I asked one of the IOS developers about it, and he pointed out that access lists were developed before subnetting. The wildcard mask is the natural way hardware does matching.
When subnets were defined, their documentation specified subnet masks. With 20/20 hindsight, it might have been a good idea to go back and change wildcard masks, but, of course, that would have introduced compatibility problems. >I think is all originated from the principles of: >1 = Do not Cares (Matches everything and anything) >0 = Cares ( Matches only identical corresponding digit) > >Maybe it is a hang-on from the old binary digit stuff. Man you have no >choice than to do the inverse, else your access-list would not work, except >you are ready to develope a router IOS that will use the direct mask. > >Goodluck > >Regards. >Oletu > >----- Original Message ----- >From: >To: >Sent: Saturday, December 29, 2001 10:50 PM >Subject: Why use wildcard mask [7:30473] > > >> Hi All, >> >> I am trying to find out why we do an inverse/wildcard >> masks while using access lists? >> >> For example, if I want to deny 192.168.1.0 255.255.255.0 >> network, on the access list, we configure this >> as 192.168.1.0 0.0.0.255, but why do we do it this >> way instead of 255.255.255.0. >> >> All this seems to be is just an inverse relationship pointing back at the >> same thing? Even if I want to get specific and deny 192.168.1.0 >> 255.255.255.192, this translates to 192.168.1.0 0.0.0.63, which seems to >be >> just the standard mask and subtract 255.255.255.255. >> >> Is there a specific reason why we do inverse mask? It seems to be easier >> just to configure it with normal masks. This way, we skip on an extra >> procedure. >> >> thanks >> Mike >_________________________________________________________ >Do You Yahoo!? >Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=30479&t=30473 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
