If you are preparing for a CCNA exam, you would come across Wildcard Marks, after subnet, Wildcard Masks are the most dreadful CCNA exam takers nightmare. They are very useful in Access Control List (ALCs)
What If We tell you Wildcard Masks are simple and you can learn them in the next 5 minutes?
You would be surprised how easy Wildcard Masks are.
Lets say…
We have network 100.0.0.0 with Subnet Mask 255.255.255.240.
We want to create an ACL for this network. This WHOLE network should be denied something.
For the ACL, we need the proper Wildcard Mask for that Subnet.
The Subnet Mask is binary
11111111.11111111.11111111.11110000=255.255.255.240
For Wildcard Masks, only the ZEROS are interesting.
So make a simple addition (watch the last oktett!)
8+4+2+1=15
So the wildcard mask will be
0.0.0.15
Simple?
Here is another Example
We have network  100.0.0.0 with Subnetmask 255.255.248.0
255.255.248.0=11111111.11111111.11111000.00000000
4+2+1.128+64+32+16+8+4+2+1
That is Wildcard Mask
0.0.7.255
Some more Example with Wildcard Masks used in ACLs
Examples
1. You have to permit access to a network via acl. Only network 10.10.10.0 with Subnetmask 255.255.255.240 should be permitted.
10.10.10.0 255.255.255.240
255-240=15
Access-List would be
access-list 1 permit 10.10.10.0 0.0.0.15
access-list 1 deny any any
2. You have to permit access to a network via acl. Only network 10.10.10.0 with Subnetmask 255.255.240.0 should be permitted to connect via tcp port 22 to network 100.10.10.0/24. Anything else should be denied.
10.10.10.0 255.255.240.0
255-240=15
255-0=255
100.10.10.0 255.255.255.0
255-0=255
Access-List would be
access-list 100 permit tcp 10.10.10.0 0.0.15.255 Â 100.10.10.0 0.0.0.255 Â eq 22
access-list 100 deny ip any any
I hope you get the Idea and Wildcard mask is a Piece of cake for you.
If you have any queries feel free to get back, all the details about us are all around the blog and the internet