A network administrator configures an ACL with the command R1(config)# access-list 1 permit 172.16.0.0 0.0.15.255. Which two IP addresses will match this ACL statement?
The ACL statement “access-list 1 permit 172.16.0.0 0.0.15.255” will match IP addresses within the range of 172.16.0.0 to 172.16.15.255.
To understand the matching range, we need to interpret the wildcard mask 0.0.15.255. In an ACL, the wildcard mask is used to specify the range of IP addresses that should be permitted or denied. It is the inverse of the actual subnet mask, meaning that the wildcard mask has zeros where the subnet mask has ones, and vice versa.
In this case, the subnet mask for the IP address range is 255.255.240.0. Converting it to binary gives us “11111111.11111111.11110000.00000000”. To obtain the wildcard mask, we need to flip the bits, resulting in “00000000.00000000.00001111.11111111”.
To determine the matching IP addresses, we apply the wildcard mask to the given network address (172.16.0.0) by performing a bitwise logical AND operation:
172.16.0.0 (binary: 10101100.00010000.00000000.00000000)
Wildcard mask (binary: 00000000.00000000.00001111.11111111)
Result (binary: 00000000.00000000.00000000.00000000)
Therefore, the two IP addresses that would match this ACL statement are:
– 172.16.0.0
– 172.16.15.255
Any IP address within this range will be permitted by this ACL statement.
More Answers:
Understanding the Wildcard Mask: How to Calculate and Determine the Wildcard Mask for IP AddressesUnderstanding Layer 2 Switch: Flooding and MAC Address Table Update Explained
Understanding Access Control Lists (ACLs) in IPv6: The Power of Prefix-Lists for Traffic Control and Routing