An introduction to IP addresses: Part 1

by Kurt Keller

IP addresses (part 1) - on the internet you're only a number

If you have a connection to the internet and set it up yourself, you have at least once handled a
number like 192.168.43.4. And every time you connect to the internet your computer becomes a
number just like that one.

These numbers, consisting of four octets (or four bytes, a term which most people are more
familiar with) are called IP numbers. (And if you're curious what IP stands for, it means Internet
Protocol.) IP numbers are used all over the internet, without them the internet would not work.
Even though they are all over the place, you rarely see them. One place you can find such a
number for sure is the DNS server entry in your TCP/IP setup. If you don't have a number in
there, then you're either using DHCP (Dynamic Host Configuration Protocol) to configure all
these settings dynamically, you use IP numbers exclusively, or you ought to enlighten me on
how you can connect to the internet without IP numbers.

DNS

An IP number, usually called IP address, is the address under which a specific machine on a
TCP/IP network is known, similar to a phone number. Every machine has its own address,
sometimes even more than one. Also your computer gets assigned such an address when you
connect to your provider. The provider will assign you an address out of their pool temporarily
and dynamically, unless you have a contract which guarantees you fixed IP addresses.

Humans, being somewhat different from computers, have quite some difficulty remembering lots
of similar numbers. Working with names is much easier for us and less prone to errors. That's
why you rarely see the bare numbers on the internet. Programs and computers are kind enough to
translate names to numbers and back, so we can conveniently work with what we can remember.
This translation is done by the Domain Name System, in short: DNS. So the DNS server you
specify in your TCP/IP setup is the machine doing this translation for you. If you send off a
request to connect to a certain website, let's say www.tokyopc.bbs.net, you first send a request to
the DNS server to lookup and translate www.tokyopc.bbs.net into the correct IP address for you.
With this IP address you then make the actual connection to the website.

People were already using names instead of IP addresses before DNS came into existence in
1984. At that time, they had all the known machines entered in a text file, the so called 'hosts'
file. This file has survived till today, even though it has not the same importance any more.
Working with the hosts file only is possible only for a manageable number of connected
machines. In the early days of the internet this was no problem. There was one master hosts file
which everyone would retrieve regularly and copy to their local machines. Whenever a host was
connected newly to the internet or a host was taken off the net, a change in the master hosts file
was necessary and all the other hosts only knew about the change after they retrieved the new
master hosts file. With the internet growing rapidly, this way of managing name to IP resolution
became unmanageable; on one hand because of the sheer number of machines to manage and the
speed with which hosts were added, changed or removed, on the other hand because of the
enormous bandwidth consumed by everyone copying the ever bigger master hosts file to their
local machines.

DNS, which was invented because of the aforementioned problems, is a sort of distributed
database system and does some more things than simply translating names into addresses and
vice versa, but going into details would be a topic of its own.

IP classes

If you happen to know the IP address of your provider's DNS server, the mailserver, the news
server and possibly some other machines, you will realize that very often the first three octets of
their IP addresses are the same, for example 192.168.43.4 for the DNS server, 192.168.43.5 for
the mail server, 192.168.43.7 for the news server and 192.168.43.25 for the secondary DNS
server. This is not just by chance. Instead of giving out one IP address by one, there are classes
which are assigned to organizations. A, B, and C classes are the most known ones, with the C-
class the most common one. There are only 127 A-class ranges, or networks, but each of them
has 16,777,214 addresses for hosts. There are 16,384 possible B-class networks with 65,534
addresses for hosts each and 2,097,152 C-class networks with 254 possible host addresses each.

Let's put it a little easier for the eye:

class networks hosts first octet

A 127 16'777'214 001 - 127

B 16'384 65'534 128 - 191

C 2'097'152 254 192 - 223

(The address range from 224.0.0.0 up is reserved for the special purpose classes D and E, which
we will ignore here.)

Now you probably also understand why C-class addresses are the most common ones. First of all
there are lots of them, and unless you are an institution with a couple of hundred thousand
employees, you'll hardly be able to justify an A-class IP address.

Looking at the numbers above, there must be some scheme to calculate the number of networks
and hosts per class and there must be some difference for each class. Indeed, there is. Each IP
address consists of four octets or bytes separated by dots, such as 192.168.43.4. And in each
address, there is a "class identifier," a "network part" and a "host part" encoded. For a C-class
address, the host part is 1 byte long, for a B-class address it is 2 bytes and for an A-class address
it is 3 bytes. The class identifier for class A is 1 bit, for class B 2 bits and for class C 3 bits. A
little more graphically, it looks like this:
byte 1 byte 2 byte 3 byte 4

........ ........ ........ ........

0/////// -------- -------- -------- class A

10////// //////// -------- -------- class B

110///// //////// //////// -------- class C

1 0 actual values of the bits

/ bit used for network part

- bit used for host part

As you can see, a program can determine what class an IP address belongs to by checking at
which place the first bit with a value of 0 is. And according to this information it then knows
how many bits it should take for the network part of an address and how many bits for the host
part. If we decode the address 192.168.43.4 we'll find that it is a C-class IP address; 192.168.43
is the network part and 4 is the host part, so this is host 4 in the network 192.168.43.

192 168 43 4

11000000 10101000 00101011 00000100

<-> class identifier

<------------------------> network part

<------> host part

I know you're already burning to know why a C-class only has 254 host addresses available, and
not the full 256. If you calculated the number of hosts for the B- and A-classes too, you'll have
realized that they are also smaller by two hosts from the theoretical maximum. The answer is that
the lowest address, the one with all bits in the host part set to 0 is used to address the network
itself, and the highest address, having all bits of the host part set to 1, is used as broadcast
address, meaning all hosts in this net.

Everything clear? Ok then, we'll continue in the next issue with subnets.

© Algorithmica Japonica Copyright Notice: Copyright of material rests with the individual author. Articles
may be reprinted by other user groups if the author and original publication are credited. Any other
reproduction or use of material herein is prohibited without prior written permission from TPC. The
mention of names of products without indication of Trademark or Registered Trademark status in no way
implies that these products are not so protected by law.

An Introduction to IP Addresses: Part 2

by Kurt Keller

IP addresses (part 2) - one size does not fit all

Last time you got a brief explanation of what IP numbers are: the addresses for the hosts on a
TCP/IP network like the internet. DNS (Domain Name System) is the hard-working guy looking
up all the hostnames we throw at him and translating them to IP numbers. And finally you saw
how the classes of IP addresses are built. You probably remember that the IP address range
192.0.0.0 - 223.255.255.255 is the C-class range, with 254 possible hosts per class and a total of
2,097,152 C-classes.

Subnets

What do you do if you own a C-class, but have five departments with 10 to 20 hosts each and
need to have separate networks for each department? Do you need five C-classes? Luckily not. If
that were necessary, we would long have run out of available C-classes (they are already very
sparse now). You can manage your network with a single C-class, using subnets. A subnet is a
way of artificially making the network part of your IP address longer. And this can be done
without telling everyone outside of your organization.

For subnetting, we need a so-called subnet mask. For a standard C-class IP address, the subnet
mask is 255.255.255.0. The bits set to 1 (the first 24 bits in this case) represent the bits used for
the network part and the bits set to 0 represent the part used for the host part:

192 168 43 4 IP address

11000000 10101000 00101011 00000100

255 255 255 0 netmask

11111111 11111111 11111111 00000000

<------------------------> network part

<------> host part

All the 1s in the netmask tell us that we take these bit positions of the IP address for the
calculation of the network part; all the 0's mask bits used for the host part. With this
255.255.255.0 netmask, we have the standard 254 hosts and one single network in our C-class. If
we want to implement subnets, we need to extend the network part and, at the same time,
decrease the host part. Extending the network part by 3 bits, we get a subnet mask of
255.255.255.224:

192 168 43 4 IP address

11000000 10101000 00101011 00000100

255 255 255 224 netmask

11111111 11111111 11111111 11100000

<----------------------------> network part

<---> host part

Now we have 27 bits for the network and only 5 bits for the host part, thus in our 192.168.43 C-
class, we can have 8 subnets with 30 hosts each. This extension is known to the machines on
your own network only, any hosts outside of your organization do not know about it, nor do they
need to know.

With the host part you already know that the all 0s and all 1s are special addresses and thus only
two less than the theoretical maximum of hosts per subnet are usable. With older software, the
same rule applies to subnets; the subnet number with all 0s in the additional bits and the subnet
number with all 1's can not be used. The network address of the subnet with all 0s is the same as
the standard network address of the whole class, and the broadcast address of the subnet with all
1s is the same as the standard broadcast address of the whole class. This restriction is obsolete by
now, but you may still encounter software which can not use these two border subnets.

For clarity let's quickly list the infos of our created subnets:

with a standard C-class netmask of 255.255.255.0:

net hosts broadcast

192.168.43.000 192.168.43.001 - 192.168.43.254 192.168.43.255

with a custom netmask of 255.255.255.224:

net hosts broadcast

!192.168.43.000! 192.168.43.001 - 192.168.43.030 192.168.43.031

192.168.43.032 192.168.43.033 - 192.168.43.062 192.168.43.063

192.168.43.064 192.168.43.065 - 192.168.43.094 192.168.43.095

192.168.43.096 192.168.43.097 - 192.168.43.126 192.168.43.127

192.168.43.128 192.168.43.129 - 192.168.43.158 192.168.43.159

192.168.43.160 192.168.43.161 - 192.168.43.190 192.168.43.191

192.168.43.192 192.168.43.193 - 192.168.43.222 192.168.43.223

192.168.43.224 192.168.43.225 - 192.168.43.254 !192.168.43.255!

Using subnetting, the number of addressable hosts decreases, because you have multiple network
and broadcast addresses, but for many purposes it is well worth implementing subnets.

Just two more remarks:

Network bits for subnets do not need to be consecutive, you could well use 255.255.255.130
(11111111.11111111.11111111.10000010) but it does no good, unless you want to make things
much more complicated than they already are. You gain nothing with such non-standard subnet
masks; the number of usable nets and the number of usable hosts is exactly the same as with
subnet masks using consecutive bits.

Here we only looked at subnets with fixed length subnet masks, that means the same subnet
mask is used over the whole network. It is, however, possible to use different subnet masks for
different parts of your network (called "variable length subnet masks"), which means that you
can splice and dice your assigned network into subnets to exactly meet your needs. However,
older software and routing protocols may not understand variable length subnet masks.

Well, this is enough heavy stuff for today. Give it some time to settle before going on with
something about routing and CIDR in the next issue.

© Algorithmica Japonica Copyright Notice: Copyright of material rests with the individual author. Articles
may be reprinted by other user groups if the author and original publication are credited. Any other
reproduction or use of material herein is prohibited without prior written permission from TPC. The
mention of names of products without indication of Trademark or Registered Trademark status in no way
implies that these products are not so protected by law.

Introduction to TCP/IP

Summary: TCP and IP were developed by a Department of Defense (DOD) research project to
connect a number different networks designed by different vendors into a network of networks
(the "Internet"). It was initially successful because it delivered a few basic services that everyone
needs (file transfer, electronic mail, remote logon) across a very large number of client and
server systems. Several computers in a small department can use TCP/IP (along with other
protocols) on a single LAN. The IP component provides routing from the department to the
enterprise network, then to regional networks, and finally to the global Internet. On the
battlefield a communications network will sustain damage, so the DOD designed TCP/IP to be
robust and automatically recover from any node or phone line failure. This design allows the
construction of very large networks with less central management. However, because of the
automatic recovery, network problems can go undiagnosed and uncorrected for long periods of
time.

As with all other communications protocol, TCP/IP is composed of layers:

 IP - is responsible for moving packet of data from node to node. IP forwards each packet based
on a four byte destination address (the IP number). The Internet authorities assign ranges of
numbers to different organizations. The organizations assign groups of their numbers to
departments. IP operates on gateway machines that move data from department to
organization to region and then around the world.
 TCP - is responsible for verifying the correct delivery of data from client to server. Data can be
lost in the intermediate network. TCP adds support to detect errors or lost data and to trigger
retransmission until the data is correctly and completely received.
 Sockets - is a name given to the package of subroutines that provide access to TCP/IP on most
systems.

Network of Lowest Bidders

The Army puts out a bid on a computer and DEC wins the bid. The Air Force puts out a bid and
IBM wins. The Navy bid is won by Unisys. Then the President decides to invade Grenada and
the armed forces discover that their computers cannot talk to each other. The DOD must build a
"network" out of systems each of which, by law, was delivered by the lowest bidder on a single
contract.

The Internet Protocol was developed to create a Network of Networks (the "Internet"). Individual
machines are first connected to a LAN (Ethernet or Token Ring). TCP/IP shares the LAN with
other uses (a Novell file server, Windows for Workgroups peer systems). One device provides
the TCP/IP connection between the LAN and the rest of the world.
To insure that all types of systems from all vendors can communicate, TCP/IP is absolutely
standardized on the LAN. However, larger networks based on long distances and phone lines are
more volatile. In the US, many large corporations would wish to reuse large internal networks
based on IBM's SNA. In Europe, the national phone companies traditionally standardize on
X.25. However, the sudden explosion of high speed microprocessors, fiber optics, and digital
phone systems has created a burst of new options: ISDN, frame relay, FDDI, Asynchronous
Transfer Mode (ATM). New technologies arise and become obsolete within a few years. With
cable TV and phone companies competing to build the National Information Superhighway, no
single standard can govern citywide, nationwide, or worldwide communications.

The original design of TCP/IP as a Network of Networks fits nicely within the current
technological uncertainty. TCP/IP data can be sent across a LAN, or it can be carried within an
internal corporate SNA network, or it can piggyback on the cable TV service. Furthermore,
machines connected to any of these networks can communicate to any other network through
gateways supplied by the network vendor.

Addresses

Each technology has its own convention for transmitting messages between two machines within
the same network. On a LAN, messages are sent between machines by supplying the six byte
unique identifier (the "MAC" address). In an SNA network, every machine has Logical Units
with their own network address. DECNET, Appletalk, and Novell IPX all have a scheme for
assigning numbers to each local network and to each workstation attached to the network.

On top of these local or vendor specific network addresses, TCP/IP assigns a unique number to
every workstation in the world. This "IP number" is a four byte value that, by convention, is
expressed by converting each byte into a decimal number (0 to 255) and separating the bytes
with a period. For example, the PC Lube and Tune server is 130.132.59.234.

An organization begins by sending electronic mail to [email protected] requesting

assignment of a network number. It is still possible for almost anyone to get assignment of a
number for a small "Class C" network in which the first three bytes identify the network and the
last byte identifies the individual computer. The author followed this procedure and was assigned
the numbers 192.35.91.* for a network of computers at his house. Larger organizations can get a
"Class B" network where the first two bytes identify the network and the last two bytes identify
each of up to 64 thousand individual workstations. Yale's Class B network is 130.132, so all
computers with IP address 130.132.*.* are connected through Yale.

The organization then connects to the Internet through one of a dozen regional or specialized
network suppliers. The network vendor is given the subscriber network number and adds it to the
routing configuration in its own machines and those of the other major network suppliers.

There is no mathematical formula that translates the numbers 192.35.91 or 130.132 into "Yale
University" or "New Haven, CT." The machines that manage large regional networks or the
central Internet routers managed by the National Science Foundation can only locate these
networks by looking each network number up in a table. There are potentially thousands of Class
B networks, and millions of Class C networks, but computer memory costs are low, so the tables
are reasonable. Customers that connect to the Internet, even customers as large as IBM, do not
need to maintain any information on other networks. They send all external data to the regional
carrier to which they subscribe, and the regional carrier maintains the tables and does the
appropriate routing.

New Haven is in a border state, split 50-50 between the Yankees and the Red Sox. In this spirit,
Yale recently switched its connection from the Middle Atlantic regional network to the New
England carrier. When the switch occurred, tables in the other regional areas and in the national
spine had to be updated, so that traffic for 130.132 was routed through Boston instead of New
Jersey. The large network carriers handle the paperwork and can perform such a switch given
sufficient notice. During a conversion period, the university was connected to both networks so
that messages could arrive through either path.

Subnets

Although the individual subscribers do not need to tabulate network numbers or provide explicit
routing, it is convenient for most Class B networks to be internally managed as a much smaller
and simpler version of the larger network organizations. It is common to subdivide the two bytes
available for internal assignment into a one byte department number and a one byte workstation
ID.

The enterprise network is built using commercially available TCP/IP router boxes. Each router
has small tables with 255 entries to translate the one byte department number into selection of a
destination Ethernet connected to one of the routers. Messages to the PC Lube and Tune server
(130.132.59.234) are sent through the national and New England regional networks based on the
130.132 part of the number. Arriving at Yale, the 59 department ID selects an Ethernet connector
in the C& IS building. The 234 selects a particular workstation on that LAN. The Yale network
must be updated as new Ethernets and departments are added, but it is not effected by changes
outside the university or the movement of machines within the department.
A Uncertain Path

Every time a message arrives at an IP router, it makes an individual decision about where to send
it next. There is concept of a session with a preselected path for all traffic. Consider a company
with facilities in New York, Los Angeles, Chicago and Atlanta. It could build a network from
four phone lines forming a loop (NY to Chicago to LA to Atlanta to NY). A message arriving at
the NY router could go to LA via either Chicago or Atlanta. The reply could come back the other
way.

How does the router make a decision between routes? There is no correct answer. Traffic could
be routed by the "clockwise" algorithm (go NY to Atlanta, LA to Chicago). The routers could
alternate, sending one message to Atlanta and the next to Chicago. More sophisticated routing
measures traffic patterns and sends data through the least busy link.

If one phone line in this network breaks down, traffic can still reach its destination through a
roundabout path. After losing the NY to Chicago line, data can be sent NY to Atlanta to LA to
Chicago. This provides continued service though with degraded performance. This kind of
recovery is the primary design feature of IP. The loss of the line is immediately detected by the
routers in NY and Chicago, but somehow this information must be sent to the other nodes.
Otherwise, LA could continue to send NY messages through Chicago, where they arrive at a
"dead end." Each network adopts some Router Protocol which periodically updates the routing
tables throughout the network with information about changes in route status.

If the size of the network grows, then the complexity of the routing updates will increase as will
the cost of transmitting them. Building a single network that covers the entire US would be
unreasonably complicated. Fortunately, the Internet is designed as a Network of Networks. This
means that loops and redundancy are built into each regional carrier. The regional network
handles its own problems and reroutes messages internally. Its Router Protocol updates the tables
in its own routers, but no routing updates need to propagate from a regional carrier to the NSF
spine or to the other regions (unless, of course, a subscriber switches permanently from one
region to another).

Undiagnosed Problems

IBM designs its SNA networks to be centrally managed. If any error occurs, it is reported to the
network authorities. By design, any error is a problem that should be corrected or repaired. IP
networks, however, were designed to be robust. In battlefield conditions, the loss of a node or
line is a normal circumstance. Casualties can be sorted out later on, but the network must stay up.
So IP networks are robust. They automatically (and silently) reconfigure themselves when
something goes wrong. If there is enough redundancy built into the system, then communication
is maintained.

In 1975 when SNA was designed, such redundancy would be prohibitively expensive, or it might
have been argued that only the Defense Department could afford it. Today, however, simple
routers cost no more than a PC. However, the TCP/IP design that, "Errors are normal and can be
largely ignored," produces problems of its own.
Data traffic is frequently organized around "hubs," much like airline traffic. One could imagine
an IP router in Atlanta routing messages for smaller cities throughout the Southeast. The problem
is that data arrives without a reservation. Airline companies experience the problem around
major events, like the Super Bowl. Just before the game, everyone wants to fly into the city.
After the game, everyone wants to fly out. Imbalance occurs on the network when something
new gets advertised. Adam Curry announced the server at "mtv.com" and his regional carrier
was swamped with traffic the next day. The problem is that messages come in from the entire
world over high speed lines, but they go out to mtv.com over what was then a slow speed phone
line.

Occasionally a snow storm cancels flights and airports fill up with stranded passengers. Many go
off to hotels in town. When data arrives at a congested router, there is no place to send the
overflow. Excess packets are simply discarded. It becomes the responsibility of the sender to
retry the data a few seconds later and to persist until it finally gets through. This recovery is
provided by the TCP component of the Internet protocol.

TCP was designed to recover from node or line failures where the network propagates routing
table changes to all router nodes. Since the update takes some time, TCP is slow to initiate
recovery. The TCP algorithms are not tuned to optimally handle packet loss due to traffic
congestion. Instead, the traditional Internet response to traffic problems has been to increase the
speed of lines and equipment in order to say ahead of growth in demand.

TCP treats the data as a stream of bytes. It logically assigns a sequence number to each byte. The
TCP packet has a header that says, in effect, "This packet starts with byte 379642 and contains
200 bytes of data." The receiver can detect missing or incorrectly sequenced packets. TCP
acknowledges data that has been received and retransmits data that has been lost. The TCP
design means that error recovery is done end-to-end between the Client and Server machine.
There is no formal standard for tracking problems in the middle of the network, though each
network has adopted some ad hoc tools.

Need to Know

There are three levels of TCP/IP knowledge. Those who administer a regional or national
network must design a system of long distance phone lines, dedicated routing devices, and very
large configuration files. They must know the IP numbers and physical locations of thousands of
subscriber networks. They must also have a formal network monitor strategy to detect problems
and respond quickly.

Each large company or university that subscribes to the Internet must have an intermediate level
of network organization and expertise. A half dozen routers might be configured to connect
several dozen departmental LANs in several buildings. All traffic outside the organization would
typically be routed to a single connection to a regional network provider.

However, the end user can install TCP/IP on a personal computer without any knowledge of
either the corporate or regional network. Three pieces of information are required:
 1. The IP address assigned to this personal computer
2. The part of the IP address (the subnet mask) that distinguishes other machines on the same LAN
(messages can be sent to them directly) from machines in other departments or elsewhere in
the world (which are sent to a router machine)
3. The IP address of the router machine that connects this LAN to the rest of the world.

In the case of the PCLT server, the IP address is 130.132.59.234. Since the first three bytes
designate this department, a "subnet mask" is defined as 255.255.255.0 (255 is the largest byte
value and represents the number with all bits turned on). It is a Yale convention (which we
recommend to everyone) that the router for each department have station number 1 within the
department network. Thus the PCLT router is 130.132.59.1. Thus the PCLT server is configured
with the values:

 My IP address: 130.132.59.234
 Subnet mask: 255.255.255.0
 Default router: 130.132.59.1

The subnet mask tells the server that any other machine with an IP address beginning
130.132.59.* is on the same department LAN, so messages are sent to it directly. Any IP address
beginning with a different value is accessed indirectly by sending the message through the router
at 130.132.59.1 (which is on the departmental LAN).

Additional information is available in self-study courses from SRA (1-800-SRA-1277)

Introduction

Previous Next

This talk will cover the basics of IP addressing and subnetting.

Topics covered will include:

 What is an IP Address?
 What are Classes?
 What is a Network Address?
 What are Subnet Masks and Subnet Addresses?
 How are Subnet Masks defined and used?
 How can all this be applied?
 What is CIDR?
 How can I get more information?

Note:
This tutorial is designed to be viewed on line. I
have received numerous requests to have a text-
only or single-page printable version of the
Tutorial. No such document exists. If you need a
hard copy of this Tutorial, you can print each page
in turn with your browser's print function. I hope
this is sufficient for most people.

IP Addressing
An IP (Internet Protocol) address is a unique identifier for a node or host connection on an IP network.
An IP address is a 32 bit binary number usually represented as 4 decimal values, each representing 8
bits, in the range 0 to 255 (known as octets) separated by decimal points. This is known as "dotted
decimal" notation.

Example: 140.179.220.200

It is sometimes useful to view the values in their binary form.

140 .179 .220 .200

10001100.10110011.11011100.11001000

Every IP address consists of two parts, one identifying the network and one identifying the node.
The Class of the address and the subnet mask determine which part belongs to the network
address and which part belongs to the node address.

Address Classes
There are 5 different address classes. You can determine which class any IP address is in by examining
the first 4 bits of the IP address.

 Class A addresses begin with 0xxx, or 1 to 126 decimal.

 Class B addresses begin with 10xx, or 128 to 191 decimal.
 Class C addresses begin with 110x, or 192 to 223 decimal.
 Class D addresses begin with 1110, or 224 to 239 decimal.
 Class E addresses begin with 1111, or 240 to 254 decimal.

Addresses beginning with 01111111, or 127 decimal, are reserved for loopback and for internal
testing on a local machine; [You can test this: you should always be able to ping 127.0.0.1,
which points to yourself] Class D addresses are reserved for multicasting; Class E addresses are
reserved for future use. They should not be used for host addresses.

Now we can see how the Class determines, by default, which part of the IP address belongs to
the network (N, in blue) and which part belongs to the node (n, in red).

 Class A -- NNNNNNNN.nnnnnnnn.nnnnnnnn.nnnnnnnn
  Class B -- NNNNNNNN.NNNNNNNN.nnnnnnnn.nnnnnnnn
 Class C -- NNNNNNNN.NNNNNNNN.NNNNNNNN.nnnnnnnn

In the example, 140.179.220.200 is a Class B address so by default the Network part of the
address (also known as the Network Address) is defined by the first two octets (140.179.x.x) and
the node part is defined by the last 2 octets (x.x.220.200).

In order to specify the network address for a given IP address, the node section is set to all "0"s.
In our example, 140.179.0.0 specifies the network address for 140.179.220.200. When the node
section is set to all "1"s, it specifies a broadcast that is sent to all hosts on the network.
140.179.255.255 specifies the example broadcast address. Note that this is true regardless of the
length of the node section.

Private Subnets
There are three IP network addresses reserved for private networks. The addresses are 10.0.0.0, Subnet
Mask 255.0.0.0, 172.16.0.0, Subnet Mask 255.240.0.0, and 192.168.0.0, Subnet Mask 255.255.0.0.
These addresses are also notated 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16; this notation will be
explained later in this tutorial. They can be used by anyone setting up internal IP networks, such as a lab
or home LAN behind a NAT or proxy server or a router. It is always safe to use these because routers on
the Internet by default will never forward packets coming from these addresses. These addresses are
defined in RFC 1918.

Subnetting

Subnetting an IP Network can be done for a variety of reasons, including organization, use of different
physical media (such as Ethernet, FDDI, WAN, etc.), preservation of address space, and security. The
most common reason is to control network traffic. In an Ethernet network, all nodes on a segment see
all the packets transmitted by all the other nodes on that segment. Performance can be adversely
affected under heavy traffic loads, due to collisions and the resulting retransmissions. A router is used to
connect IP networks to minimize the amount of traffic each segment must receive.

Subnet Masking

Applying a subnet mask to an IP address allows you to identify the network and node parts of the
address. The network bits are represented by the 1s in the mask, and the node bits are represented
by the 0s. Performing a bitwise logical AND operation between the IP address and the subnet
mask results in the Network Address or Number.
For example, using our test IP address and the default Class B subnet mask, we get:

10001100.10110011.11110000.11001000 140.179.240.200 Class B IP Address

11111111.11111111.00000000.00000000 255.255.000.000 Default Class B
Subnet Mask
--------------------------------------------------------
10001100.10110011.00000000.00000000 140.179.000.000 Network Address

Default subnet masks:

  Class A - 255.0.0.0 - 11111111.00000000.00000000.00000000
 Class B - 255.255.0.0 - 11111111.11111111.00000000.00000000
 Class C - 255.255.255.0 - 11111111.11111111.11111111.00000000

More Restrictive Subnet Masks

Additional bits can be added to the default subnet mask for a given Class to further subnet, or
break down, a network. When a bitwise logical AND operation is performed between the subnet
mask and IP address, the result defines the Subnet Address (also called the Network Address or
Network Number). There are some restrictions on the subnet address. Node addresses of all "0"s
and all "1"s are reserved for specifying the local network (when a host does not know its network
address) and all hosts on the network (broadcast address), respectively. This also applies to
subnets. A subnet address cannot be all "0"s or all "1"s. This also implies that a 1 bit subnet mask
is not allowed. This restriction is required because older standards enforced this restriction.
Recent standards that allow use of these subnets have superseded these standards, but many
"legacy" devices do not support the newer standards. If you are operating in a controlled
environment, such as a lab, you can safely use these restricted subnets.

To calculate the number of subnets or nodes, use the formula (2n-2) where n = number of bits in
either field, and 2n represents 2 raised to the nth power. Multiplying the number of subnets by the
number of nodes available per subnet gives you the total number of nodes available for your
class and subnet mask. Also, note that although subnet masks with non-contiguous mask bits are
allowed, they are not recommended.

Example:

10001100.10110011.11011100.11001000 140.179.220.200 IP Address

11111111.11111111.11100000.00000000 255.255.224.000 Subnet Mask
--------------------------------------------------------
10001100.10110011.11000000.00000000 140.179.192.000 Subnet Address
10001100.10110011.11011111.11111111 140.179.223.255 Broadcast Address

In this example a 3 bit subnet mask was used. There are 6 (23-2) subnets available with this size
mask (remember that subnets with all 0's and all 1's are not allowed). Each subnet has 8190 (213-
2) nodes. Each subnet can have nodes assigned to any address between the Subnet address and
the Broadcast address. This gives a total of 49,140 nodes for the entire class B address subnetted
this way. Notice that this is less than the 65,534 nodes an unsubnetted class B address would
have.

You can calculate the Subnet Address by performing a bitwise logical AND operation between
the IP address and the subnet mask, then setting all the host bits to 0s. Similarly, you can
calculate the Broadcast Address for a subnet by performing the same logical AND between the
IP address and the subnet mask, then setting all the host bits to 1s. That is how these numbers are
derived in the example above.

Subnetting always reduces the number of possible nodes for a given network. There are complete
subnet tables available here for Class A, Class B and Class C. These tables list all the possible
subnet masks for each class, along with calculations of the number of networks, nodes and total
hosts for each subnet.

An Example

Here is another, more detailed, example. Say you are assigned a Class C network number of
200.133.175.0 (apologies to anyone who may actually own this domain address). You want to
utilize this network across multiple small groups within an organization. You can do this by
subnetting that network with a subnet address.

We will break this network into 14 subnets of 14 nodes each. This will limit us to 196 nodes on
the network instead of the 254 we would have without subnetting, but gives us the advantages of
traffic isolation and security. To accomplish this, we need to use a subnet mask 4 bits long.
Recall that the default Class C subnet mask is

255.255.255.0 (11111111.11111111.11111111.00000000 binary)

Extending this by 4 bits yields a mask of
255.255.255.240 (11111111.11111111.11111111.11110000 binary)
This gives us 16 possible network numbers, 2 of which cannot be used:
Subnet bits Network Number Node Addresses Broadcast Address
0000 200.133.175.0 Reserved None
0001 200.133.175.16 .17 thru .30 200.133.175.31
0010 200.133.175.32 .33 thru .46 200.133.175.47
0011 200.133.175.48 .49 thru .62 200.133.175.63
0100 200.133.175.64 .65 thru .78 200.133.175.79
0101 200.133.175.80 .81 thru .94 200.133.175.95
0110 200.133.175.96 .97 thru .110 200.133.175.111
0111 200.133.175.112 .113 thru .126 200.133.175.127
1000 200.133.175.128 .129 thru .142 200.133.175.143
1001 200.133.175.144 .145 thru .158 200.133.175.159
1010 200.133.175.160 .161 thru .174 200.133.175.175
1011 200.133.175.176 .177 thru .190 200.133.175.191
1100 200.133.175.192 .193 thru .206 200.133.175.207
1101 200.133.175.208 .209 thru .222 200.133.175.223
1110 200.133.175.224 .225 thru .238 200.133.175.239
1111 200.133.175.240 Reserved None

CIDR -- Classless InterDomain Routing

Now that you understand "classful" IP Subnetting principals, you can forget them ;). The reason
is CIDR -- Classless InterDomain Routing. CIDR was invented several years ago to keep the
internet from running out of IP addresses. The "classful" system of allocating IP addresses can be
very wasteful; anyone who could reasonably show a need for more that 254 host addresses was
given a Class B address block of 65533 host addresses. Even more wasteful were companies and
organizations that were allocated Class A address blocks, which contain over 16 Million host
addresses! Only a tiny percentage of the allocated Class A and Class B address space has ever
been actually assigned to a host computer on the Internet.

People realized that addresses could be conserved if the class system was eliminated. By
accurately allocating only the amount of address space that was actually needed, the address
space crisis could be avoided for many years. This was first proposed in 1992 as a scheme called
Supernetting. Under supernetting, the classful subnet masks are extended so that a network
address and subnet mask could, for example, specify multiple Class C subnets with one address.
For example, If I needed about 1000 addresses, I could supernet 4 Class C networks together:

192.60.128.0 (11000000.00111100.10000000.00000000) Class C subnet address

192.60.129.0 (11000000.00111100.10000001.00000000) Class C subnet address
192.60.130.0 (11000000.00111100.10000010.00000000) Class C subnet address
192.60.131.0 (11000000.00111100.10000011.00000000) Class C subnet address
--------------------------------------------------------
192.60.128.0 (11000000.00111100.10000000.00000000) Supernetted Subnet
address
255.255.252.0 (11111111.11111111.11111100.00000000) Subnet Mask
192.60.131.255 (11000000.00111100.10000011.11111111) Broadcast address
In this example, the subnet 192.60.128.0 includes all the addresses from 192.60.128.0 to
192.60.131.255. As you can see in the binary representation of the subnet mask, the Network
portion of the address is 22 bits long, and the host portion is 10 bits long.

Under CIDR, the subnet mask notation is reduced to a simplified shorthand. Instead of spelling
out the bits of the subnet mask, it is simply listed as the number of 1s bits that start the mask. In
the above example, instead of writing the address and subnet mask as

192.60.128.0, Subnet Mask 255.255.252.0

the network address would be written simply as:
192.60.128.0/22
which indicates starting address of the network, and number of 1s bits (22) in the network
portion of the address. If you look at the subnet mask in binary
(11111111.11111111.11111100.00000000), you can easily see how this notation works.

The use of a CIDR notated address is the same as for a Classful address. Classful addresses can
easily be written in CIDR notation (Class A = /8, Class B = /16, and Class C = /24)

It is currently almost impossible for an individual or company to be allocated their own IP

address blocks. You will simply be told to get them from your ISP. The reason for this is the
ever-growing size of the internet routing table. Just 10 years ago, there were less than 5000
network routes in the entire Internet. Today, there are over 100,000. Using CIDR, the biggest
ISPs are allocated large chunks of address space (usually with a subnet mask of /19 or even
smaller); the ISP's customers (often other, smaller ISPs) are then allocated networks from the big
ISP's pool. That way, all the big ISP's customers (and their customers, and so on) are accessible
via 1 network route on the Internet. But I digress.

It is expected that CIDR will keep the Internet happily in IP addresses for the next few years at
least. After that, IPv6, with 128 bit addresses, will be needed. Under IPv6, even sloppy address
allocation would comfortably allow a billion unique IP addresses for every person on earth! The
complete and gory details of CIDR are documented in RFC1519, which was released in
September of 1993.

Allowed Class A Subnet and Host IP addresses

# bits Subnet Mask CIDR # Subnets # Hosts Nets * Hosts

2 255.192.0.0 /10 2 4194302 8388604
3 255.224.0.0 /11 6 2097150 12582900
4 255.240.0.0 /12 14 1048574 14680036
5 255.248.0.0 /13 30 524286 15728580
6 255.252.0.0 /14 62 262142 16252804
7 255.254.0.0 /15 126 131070 16514820
8 255.255.0.0 /16 254 65534 16645636
9 255.255.128.0 /17 510 32766 16710660
10 255.255.192.0 /18 1022 16382 16742404
11 255.255.224.0 /19 2046 8190 16756740
12 255.255.240.0 /20 4094 4094 16760836
13 255.255.248.0 /21 8190 2046 16756740
14 255.255.252.0 /22 16382 1022 16742404
15 255.255.254.0 /23 32766 510 16710660
16 255.255.255.0 /24 65534 254 16645636
17 255.255.255.128 /25 131070 126 16514820
18 255.255.255.192 /26 262142 62 16252804
19 255.255.255.224 /27 524286 30 15728580
20 255.255.255.240 /28 1048574 14 14680036
21 255.255.255.248 /29 2097150 6 12582900
22 255.255.255.252 /30 4194302 2 8388604

Allowed Class B Subnet and Host IP addresses

# bits Subnet Mask CIDR # Subnets # Hosts Nets * Hosts

2 255.255.192.0 /18 2 16382 32764
3 255.255.224.0 /19 6 8190 49140
4 255.255.240.0 /20 14 4094 57316

5 255.255.248.0 /21 30 2046 61380

6 255.255.252.0 /22 62 1022 63364
7 255.255.254.0 /23 126 510 64260
8 255.255.255.0 /24 254 254 64516
9 255.255.255.128 /25 510 126 64260
10 255.255.255.192 /26 1022 62 63364
11 255.255.255.224 /27 2046 30 61380
12 255.255.255.240 /28 4094 14 57316
13 255.255.255.248 /29 8190 6 49140
14 255.255.255.252 /30 16382 2 32764

Allowed Class C Subnet and Host IP addresses

# bits Subnet Mask CIDR # Subnets # Hosts Nets * Hosts

2 255.255.255.192 /26 2 62 124
3 255.255.255.224 /27 6 30 180
4 255.255.255.240 /28 14 14 196
5 255.255.255.248 /29 30 6 180
6 255.255.255.252 /30 62 2 124
Logical Operations

This page will provide a brief review and explanation of the common logical bitwise operations AND, OR,
XOR (Exclusive OR) and NOT. Logical operations are performed between two data bits (except for NOT).
Bits can be either "1" or "0", and these operations are essential to performing digital math operations.
In the "truth tables" below, the input bits are in bold, and the results are plain.

AND
The logical AND operation compares 2 bits and if they are both "1", then the result is "1", otherwise, the
result is "0".

0 1

0 0 0

1 0 1
OR
The logical OR operation compares 2 bits and if either or both bits are "1", then the result is "1",
otherwise, the result is "0".

0 1

0 0 1

1 1 1

XOR
The logical XOR (Exclusive OR) operation compares 2 bits and if exactly one of them is "1" (i.e., if they
are different values), then the result is "1"; otherwise (if the bits are the same), the result is "0".

0 1

0 0 1

1 1 0

NOT
The logical NOT operation simply changes the value of a single bit. If it is a "1", the result is "0"; if it is a
"0", the result is "1". Note that this operation is different in that instead of comparing two bits, it is
acting on a single bit.

0 1

1 0