Wild Card Mask

Network
In the topology above , I have EIGRP configured on both routers.
I have advertised all the networks to EIGRP

these are the interfaces in R2:
R2(config-router)# do show ip interface bri
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0/0            192.168.12.2    YES manual up                    up      
FastEthernet0/1            unassigned      YES unset  administratively down down    
FastEthernet1/0            unassigned      YES unset  administratively down down    
FastEthernet1/1            unassigned      YES unset  administratively down down    
Loopback0                  172.16.0.2      YES manual up                    up      
Loopback1                  172.16.1.2      YES manual up                    up      
Loopback2                  172.16.2.2      YES manual up                    up      
Loopback3                  172.16.3.2      YES manual up                    up      
R2(config-router)#

Open in new window


in R2 , when I advertise R2(config-router)#network 172.16.0.0 0.0.3.255
I do not get any error, and all 172.x.x.x networks will show up in R1 routing table:

R1#sh ip route  eigrp 

Gateway of last resort is not set

      172.16.0.0/24 is subnetted, 4 subnets
D        172.16.0.0 [90/156160] via 192.168.12.2, 00:02:02, FastEthernet0/0
D        172.16.1.0 [90/156160] via 192.168.12.2, 00:02:02, FastEthernet0/0
D        172.16.2.0 [90/156160] via 192.168.12.2, 00:02:02, FastEthernet0/0
D        172.16.3.0 [90/156160] via 192.168.12.2, 00:02:02, FastEthernet0/0
R1#

Open in new window


but if I try different wild card mask I get error  :
R2(config-router)#network 172.16.0.0 0.0.4.255
%EIGRP: Invalid mask (discontiguous)

but if I try these wild card masks one a time after Negating one of them , it will work:
R2(config-router)#network 172.16.0.0 0.0.1.255
R2(config-router)#network 172.16.0.0 0.0.0.255  

***So the ones that worked (one a time) are:
R2(config-router)#network 172.16.0.0 0.0.1.255
R2(config-router)#network 172.16.0.0 0.0.0.255  
R2(config-router)#network 172.16.0.0 0.0.3.255

the :172.16.0.0 0.0.2.255 ,172.16.0.0 0.0.4.255,172.16.0.0 0.0.5.255........172.16.0.0 0.0.254.255

I get this error :%EIGRP: Invalid mask (discontiguous)

Any idea why  ?

Thank you
jskfanAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Mitul PrajapatiIT SupervisorCommented:
Wildcard mask is a reverse entry of Subnet mask to take more precise network address in the network.

for example:

CIDR        Subnet Mask           Wildcard Mask

/20          255.255.240.0          0.0.0.15.255           (240+15  =255)
/21          255.255.248.0          0.0.0.7.255             (248+7    =255)
/22          255.255.252.0          0.0.0.3.255             (252+3    =255)
/23          255.255.254.0          0.0.0.1.255             (254+1    =255)
/24          255.255.255.0          0.0.0.0.255             (0+255    =255)

Here above, we cannot take subnet mask such as 255.255.251.0  (Wildcard 0.0.4.255),  255.255.253 (Wildcard : 0.0.2.255) Those are non existing subnet mask or wildcard mask.

If you do a supernetting of n/w address 172.16.0.0/24, 172.16.1.0/24, 172.16.2.0/24, 172.16.3.0/24 will give u a result 172.16.0.0/22 and the wild card mask for /22 is 0.0.3.255.

So by adding   R2(config-router)#network 172.16.0.0 0.0.3.255 will add all of your four network address.

Supernetting in your case:  (Here, changes are done in 3rd octect)

172.16.0.0/24            0  =  0 0 0 0 0 0    0 0
172.16.1.0/24            1  =  0 0 0 0 0 0    0 1
172.16.2.0/24            2  =  0 0 0 0 0 0   1 0
172.16.3.0/24            3  =  0 0 0 0 0 0   1 1

So in 3rd octect, first 6 digit are similar for all indicate the resulting supernetting subnet mask 255.255.252.0 will give you a will card 0.0.3.255

I hope that, it will clear your doubt.

Thanks.
1
Jeremy WeisingerSenior Network Consultant / EngineerCommented:
Wildcard and subnet masks are best understood in binary. They don't represent numbers but places or positions. They mark out the bits to compare versus the bits you don't need to compare. This is how a subnet is determined by a network device.

In a subnet mask, the ones (1) represent the match and zeros (0) represent not matched and wildcards are the opposite.
Since this is not for an ACL the wildcard mask must be contiguous. (this hopefully will become clear in the below examples).

So let's take a look at the wildcard masks you tried and hopefully you'll see why some don't work. Here I've laid out 0 - 5 in the 3rd octet of the wildcard mask in binary to demonstrate why it works or doesn't work:
IP      172.16.0.0 - 10101100.00010000.00000000.00000000
Mask     0.0.0.255 - 00000000.00000000.00000000.11111111
Bits that won't be mached:                   ...nnnnnnnn   
Range that matches: 172.16.0.0 - 172.16.0.255


IP      172.16.0.0 - 10101100.00010000.00000000.00000000
Mask     0.0.1.255 - 00000000.00000000.00000001.11111111
Bits that won't be mached:                 ...n.nnnnnnnn   
Range that matches: 172.16.0.0 - 172.16.1.255


IP      172.16.0.0 - 10101100.00010000.00000000.00000000
Mask     0.0.2.255 - 00000000.00000000.00000010.11111111
Invalid because not contiguous...            ^^   


IP      172.16.0.0 - 10101100.00010000.00000000.00000000
Mask     0.0.3.255 - 00000000.00000000.00000011.11111111
Bits that won't be mached:                ...nn.nnnnnnnn   
Range that matches: 172.16.0.0 - 172.16.3.255


IP      172.16.0.0 - 10101100.00010000.00000000.00000000
Mask     0.0.4.255 - 00000000.00000000.00000100.11111111
Invalid because not contiguous...           ^^^   


IP      172.16.0.0 - 10101100.00010000.00000000.00000000
Mask     0.0.5.255 - 00000000.00000000.00000101.11111111
Invalid because not contiguous...           ^^^   

Open in new window

0.0.7.255 is the next valid mask. Hopefully that makes sense. :)
0
jskfanAuthor Commented:
Jeremy

I see you took efforts to explain it. however I still do not see why it is non contiguous:
IP      172.16.0.0 - 10101100.00010000.00000000.00000000
Mask     0.0.2.255 - 00000000.00000000.00000010.11111111
Invalid because not contiguous...            ^^   

Open in new window

0
Powerful Yet Easy-to-Use Network Monitoring

Identify excessive bandwidth utilization or unexpected application traffic with SolarWinds Bandwidth Analyzer Pack.

Jeremy WeisingerSenior Network Consultant / EngineerCommented:
The mask needs to be continuous meaning that all the zeros need to be next to each other.
These are examples of contiguous patterns:
- 00011111
- 00001111
- 00000001

These would not be contiguous because some of the zeros are broken up by ones:
- 00101111
- 00001110
- 01000001

Does that make sense?
0
jskfanAuthor Commented:
from those subnets if I need to advertise just these:

172.16.0.1    
172.16.1.1    
172.16.2.1    

I thought I would do Network 172.16.0.0 0.0.2.255
0
Jeremy WeisingerSenior Network Consultant / EngineerCommented:
Let's again take a look at the binary and see what would match a 0.0.2.255 mask. From that we should see why it needs to be contiguous.
Keep in mind that zeros (0) need to match and ones (1) don't. So that means that everything in an IP address that lines up with a zero of the mask must match the network IP.

IP Net         172.16.0.0 - 10101100.00010000.00000000.00000000
Mask            0.0.2.255 - 00000000.00000000.00000010.11111111
IP match       172.16.0.1 - 10101100.00010000.00000000.00000001


IP Net         172.16.0.0 - 10101100.00010000.00000000.00000000
Mask            0.0.2.255 - 00000000.00000000.00000010.11111111
IP not match   172.16.1.1 - 10101100.00010000.00000001.00000001
              This bit does not match the network:-->^
               
IP Net         172.16.0.0 - 10101100.00010000.00000000.00000000
Mask            0.0.2.255 - 00000000.00000000.00000010.11111111
IP match       172.16.2.1 - 10101100.00010000.00000010.00000001

Open in new window

From that I hope you can see that there's a gap in the range. This is why for network operations the mask needs to be contiguous.

So to cover these three networks we need to use two entries.

Net IP 172.16.0.0 wildcard mask 0.0.1.255
Net IP 172.16.2.0 wildcard mask 0.0.0.255

In binary the comparison and ranges would look like this:
IP Net         172.16.0.0 - 10101100.00010000.00000000.00000000
Mask            0.0.1.255 - 00000000.00000000.00000001.11111111
Start IP       172.16.0.1 - 10101100.00010000.00000000.00000001
End IP       172.16.1.254 - 10101100.00010000.00000001.11111110

IP Net         172.16.2.0 - 10101100.00010000.00000010.00000000
Mask            0.0.0.255 - 00000000.00000000.00000000.11111111
Start IP       172.16.0.1 - 10101100.00010000.00000010.00000001
End IP       172.16.1.254 - 10101100.00010000.00000010.11111110

Open in new window

0
jskfanAuthor Commented:
let's say we have :
172.16.0.0/24          
172.16.1.0/24          
172.16.2.0/24          
172.16.3.0/24          

From the networks above, if I want to advertise just the first 3 : 172.16.0.0/24     and  172.16.1.0/24  and 172.16.2.0/24  


Wildcard mask should be this:
172.16.0.0  0.0.2.0

if I want to advertise just 172.16.0.0/24      and  172.16.1.0/24    
Wildcard mask should be this: 176.16.0.0 0.0.1.0

is that how you do it ?
0
Jeremy WeisingerSenior Network Consultant / EngineerCommented:
I know I'm trying to relay some information that is difficult to grasp.

So 0.0.2.0, 0.0.1.0, and 0.0.2.255 are all invalid because they are not contiguous in binary.
0.0.2.0  is 00000000.00000000.00000010.00000000 (zeros are broken up by a one)
0.0.1.0 is 00000000.00000000.00000001.00000000 (zeros are broken up by a one)
0.0.2.255 is 00000000.00000000.00000010.11111111 (zeros are broken up by a one)

If you want to advertise 172.16.0.0/24 and 172.16.1.0/24 you would use:
176.16.0.0 0.0.1.255

If you want to advertise 172.16.0.0/24, 172.16.1.0/24, and 172.16.2.0/24 you would use:
176.16.0.0 0.0.1.255 and 172.16.2.0 0.0.0.255
0
jskfanAuthor Commented:
Thanks Jeremy.
I got the explained contiguous part  , as you said 0s should not be broken by 1s example  00010010 in the 3rd octet

however when they give you 172.16.0.0/24, 172.16.1.0/24, and 172.16.2.0/24 and will tell you advertise them.. What were the steps that you took to  get to the wild card mask  result :
176.16.0.0 0.0.1.255 and 172.16.2.0 0.0.0.255
0
Jeremy WeisingerSenior Network Consultant / EngineerCommented:
Well the over simplified method is just doing the inverse of the subnet mask to get the wildcard mask. We have to look at the binary to see what range the mask would cover. We would start with the inverse of the subnet mask and work on making it as broad as we can without including addresses we don't want. Having worked with this for over a decade I can now just do it in my head but here's how you'd work it out:

- We know the subnet mask of each of the networks is 255.255.255.0. The inverse of that is 0.0.0.255 which is the wildcard mask that will match the network
SNM 11111111.11111111.11111111.00000000
WCM 00000000.00000000.00000000.11111111

Open in new window

- We know the network addresses we want to include are 172.16.0.0 - 172.16.2.255
Start IP 172.16.0.0   - 10101100.00010000.00000000.00000000
End IP   172.16.2.255 - 10101100.00010000.00000010.11111111

Open in new window

- Now we can expand the mask to see what fits.
Test 1
Original inverse. Good but only covers one subnet.
Start IP  172.16.0.0 - 10101100.00010000.00000000.00000000
WCM        0.0.0.255 - 00000000.00000000.00000000.11111111
End IP  172.16.0.255 - 10101100.00010000.00000000.11111111

Test 2
Decrease mask by 1 bit. Still good but only covers two subnets.
Start IP  172.16.0.0 - 10101100.00010000.00000000.00000000
WCM        0.0.1.255 - 00000000.00000000.00000001.11111111
End IP  172.16.1.255 - 10101100.00010000.00000001.11111111

Test 3
Decrease mask by 2 bit. Too far as it goes into 172.16.3.0 network.
Start IP  172.16.0.0 - 10101100.00010000.00000000.00000000
WCM        0.0.3.255 - 00000000.00000000.00000011.11111111
End IP  172.16.3.255 - 10101100.00010000.00000011.11111111

Test 4
So we use test 2 which covers 172.16.0.0 and 172.16.1.0.
Now we test 172.16.2.0 starting again with the orginal inverse of the subnet mask. 
This is good as it covers the remaing addresses.
Start IP  172.16.2.0 - 10101100.00010000.00000010.00000000
WCM        0.0.0.255 - 00000000.00000000.00000000.11111111
End IP  172.16.2.255 - 10101100.00010000.00000010.11111111

Open in new window


I know this stuff can be arcane and this is a pretty hard setting to communicate the concepts. But let me know if you have any questions and I'll do my best to explain.
1
jskfanAuthor Commented:
OK Jeremy..

almot to the end :-)

172.16.1.0
172.16.2.0
Let's focus on the 3rd Octet. that's were the difference is


Binary= 00000001 = 1 in Decimal
Binary= 00000010 = 2 in decimal

Bits in Common =000000= 6 bits , if we go from Left position to the right position: 128+64+32+16+8+4=252

Then we subtract 252 from 255 : 255-252=3

So the WildCard mask that covers 172.16.1.0 and 172.16.2.0  is 0.0.3.255

Correct ?
0
Jeremy WeisingerSenior Network Consultant / EngineerCommented:
Almost there. :)
Here's your 3rd octet example with the mask and I've added bars to separate the bits that need to match from the ones that don't:
Binary= 000000|01 = 1 in Decimal (172.16.1.0)
Binary= 000000|10 = 2 in decimal (172.16.2.0)
Binary= 000000|11 = 3 in decimal (0.0.3.255)

Remember that the zeros in the mask are the bits that need to match. The ones don't need to match. So we can see that the mask also will include 172.16.0.0 and 172.16.3.0.

Binary= 000000|00 = 1 in Decimal (172.16.0.0)
Binary= 000000|01 = 1 in Decimal (172.16.1.0)
Binary= 000000|10 = 2 in Decimal (172.16.2.0)
Binary= 000000|11 = 1 in Decimal (172.16.3.0)
Binary= 000000|11 = 3 in Decimal (0.0.3.255)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jskfanAuthor Commented:
Excellent !!
0
Jeremy WeisingerSenior Network Consultant / EngineerCommented:
Glad to help. :)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers

From novice to tech pro — start learning today.