A wildcard mask is a sequence of numbers that streamlines packet routing within the subnets of a proprietary network. A subnet can be a geographically defined local area network (LAN). Alternatively, a subnet may define security boundaries, departmental boundaries, multicast zones or hardware security parameters. The use of a mask saves a router the task of having to handle an entire IP address because the router deals only with the digits selected by the mask. Wildcard masks are commonly used with Open Shortest Path First (OSPF) router protocols and in access control lists for Cisco routers.
Once a packet has arrived at an organization's main gateway with its network number, that packet is routed to its ultimate destination using a subnet number. The wildcard mask is usually a string of binary digits shown over the subnet number, telling the router which parts of the subnet number to look at. A binary "0" over a particular digit in the subnet number says "Pay attention to this digit." A "1" says "Ignore this digit." In a wildcard mask, all the binary "0"s in a conventional subnet mask are replaced by "1"s and all the "1"s are replaced by "0"s.