CCNA And CCENT Tutorial: Prefix Notation and ACLs

To this point in this free CCNA Access List Tutorial series, we’ve used dotted decimal format for our wildcard masks since that’s the format you’ll see most often in real-world networking and your Cisco certification exams.  It’s a good idea for you to know how the prefix notation format works, especially since this format works as a network mask rather than a wildcard mask.

As usual, this will be much clearer with a few examples.  ACLs from previous labs have been removed.  We know how to write an ACL that matches 10.1.1.0 /24 with dotted decimal as well as how to verify it:

R1(config)#access-list 18 permit 10.1.1.0 0.0.0.255


R1#show ip access-list 18

Standard IP access list 18

    10 permit 10.1.1.0, wildcard bits 0.0.0.255

If given the option to enter the mask in prefix notation, write it like it’s a subnet mask.

R1(config)#access-list 19 permit 10.1.1.0 ?

  /nn or A.B.C.D  Wildcard bits

  log             Log matches against this entry

  <cr>

R1(config)#access-list 19 permit 10.1.1.0 /24

Sounds odd, but the proof is in the show ip access-list command.

R1#show ip access-list 19

Standard IP access list 19

    10 permit 10.1.1.0, wildcard bits 0.0.0.255

I stick with dotted decimal whenever possible, but it’s always a good idea to know more than one way to do things during our exam prep.

We’ll wrap things up with some remarks about access-list remarks in the next section of this CCNA ACL course!

Chris Bryant’s CCNA Free Practice Exams

Chris Bryant’s CCNA Channel on YouTube