Wildcard Masking
Wildcards are used with access lists to specify an individual host, a network, or a certain range
of a network or networks. To understand a wildcard, you need to understand what a block
size is; it’s used to specify a range of addresses. Some of the different block sizes available are
64, 32, 16, 8, and 4.
The following example tells the router to match the first three octets exactly but that the
fourth octet can be anything:
Corp(config)#access-list 10 deny 172.16.10.0 0.0.0.255
The next example tells the router to match the first two octets and that the last two octets
can be any value:
Corp(config)#access-list 10 deny 172.16.0.0
0.0.255.255
Try to figure out this next line:
Corp(config)#access-list 10 deny 172.16.16.0 0.0.3.255
The previous configuration tells the router to start at network 172.16.16.0 and use a block
size of 4. The range would then be 172.16.16.0 through 172.16.19.0.