco Forum FAQ »I do not understand subnetting?
In Cisco router (and probably other brand router as well), there is a term called Wildcard Subnet Mask. This wildcard is deducted by inversing a subnet mask.
On Cisco router, wildcard subnet mask is used in the following occasion
* Defining subnet in ACL
* Defining subnet member in OSPF area
For those who just learn networking, wildcard subnet mask is new and probably looks confusing. Don't worry, there is easier way to understand it.
Background Theory
For example, let's say you have the following subnet.
192.168.24.0/24
or 192.168.24.0 with 255.255.255.0 subnet mask
The binary format of the subnet mask is the following
11111111.11111111.11111111.00000000
In binary arithmetic, inverse a number means "flipping" one state to the other (i.e. from "on" to "off", from "0" to "1").
The inverse of the subnet mask in binary format is the following
00000000.00000000.00000000.11111111
In decimal format, the inverse subnet mask looks like this
0.0.0.255
Confused? Lost? No worries, there is a easier way to understand this. We still can strictly use decimal number system to find out subnet mask inverse. This way you can get quicker result without skipping basic understanding. As always, the key is to use decimal number system with binary number system in mind.
255 Octet Subtraction
This is one way of doing it. Note that when we do binary inverse, we do it octet by octet. Each octet has number from 0 to 255. To quickly find the inverse subnet mask, you can use the result of 255 subtracted by the given octet.
Here are illustrations
Example #1
/24: 255.255.255.0
255 - 255 = 0
255 - 0 = 255
255 255 255 255
255 . 255 . 255 . 0
- ------------------------
0 . 0 . 0 . 255
Inverse /24: 0.0.0.255
Example #2
/27: 255.255.255.224
255 - 255 = 0
255 - 224 = 31
255 255 255 255
255 . 255 . 255 . 224
- ------------------------
0 . 0 . 0 . 31
Inverse /27: 0.0.0.31
Example #3
/30: 255.255.255.252
255 - 255 = 0
255 - 252 = 3
255 255 255 255
255 . 255 . 255 . 252
- ------------------------
0 . 0 . 0 . 3
Inverse /30: 0.0.0.3
Host Number
This is another way of finding inverse subnet mask. Let's review the /30 subnet. In /24 or smaller subnets, only last octet indicates the different number of IP addresses. Specifically for /30, the last octet indicates four different number of IP addresses; from 0 to 3. Take the last number and apply that to inverse subnet mask.
As to the 1st three octet, they should "automatically" convert to 0 since only the last octet "matters" from number of IP address perspective in /24 or smaller subnets.
Here are illustrations
Example #1
/30 last octet: 252 --> four IP addresses, from 0 to 3
Inverse /30: 0.0.0.3
Example #2
/27 last octet: 224 --> 32 IP addresses, from 0 to 31
Inverse /27: 0.0.0.31
Example #3
/24 last octet: 0 ---> 256 IP addresses, from 0 to 255
Inverse /24: 0.0.0.255
Working with Subnet Larger than /24
When you have subnet larger than /24, then you also need to consider other octet in addition of the last octet. Using the 2nd method (the Host Number), you will apply the last number of each octet to the inverse.
Here are illustrations
Example #1
/23: 255.255.254.0
3rd octet: 254 ---> two /24 subnets, from 0 to 1
4th octet: 0 ---> 256 IP addresses, from 0 to 255
Inverse /23: 0.0.1.255
Example #2
/21: 255.255.248.0
3rd octet: 248 ---> eight /24 subnets, from 0 to 7
4th octet: 0 ---> 256 IP addresses, from 0 to 255
Inverse /21: 0.0.7.255
Example #3
/12: 255.240.0.0
2nd octet: 240 ---> sixteen /16 subnets, from 0 to 15
3rd octet: 0 ---> 256 /24 subnets, from 0 to 255
4th octet: 0 ---> 256 IP addresses, from 0 to 255
Inverse /12: 0.15.255.255
Example #4
/2: 192.0.0.0
1st octet: 192 ---> sixty four /8 subnets, from 0 to 63
2nd, 3rd, 4th octets: 0 ---> 0 to 255
Inverse /2: 63.255.255.255
 show feedback form
 close
by aryoba 
last modified: 2008-07-11 09:11:00 |
