In Acl Statements, The Any Keyword Is Equivalent To Using Which Wildcard Mask?
In Acl Statements, The Any Keyword Is Equivalent To Using Which Wildcard Mask?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
In ACL statements, any keyword is equivalent to using which wildcard mask?
The 255.255.255.255 wild mask is used in the ACL statements. Now, let us learn the wild masks and the access lists. We can match the access list based on the IP address of a packet a standard access loss will look at the source IP address of the packet and an extended access list will look not only at the source IP address but also at the destination IP address.
Here, we use the wild card mask to tell the router which IP address to look for. In the other words, we should pay attention to a small range called subnet, or we can look at the very large range. At present many of the IP addresses are using the wildcard masks in the both standard access list and the extended access list. We apply to both of them.
The wildcards masks are made up of all the ones and the zeroes. These wild masks are look-alike subnet masks, but the subnet masks are very different from the wild masks. For suppose when we see a zero in the wildcard mask it means that the corresponding IP address that we are looking like the source or the destination IP address in a packet.
Those have to match with what we have configured in the access list. Here the Zero means it has the match and if we see the 1 it means that it doesn’t have any match, the corresponding bits in the packet do not contain any match what we have configured in the access list.
Now let us learn some of the examples. In the wild card masks, we have zeros at the first three of the octets and then we have all the ones in the last octet, it represents that whatever IP address that we are looking at in the packet, the first three of the octets should be the exact match. And coming to the last octet, it can be anything, we particularly do not care about the last ones. Let us take another example, here the wild card mask is made up of all the zeros, it represents that the packet has the IP address of 10.10.10.1, then every single one of these octets would have to match whatever source we are listing in our access list. Because here the wild card mask is saying that each octet has to be the exact match. Now we didn’t list the source in the access list but normally it would list in the IP address.
Let us take another example to understand the concept in detail. Whatever IP address that we are configured in the access list we say that the first two octets have to match with whatever is present in our packet. Because all those are now zeroes. Let 0.0.31.255 be a bit different from all the others, here the first three bits should have to match but the last five bits do not need to. since it has all the ones, the entire octet doesn’t need to match.