What is Wildcard Mask?
A wildcard mask is a sequence of numbers that streamlines packet routing inside a proprietary network’s subnets. It is also referred to as an inverse mask. The main reason behind this is that unlike a subnet mask in which, binary 1, is equal to a match, and binary 0 is not a match. However, in the wildcard mask, the opposite is true.
Wildcard mask is 32 bits long. It acts inverted, but, with a wildcard mask, the zero bits suggest that the corresponding bit position should match the same bit position in the IP address. The one bit indicates that the corresponding bit position does not have to match the IP address’s bit position.
Wildcard masks use the below-given rules to match binary 1 and 0:
- If the wildcard mask bit 0, then it matches the bit value in the address.
- If the wildcard mask bit 1, then you should ignore the corresponding bit value in the address.
Wild Card Mask for a Host will always be 0.0.0.0
How Does a Wildcard Mask Work?
The following example allows you to understand the concept of wildcard masks:
In the above-given picture, you can see a network with three hosts and a router. Here, the router is directly connected to three subnets.
Let us assume that we want to advertise only the 10.0.1.0/24 subnet. You can use the wildcard mask of 0.0.0.255 in the following network command to do this:
R1(config-router)#network 10.0.1.0 0.0.0.255
Why wildcard mask of 0.0.0.255?
For that first, you should convert the CISCO wild card mask and IP address into binary:
10.0.1.0 = 00001010.00000000.00000001.00000000 0.0.0.255 = 00000000.0000000.00000000.11111111
The zero bits of the wildcard mask must match the same position in the IP address in the network, which should be included in the network command:
You can see that in the above-given example, the last octet does not need to match, as the wildcard bits are all ones. The first 24 bits need to match because of the wildcard mask bits of all zeros.
Here, the wildcard mask will match all IP addresses, which helps them begin with 10.0.1. x (10.0.1.0–10.0.1.255). In this case, you have only one network that will be matched–10.0.1.0/24.
What if you want to include both 10.0.0.0/24 and 10.0.1.0/24 subnets?
You need to use the wildcard mask of 0.0.1.255 in the following:
10.0.0.0 = 00001010.00000000.00000000.00000000 10.0.1.0 = 00001010.00000000.00000001.00000000 0.0.1.255 = 00000000.00000000.00000001.11111111
From the above-given output, you can see that, with the wildcard mask of 0.0.1.255. Here, only 23 bits have to match. This means that all addresses in the range of 10.0.0.0–10.0.1.255 need to be matched. So, in this case, both IP addresses have been reached.
How to Calculate Wildcard Mask?
Calculating wildcard masks is a challenging task. One easy shortcut method is to subtract the subnet mask from 255.255.255.255. The solution produces the wildcard mask.
1) 255.255.255.255 - 255.255.255.255 = 0.0.0.0 (wildcard mask) 2) 255.255.255.255 - 255.255.255.128 = 0.0.0.127 (wildcard mask) 3) 255.255.255.255 - 192.0.0.0 = 18.104.22.168 (wildcard mask)
Where can Wildcard Masks be used?
Wildcard masks method in use in the access control list. It is useful when you have a large network and need to allow free traffic flow between multiple routers. So, when you have a large network of several routers and LAN segments, you will likely run into CISCO wildcard masks.
You need to ensure that you properly set your wildcard mask to ensure only allowable traffic can pass through your router.
- A wildcard mask is a sequence of numbers that streamlines packet routing inside a proprietary network’s subnets.
- Two rules for wild card masks are: 1) If the wildcard mask bit 0, it matches the bit value in the address. 2) If the wildcard mask bit 1, then you should ignore the corresponding bit value in the address.
- Wildcard masks method in use in the access control list. It is useful when you have a large network and need to allow free traffic flow between multiple routers.