Documente Academic
Documente Profesional
Documente Cultură
Introduction
This talk will cover the basics of IP addressing and subnetting.
Topics covered will include:
• What is an IP Address?
• What are Classes?
• What is a Network Address?
• What are Subnet Masks and Subnet Addresses?
• How are Subnet Masks defined and used?
• How can all this be applied?
• What is CIDR?
• How can I get more information?
IP Addressing
An IP (Internet Protocol) address is a unique identifier for a node or host connection on an IP
network. An IP address is a 32 bit binary number usually represented as 4 decimal values,
each representing 8 bits, in the range 0 to 255 (known as octets) separated by decimal points.
This is known as "dotted decimal" notation.
Example: 140.179.220.200
Every IP address consists of two parts, one identifying the network and one identifying the
node. The Class of the address and the subnet mask determine which part belongs to the
network address and which part belongs to the node address.
Address Classes
There are 5 different address classes. You can determine which class any IP address is in by
examining the first 4 bits of the IP address.
Addresses beginning with 01111111, or 127 decimal, are reserved for loopback and for
internal testing on a local machine. [You can test this: you should always be able to ping
127.0.0.1, which points to yourself] Class D addresses are reserved for multicasting. Class E
addresses are reserved for future use. They should not be used for host addresses.
2
Now we can see how the Class determines, by default, which part of the IP address belongs to
the network (N) and which part belongs to the node (n).
• Class A -- NNNNNNNN.nnnnnnnn.nnnnnnn.nnnnnnn
• Class B -- NNNNNNNN.NNNNNNNN.nnnnnnnn.nnnnnnnn
• Class C -- NNNNNNNN.NNNNNNNN.NNNNNNNN.nnnnnnnn
In the example, 140.179.220.200 is a Class B address so by default the Network part of the
address (also known as the Network Address) is defined by the first two octets (140.179.x.x)
and the node part is defined by the last 2 octets (x.x.220.200).
In order to specify the network address for a given IP address, the node section is set to all
"0"s. In our example, 140.179.0.0 specifies the network address for 140.179.220.200. When
the node section is set to all "1"s, it specifies a broadcast that is sent to all hosts on the
network. 140.179.255.255 specifies the example broadcast address. Note that this is true
regardless of the length of the node section.
Private Subnets
There are three IP network addresses reserved for private networks. The addresses are
10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16. They can be used by anyone setting up internal
IP networks, such as a lab or home LAN behind a NAT or proxy server or a router. It is
always safe to use these because routers on the Internet will never forward packets coming
from these addresses. These addresses are defined in RFC 1918.
Subnetting
Subnetting an IP Network can be done for a variety of reasons, including organization, use of
different physical media (such as Ethernet, FDDI, WAN, etc.), preservation of address space,
and security. The most common reason is to control network traffic. In an Ethernet network,
all nodes on a segment see all the packets transmitted by all the other nodes on that segment.
Performance can be adversely affected under heavy traffic loads, due to collisions and the
resulting retransmissions. A router is used to connect IP networks to minimize the amount of
traffic each segment must receive.
Subnet Masking
Applying a subnet mask to an IP address allows you to identify the network and node parts of
the address. The network bits are represented by the 1s in the mask, and the node bits are
represented by the 0s. Performing a bitwise logical AND operation between the IP address
and the subnet mask results in the Network Address or Number.
For example, using our test IP address and the default Class B subnet mask, we get:
To calculate the number of subnets or nodes, use the formula (2n-2) where n = number of bits
in either field, and 2n represents 2 raised to the nth power. Multiplying the number of subnets
by the number of nodes available per subnet gives you the total number of nodes available for
your class and subnet mask. Also, note that although subnet masks with non-contiguous mask
bits are allowed, they are not recommended.
Example:
In this example a 3 bit subnet mask was used. There are 6 (23-2) subnets available with this
size mask (remember that subnets with all 0's and all 1's are not allowed). Each subnet has
8190 (213-2) nodes. Each subnet can have nodes assigned to any address between the Subnet
address and the Broadcast address. This gives a total of 49,140 nodes for the entire class B
address subnetted this way. Notice that this is less than the 65,534 nodes an unsubnetted class
B address would have.
You can calculate the Subnet Address by performing a bitwise logical AND operation
between the IP address and the subnet mask, then setting all the host bits to 0s. Similarly, you
can calculate the Broadcast Address for a subnet by performing the same logical AND
between the IP address and the subnet mask, then setting all the host bits to 1s. That is how
these numbers are derived in the example above.
Subnetting always reduces the number of possible nodes for a given network. There are
complete subnet tables available here for Class A, Class B and Class C. These tables list all
the possible subnet masks for each class, along with calculations of the number of networks,
nodes and total hosts for each subnet.
4
An Example
Here is another, more detailed, example. Say you are assigned a Class C network number of
200.133.175.0 (apologies to anyone who may actually own this domain address). You want to
utilize this network across multiple small groups within an organization. You can do this by
subnetting that network with a subnet address.
We will break this network into 14 subnets of 14 nodes each. This will limit us to 196 nodes
on the network instead of the 254 we would have without subnetting, but gives us the
advantages of traffic isolation and security. To accomplish this, we need to use a subnet mask
4 bits long.
Recall that the default Class C subnet mask is
contain over 16 Million host addresses! Only a tiny percentage of the allocated Class A and
Class B address space has ever been actually assigned to a host computer on the Internet.
People realized that addresses could be conserved if the class system was eliminated. By
accurately allocating only the amount of address space that was actually needed, the address
space crisis could be avoided for many years. This was first proposed in 1992 as a scheme
called Supernetting. Under supernetting, the classful subnet masks are extended so that a
network address and subnet mask could, for example, specify multiple Class C subnets with
one address. For example, If I needed about 1000 addresses, I could supernet 4 Class C
networks together:
Under CIDR, the subnet mask notation is reduced to a simplified shorthand. Instead of
spelling out the bits of the subnet mask, it is simply listed as the number of 1s bits that start
the mask. In the above example, instead of writing the address and subnet mask as
The use of a CIDR notated address is the same as for a Classful address. Classful addresses
can easily be written in CIDR notation (Class A = /8, Class B = /16, and Class C = /24)
It is expected that CIDR will keep the Internet happily in IP addresses for the next few years
at least. After that, IPv6, with 128 bit addresses, will be needed. Under IPv6, even sloppy
6
address allocation would comfortably allow a billion unique IP addresses for every person on
earth! The complete and gory details of CIDR are documented in RFC1519, which was
released in September of 1993.
Logical Operations
This page will provide a brief review and explanation of the common logical bitwise
operations AND, OR, XOR (Exclusive OR) and NOT. Logical operations are performed
between two data bits (except for NOT). Bits can be either "1" or "0", and these operations are
essential to performing digital math operations.
In the "truth tables" below, the input bits are in bold, and the results are plain.
AND
The logical AND operation compares 2 bits and if they are both "1", then the result is "1",
otherwise, the result is "0".
0 1
0 0 0
1 0 1
OR
The logical OR operation compares 2 bits and if either or both bits are "1", then the result is
"1", otherwise, the result is "0".
0 1
0 0 1
1 1 1
XOR
The logical XOR (Exclusive OR) operation compares 2 bits and if exactly one of them is "1"
(i.e., if they are different values), then the result is "1"; otherwise (if the bits are the same), the
result is "0".
0 1
0 0 1
1 1 0
NOT
The logical NOT operation simply changes the value of a single bit. If it is a "1", the result is
"0"; if it is a "0", the result is "1". Note that this operation is different in that instead of
comparing two bits, it is acting on a single bit.
0 1
1 0
7
People who will be building networks. If you're a manager you can go to sleep now; if
you know this stuff already, take a pizza break; if you want to actually build networks
some day and are not already comfortable working out appropriate sizes of subnets,
please come to the front of the lecture hall - I have a few copies of this lesson but not
enough for everyone in the room.
Some day you may be responsible for designing a network that connects several
locations together with routers. You'll have been given a certain number of IP
addresses you can use, and you have to allocate them in chunks to each site without
running out!
The reason we are going to learn subnetting is simple: there are not enough IP
addresses free for you to give a whole Class C network to every site you manage.
Some upstream providers charge you for each Class C you allocate. Others force you
to justify your use of space in detail, showing that each network you allocated was
fully populated.
Before we go into details, there are two things you might be able to use which will
avoid the need to learn any of this stuff:
Every machine on the net has an address. Addresses are 32 bits. These 32 bits are split
into two parts - a network number followed by a host address. The 'host address' part
is for a number of machines on one physical network - say a bunch of machines
connected with a hub or on a single thin ether wire. The network number represents
this group of hosts as a single unit, and routers need to know these network numbers
to send data from one net to another.
Just where the network/host split is made is arbitrary. There's no real reason why
10.1.2.3 should be part of a class A network and 220.1.2.3 is part of a class C network
- it just is. The address space was split up as shown below, and any addresses in these
ranges are deemed to be in the appropriate Class. Why does this matter? Well, some
software will ask for an IP address but NOT a netmask - and it will infer a netmask
from the address. This is OK as long as you are staying within the class system, but if
you are subnetting or supernetting, it can cause you a lot of trouble.
There's actually very little difference between a Class C network, and a Class B
network with a 255.255.255.0 netmask applied. (The only time they're different is if
the network address is of the form X.X.0.X or X.X.255.X)
Before you start designing your subnets, you should know what it is that you've been
given. Here are three ways of finding out what class your allocation is in. Use
whichever you find easiest.
In all the examples below we will assume we have been allocated a Class C network
to work with: 192.168.1.0
192.168.1.0 is actually a special type of Class C address - it's one that is reserved
9
never to be allocated on the real Internet. So we'll use it in our examples because if
you do configure a network using these numbers, you won't mess anybody else up. It's
amazing the number of people who create internal networks using real IP addresses
chosen at random. If you ever connect one of these networks to the internet, you will
not be to route because the space belongs to someone else. If you disguise your
addresses using NAT, you'll still not be able to access those parts of the net that
legitimately use those addresses.
Doing subnet calculations for Class A and Class B networks works just the same way
as the Class C examples we are going to cover. If you can do a Class C from first
principles, you'll be able to do Class B's in your sleep. Very few people here will get
much opportunity to design Class A or Class B subnets, but you are quite likely to be
asked to work on existing Class A or B networks, so it's still worth knowing.
2. What is Broadcast?
In a Class C, the host part set to 255 means broadcast. In a subnet, the subnet
host part set to all ones means broadcast. Eg in a /28, any addresses of the form
N.N.N.XXXX1111 are broadcast addresses for their subnets only.
Forgetaboutit. If you can't do binary math in your head, just use the data in
these tables below. (On the other hand, if you can't do binary in your head by
now, you probably shouldn't be looking at a career in networking.)
4. Subnetting Class C - most typical example: /28 "all zeroes, all ones" excluded.
Mask is 11110000
This table may be all you ever need to know, for many installations. This is a
typical example and possibly the most common one. Because it is such a useful
table, this is the only large one we will list in full.
192.168.1.65 to
192.168.1.64 0100xxxx 192.168.1.79
192.168.1.78
192.168.1.81 to
192.168.1.80 0101xxxx 192.168.1.95
192.168.1.94
192.168.1.97 to
192.168.1.96 0110xxxx 192.168.1.111
192.168.1.110
192.168.1.113 to
192.168.1.112 0111xxxx 192.168.1.127
192.168.1.126
192.168.1.129 to
192.168.1.128 1000xxxx 192.168.1.143
192.168.1.142
192.168.1.145 to
192.168.1.144 1001xxxx 192.168.1.159
192.168.1.158
192.168.1.161 to
192.168.1.160 1010xxxx 192.168.1.175
192.168.1.174
192.168.1.177 to
192.168.1.176 1011xxxx 192.168.1.191
192.168.1.190
192.168.1.193 to
192.168.1.192 1100xxxx 192.168.1.207
192.168.1.206
192.168.1.209 to
192.168.1.208 1101xxxx 192.168.1.223
192.168.1.222
192.168.1.225 to
192.168.1.224 1110xxxx 192.168.1.239
192.168.1.238
192.168.1.241 to 192.168.1.255 - UNUSABLE -
192.168.1.240 1111xxxx
192.168.1.254 NETMASK ALL 1111's
5.
6. 0's/1's restriction on host part: let's take one subnet from the table above:
192.168.1.41 0010.1001
192.168.1.42 0010.1010
192.168.1.43 0010.1011
192.168.1.44 0010.1100
192.168.1.45 0010.1101
192.168.1.46 0010.1110
192.168.1.47 0010.1111 UNUSABLE - HOST PART IS ALL 1's
8.
Although you may be familiar with the all ones broadcast addresses (typically
x.x.x.255 for a Class C network) you may not realise that at some time in the
past x.x.x.0 was also used as a broadcast address. Although this seldom is done
nowadays, for historical reasons we still obey this convention. (The last
machine I owned that actually used the .0 address for broadcast was a Sun
from the late 1980's)
192.168.1.9 to
192.168.1.8 000010xx 192.168.1.11
192.168.1.10
192.168.1.13 to
192.168.1.12 000011xx 192.168.1.15
192.168.1.14
192.168.1.17 to
192.168.1.16 000100xx 192.168.1.19
192.168.1.18
192.168.1.21 to
192.168.1.20 000101xx 192.168.1.23
192.168.1.22
192.168.1.24 -
... .............................. .............
244
192.168.1.249 to
192.168.1.248 111110xx 192.168.1.251
192.168.1.250
192.168.1.253 to 192.168.1.255 - UNUSABLE -
192.168.1.252 111111xx
192.168.1.254 NETMASK ALL 111111's
12.
13.So why not a /25????
16.
17.Variable subnetting example 1 (insert /30 into /28 from above)
Well, in the /28 example above, we've shown that the first and last subnets are
unusable, because the subnet mask is either all 0's or all 1's. This is unfortunate
because each of those subnets is losing 16 (-2) IP addresses each.
Is there any way we can get back some of those addresses? Well, yes - there is.
If you look at the example of a /30 subnet, you'll see these entries:
These small subnets - they only have 2 IP addresses that are usable - are
actually just what you need when you are setting up a point to point link
between different subnets (in different locations). So by using the 'slop' at the
end of the range, you can get your point to point links for free.
The following table tells you how many workstations and how many offices
you can have for each size of subnet mask:
Max Useable Subnets # C IPs/Subnet
Bit Split Subnet Mask Block Size
(number of offices) (number of workstatio
2/6 192 (/26) 64 2 62
3/5 224 (/27) 32 6 30
4/4 240 (/28) 16 14 14
14
You see, with one office of size 50, we're forced with a simple subnet scheme
to use a /26 (2 bits subnet, 6 bits host). However, we have three offices, so this
won't work.
With offices of size 9 or 10 (which we round up to 16 - 2), we could use a /28
(16 - 2 subnets of 16 - 2 stations) - but then we couldn't fit in our 50 station
office.
Well, the solution is simple: Treat it as a /26, allocate the large office, then
extract from a table of /28's enough smaller subnets to fit in the one remaining
/26 slot. Like this:
And guess what ... if we look at the earlier table for a /28, you'll find exactly
the section we need to extract and fit in here:
Broadcast
Network part Subnet.host Host addresses
Address192.168.1.63
192.168.1.65 to
192.168.1.64 0100xxxx 192.168.1.79
192.168.1.78
192.168.1.81 to
192.168.1.80 0101xxxx 192.168.1.95
192.168.1.94
192.168.1.97 to
192.168.1.96 0110xxxx 192.168.1.111
192.168.1.110
192.168.1.113 to
192.168.1.112 0111xxxx 192.168.1.127
192.168.1.126
22.
Now we simply put the two tables together, and we have a variable subnet
solution for our three offices. Plus some spares!
Network part Subnet.host Host addresses Broadcast Address
15
Let's say you have variably subnetted a network, and of the 30 subnets
available, 29 of them are in one office, but the 30th is in the other. To route this
properly you would issue 29 routing commands to one address and 1 to the
other. This is wasteful of router table space. The thing to do is to issue ONE
router command that covers all 30 subnets and send them to the one office, but
issue a second router command which is MORE SPECIFIC to extract that one
subnet from the block, and route it elsewhere. More specific routes take
precedence in most routers. Occasionally you will find some brand of router
which does require non-overlapping routes, and if this happens to you, just
issue all 30 explicit commands.
The world has a big problem with too many route table entries in the big
backbone routers. To solve that problem, people realised they could aggregate
network routing commands, eg a network 192.168.2.0/24 and a neighboring
network 192.168.3.0/24 could be represented by merging them like this:
192.168.2.0/23
This would be fine, except we know the problems of subnetting and all-zeroes
and all-ones masks. The same problems would start showing up here. The
solution is simple: someone just issued an edict saying "forget everything you
learned, we won't bother with those rules any more". There's even a command
to tell the routers themselves that they should ignore the rules - "ip
classless"
When you break the rules like this, and allow netmasks that end in all 0's or all
1's, it's called "CIDR" - Classless InterDomain Routing.
16
That's really all you need to know about CIDR. It's trivial, it's easy, and the
details work just the same as subnetting but you merge up instead of splitting
down.
26.Calculators
You are a sys admin at a small ISP. You asked your upstream vendor for a /19
allocation (equivalent to 32 Class C networks). You were given the following:
167.114.209.0 through 167.114.240.0.
28.References
What Is CIDR?
CIDR is a new addressing scheme for the Internet which allows for more efficient allocation
of IP addresses than the old Class A, B, and C address scheme.
With a new network being connected to the Internet every 30 minutes the Internet was faced
with two critical problems:
Using the old Class A, B, and C addressing scheme the Internet could support the following:
• Plus 65,000 Class B networks that could include up to 65,534 hosts each
• Plus over 2 million Class C networks that could include up to 254 hosts each
(Some addresses are reserved for broadcast messages, etc.). Because Internet addresses were
generally only assigned in these three sizes, there was a lot of wasted addresses. For example,
if you needed 100 addresses you would be assigned the smallest address (Class C), but that
still meant 154 unused addresses. The overall result was that while the Internet was running
out of unassigned addresses, only 3% of the assigned addresses were actually being used.
CIDR was developed to be a much more efficient method of assigning addresses.
A related problem was the sheer size of the Internet global routing tables. As the number of
networks on the Internet increased, so did the number of routes. A few years back it was
forecasted that the global backbone Internet routers were fast approaching their limit on the
number of routes they could support.
Even using the latest router technology, the maximum theoretical routing table size is
approximately 60,000 routing table entries. If nothing was done the global routing tables
would have reached capacity by mid-1994 and all Internet growth would be halted.
Two solutions were developed and adopted by the global Internet community:
Classless Inter-Domain Routing (CIDR) is a replacement for the old process of assigning
Class A, B and C addresses with a generalized network "prefix". Instead of being limited to
network identifiers (or "prefixes") of 8, 16 or 24 bits, CIDR currently uses prefixes anywhere
from 13 to 27 bits. Thus, blocks of addresses can be assigned to networks as small as 32 hosts
or to those with over 500,000 hosts. This allows for address assignments that much more
closely fit an organization's specific needs.
A CIDR address includes the standard 32-bit IP address and also information on how many
bits are used for the network prefix. For example, in the CIDR address 206.13.01.48/25, the
"/25" indicates the first 25 bits are used to identify the unique network leaving the remaining
bits to identify the specific host.
The CIDR addressing scheme also enables "route aggregation" in which a single high-level
route entry can represent many lower-level routes in the global routing tables.
The scheme is similar to the telephone network where the network is setup in a hierarchical
structure. A high level, backbone network node only looks at the area code information and
then routes the call to the specific backbone node responsible for that area code. The receiving
node then looks at the phone number prefix and routes the call to its subtending network node
responsible for that prefix and so on. The backbone network nodes only need routing table
entries for area codes, each representing huge blocks of individual telephone numbers, not for
every unique telephone number.
Currently, big blocks of addresses are assigned to the large Internet Service Providers (ISPs)
who then re-allocate portions of their address blocks to their customers. For example, Pacific
Bell Internet has been assigned a CIDR address block with a prefix of /15 (equivalent to 512
Class C addresses or 131,072 host addresses) and typically assigns its customers CIDR
addresses with prefixes ranging from /27 to /19. These customers, who may be smaller ISPs
themselves, in turn re-allocate portions of their address block to their users and/or customers.
However, in the global routing tables all these different networks and hosts can be represented
by the single Pacific Bell Internet route entry. In this way, the growth in the number of routing
table entries at each level in the network hierarchy has been significantly reduced. Currently,
the global routing tables have approximately 35,000 entries.
User Impacts
The Internet is currently a mixture of both "CIDR-ized" addresses and old Class A, B and C
addresses. Almost all new routers support CIDR and the Internet authorities strongly
encourage all users to implement the CIDR addressing scheme. (We recommend that any new
router you purchase should support CIDR).
20
The conversion to the CIDR addressing scheme and route aggregation has two major user
impacts:
Even with the introduction of CIDR, the Internet is growing so fast that address assignments
must continue to be treated as a scarce resource. As such, customers will be required to
document, in detail, their projected needs. Users may be required from time to time to
document their internal address assignments, particularly when requesting additional
addresses. The current Internet guideline is to assign addresses based on an organization's
projected three month requirement with additional addresses assigned as needed.
In the past, you would get a Class A, B or C address assignments directly from the appropriate
Internet Registry (i.e., the InterNIC). Under this scenario, you "owned" the address and could
take it with you even if you changed Internet Service Providers (ISPs). With the introduction
of CIDR address assignments and route aggregation, with a few exceptions, the recommended
source for address assignments is your ISP. Under this scenario, you are only "renting" the
address and if you change ISPs it is strongly recommended that you get a new address from
your new ISP and re-number all of your network devices.
While this can be a time-consuming task, it is critical for your address to be aggregated into
your ISP's larger address block and routed under their network address. There are still
significant global routing table issues and the smaller your network is, the greater your risk of
being dropped from the global routing tables. In fact, networks smaller than 8,192 devices
will very likely be dropped. Neither the InterNIC nor other ISPs have control over an
individual ISP's decisions on how to manage their routing tables.
As an option to physically re-numbering each network device, some organizations are using
proxy servers to translate old network addresses to their new addresses. Users should be
cautioned to carefully consider all the potential impacts before using this type of solution.
As mentioned before, there are a few exceptions where an organization would not use an ISP
assigned address block.
21
Conclusion
The implementation of CIDR has been critical to the continued growth of the Internet,
allowing more organizations and users to take advantage of this increasingly vital global
networking and information resource.
IP Subnet Calculations
1. IP Addressing
At this point you should know that IP, the Internet Protocol, is a network layer (OSI layer 3)
protocol, used to route packets between hosts on different networks. To suit this purpose, IP
must define an addressing scheme, so that a packet's intended destination can be indicated.
An IP address is composed of 32 bits. These 32 bits are divided into 4 octets of 8 bits each.
You may have seen an IP address represented like this: 172.68.15.24. We must remember,
however, that the computer understands this number only in binary, so we must often deal
with them in binary. Many people are intimidated by this initially, but soon find that it is not
difficult. If you do not allow yourself to be flustered, you can master this topic.
IP addresses are assigned to orginazations in blocks. Each block belongs to one of three
classes: class A, class B, or class C. You can tell what class an IP address is by the value in its
first octet.
Class A 1-126
Class B 128-191
Class C 192 -->
An IP address consists of two fields. The first field identifies the network, and the second field
identifies the node on the network. Which bits of the address are in the network field and
which bits are in the host field is determined by the subnet mask.
When a class A IP license is granted, you are assigned something like this: 99.0.0.0. Only the
value of the bits in the first octet are assigned. This means you are free to assign any values
you wish in the second, third and fourth octets.
The defualt subnet mask for a class A network is 255.0.0.0. High bits, ones, indicate the bits
that are part of the network field of the IP address. The default subnet mask does not create
subnets. Therefor, a class A network with the default subnet mask is one network. The three
octets that are unassigned and unmasked are part of the host field of the address. There is a
total of 24 bits in those three octets. Each bit can be in one of two states. Therefor, 2^24 is the
number of host addresses that can be assigned on that network, almost. Two addresses are
reserved on every network, x.x.x.0 and x.x.x.255. So the total number of hosts possible on
this network is 2^24. 2^24-2=16,777,214 hosts for a class A IP network.
22
When a class B license is granted, the first two octets are assigned. For example, 172.198.x.x.
The default subnet mask for a class B is 255.255.0.0. One network, two octets free, 16 bits for
the host address field. 2^16-2=65,534 possible host addresses on a class B IP network.
When a class C license is granted, the first three octets are assigned, for example: 193.52.16.0.
The default subnet mask for a class C is 255.255.255.0. Once octet makes up the host address
field. 2^8-2=254 host addresses possible on a class C network.
We said that the default subnet mask for a class A IP network is 255.0.0.0. Once octet only of
a class A network address identifies the network, with this subnet mask. This leaves three
octets of 8 bits each, or 24 bits, to identify the host on that one network. 2^24=16,777,216
addresses. Two addresses are reserved, x.x.x.0 and x.x.x.255. 16,777,214 nodes can be
assigned an IP address on this network.
It is highly unlikely that any organization would want one network of 16,777,214 nodes. They
might want that many devices connected in a wide area network (WAN), thus capablee of
communicating when neccessary, but they will want to subdivide this huge network into
mostly self-contained subnetworks of nodes that communicate with each other often. This is
called subnetting.
To understand why, consider what would happen in either a broadcast or a token passing
network that consisted of over 16,000,000 nodes. Nothing would happen. It simply would not
work. Though the problem is not as drastic, class B and class C IP networks are often
subnetted, also.
The subnet mask is used to subdivide an IP network into subnets. This is a division that takes
place in OSI layer 3, so it is a logical division that is created by the addressing scheme. This
logical division is usually combined with a physical division. Many subnets are physically
isolated from the rest of the network by a device such as a router or a switch. This aspect of
subnetting is discussed in Unit 3--Data Link Layer.
The bits of an address that are masked by the subnet mask are the bits that make up the
network field of the address. To subnet, the default subnet mask for a network is extended to
cover bits of the address that would otherwise be part of the host field. Once these bits are
masked, they become part of the network field, and are used to identify subnets of the larger
network.
Here is where we begin dealing with both addresses and subnetmasks in binary. Get yourself a
cold beverage, stretch, take a deep breath and don't worry. Once you get your brain around the
concepts, it is not difficult. You just have to keep trying until the light goes on.
Both IP addresses and subnet masks are composed of 32 bits divided into 4 octets of 8 bits
each. Here is how a single octet translates from binary to decimal. Consider an octet of all
ones: 11111111.
23
128 64 32 16 8 4 2 1
--- -- -- -- - - - -
1 1 1 1 1 1 1 1
128 + 64 + 32 + 16 + 8 + 4 + 2 + 1 = 255
128 64 32 16 8 4 2 1
--- -- -- -- - - - -
1 0 1 1 1 0 0 1
128 + 0 + 32 +16 + 8 + 0 + 0 + 1 = 185
and 00000000
128 64 32 16 8 4 2 1
--- -- -- -- - - - -
0 0 0 0 0 0 0 0
0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 = 0
128 64 32 16 8 4 2 1
--- -- -- -- - - - -
1 0 1 0 1 1 1 1
128 + 0 + 32 + 0 + 8 + 4 + 2 + 1 = 175
175=10101111
The simpliest way to subnet is to take the octet in the subnet mask that covers the first
unassigned octet in the IP address block, and make all its bits high. Remember, a high bit, a 1,
in the subnet mask indicates that that corresponding bit in the IP address is part of the network
field. So, if you have a class B network 172.160.0.0, with the subnet mask 255.255.0.0, you
have one network with 65, 534 possible addresses. If you take that subnet mask and make all
the bits in the third octet high
128 64 32 16 8 4 2 1
--- -- -- -- - - - -
1 1 1 1 1 1 1 1
128 + 64 + 32 + 16 + 8 + 4 + 2 + 1 = 255
172.60. 0. 0
255.255.255.0
Now the third octet of all the addresses on this network are part of the network field instead of
the host field. That is one octet, or eight bits, that can be manipulated to create subnets. 2^8-
2=254 possible subnets now on this class B network.
One octet is left for the host field. 2^8-2=254 possible host addressed on each subnet.
24
That is the simplist way to subnet, but it may not be the most desirable. You might not want
254 subnets on your class B network. Instead, you might use a subnet mask like
255.255.224.0. How many subnets would this give you? The first step is to see how many bits
are allocated to the network by this mask.
128 64 32 16 8 4 2 1
--- -- -- -- - - - -
1 1 1 0 0 0 0 0
128 + 64 + 32 + 0 + 0 + 0 + 0 + 0 = 224
How many hosts on each subnet? Well, 5 bits from this octet are left for the host field, and 8
bits in the fourth octet, for a total of 13 bits in the host field. 2^13-2=8190 possible hosts on
each subnet.
The subnet mask is always extended by masking off the next bit in the address, from left to
right. Thus, the last octet in the subnet mask will always be one of these: 128, 192, 224, 240,
248, 252, 254 or 255.
Given the IP address of a host and the subnet address for the network, you need to be able to
calculate which subnet that host is on. To do this we compare the binary representation of the
pertinent octet of the subnet mask witht he binary representation of the corresponding octet in
the IP address. Example:
IP address=172.60.50.2
subnet mask=255.255.224.0
50= 00110010
224=11100000
We perform a logical on these two numbers. We will be left with only the bits where there is a
one in both octets.
00110010
11100000
--------
00100000=32
We also need to be able to find the range of assignable IP addresses on this subnet. To do this,
we take the binary that tells us the subnet address, in this case 00100000, and compare it with
the subnet mask.
00100000
11100000
The bits convered by the mask we will leave as they are. The rest of the bits we make high. So
00100000
25
11100000
--------
0011111=63
On every network and subnet, two addresses are reserved. At the low end of the range of
addresses for the network or subnet, in this case 172.60.64.0, is the address for the network or
subnet itself. The address at the high end of the range of addresses, in this case 172.60.95.255,
is the broadcast address. Any message sent to the broadcast address will be received by every
host on the network.
4. Sample Problem
Here is a sample problem for you to calculate. When you are done, you can check your
answers using an online subnet calcualtor at Tactix Engineering.
IP address: 154.16.52.16
subnet mask: 255.255.240.0
Find:
Number of subnets possible on this network:
Number of hosts possible on each subnet:
Which subnet this address is on:
Range of addresses on that subnet:
What is CIDR?
CIDR stands for Classless Inter-Domain Routing. CIDR was developed in the 1990s as a
standard scheme for routing IP addresses.
Before CIDR, Internet routers managed IP traffic based solely on the class of IP
addresses and their associated subnet masks. This scheme utilized IP address space
inefficiently as explained earlier. CIDR allows a more flexible way to associate groups of
IP addresses without relying on the original class system. CIDR is also known as
supernetting.
CIDR Notation
CIDR specifies an IP address range by the combination of an IP address and its
associated network mask. CIDR notation uses the following format -
xxx.xxx.xxx.xxx/n
where n is the number of (leftmost) '1' bits in the mask. For example,
192.168.12.0/23
applies the network mask 255.255.254.0 to the 192.168 network, starting at
192.168.12.0. This notation represents the address range 192.168.12.0 -
192.168.13.255. Compared to traditional class-based networking, 192.168.12.0/23
26
CIDR supports Internet address allocation and message routing independent of the
traditional class of a given IP address range. For example,
10.4.12.0/22
represents the address range 10.4.12.0 - 10.4.15.255 by employing the network mask
255.255.252.0. This effectively represents an apportioning of four Class C networks
within the much larger Class A space.
Routers on the Internet backbone (WAN network between ISPs) all generally support
CIDR. Backbone support of CIDR is essential to achieve conservation of IP address space.
Private networks and small public LANs have much less need to conserve addresses,
however, and therefore may not utilize CIDR.
For aggregation to work, the subnets involved must be contiguous (numerically adjacent)
in the address space. CIDR cannot, for example, aggregate 192.168.12.0 and
192.168.15.0 into a single route unless the intermediate .13 and .14 address ranges are
included. The 192.168.12.0/24 route does exactly this.
IPv6 utilizes CIDR routing technology and CIDR notation in the same way as IPv4. IPv6 is
designed for fully classless addressing.