Compute Complex Wildcard for ACL

This will help you for compute  the most specific address and wildcard pair for acl and summry route

First we need to know the basic of XOR and AND cuse  access-list address and wildcard are based on the AND and XOR logic gates

A and B and the output C we can show the XOR function as,The output is true when either inputs A or B are true, but not if both A and B are true:


A XOR  B  C

0 XOR 0 -> 0

0 XOR 1 -> 1

1 XOR 0 -> 1

1 XOR 1 -> 0

A and B and the output C we can show the AND function as,The output is true only when both inputs A and B are true:

A AND B    C

0 XOR 0 -> 0

0 XOR 1 -> 0

1 XOR 0 -> 0

1 XOR 1 -> 1

after we understand that we can proggress to calc
lets take 10.20.30.40 and 40.30.20.10 and we create an access-list that is the most specific match for these two addresses.
conversion to binary : (128 ,64 ,32, 16,8,4,2,1)

10.20.30.40 = 00001010.00010100.00011110.00101000

40.30.20.10 = 00101000.00011110.00010100.00001010


AND:
00001010.00010100.00011110.00101000

00101000.00011110.00010100.00001010
--------------------------------------
00001000.00010100.00010100.00001000
the result is our address: 8.20.20.8
 
XOR:
00001010.00010100.00011110.00101000

00101000.00011110.00010100.00001010
---------------------------------------
00100010.00001010.00001010.00100010
The result is our wildcard: 34.10.10.34


the ACL of the most specific match for both 10.20.30.40 and 40.30.20.10
is : access-list 1 permit 8.20.20.8 34.10.10.34




 

       source :http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00800a5b9a.shtml#transitacl
surce:INE