Sub Netting
Sub Netting
in quad-dotted decimal representation, e.g., 255.255.255.0 is the subnet mask for the 192.168.1.0 network with a 24-bit routing prefix (192.168.1.0/24). For IPv6 networks, routing prefixes are always expressed in the standardized CIDR notation consisting of the network address and the mask length, e.g., 2001:db8::/32. All hosts within a subnet can be reached in one "hop" (time to live = 1), implying that all hosts in a subnet are connected to the same link. A typical subnet is a physical network served by one router, for instance an Ethernet network (consisting of one or several Ethernet segments or local area networks, interconnected by network switches and network bridges) or a Virtual Local Area Network (VLAN). However, subnetting allows the network to be logically divided regardless of the physical layout of a network, since it is possible to divide a physical network into several subnets by configuring different host computers to use different routers. While improving network performance, subnetting increases routing complexity, since each locally connected subnet is typically represented by one row in the routing tables in each connected router. However, with a clever design of the network, routes to collections of more distant subnets within the branches of a tree-hierarchy can be aggregated by single routes. Existing subnetting functionality in routers made the introduction of Classless InterDomain Routing seamless. A graphic representation of relationships and source of the various variables representing a chunk of /24 subnets.
Subnetting
A subnetwork, or subnet, describes networked computers and devices that have a common, designated IP address routing prefix. Subnetting is used to break the network into smaller more efficient subnets to prevent excessive rates of Ethernet packet collision in a large network. Such subnets can be arranged hierarchically, with the organization's network address space (see also Autonomous System) partitioned into a tree-like structure. Routers are used to manage traffic and constitute borders between subnets. Subnetting an IP Network can be done for a variety of reasons, including organization, use of different physical media (such as Ethernet, FDDI, WAN, etc.), preservation of address space, and security. The most common reason is to control network traffic. In an Ethernet network, all nodes on a segment see all the packets transmitted by all the other nodes on that segment. Performance can be adversely affected under heavy traffic loads, due to collisions and the resulting retransmissions. A router is used to connect IP networks to minimize the amount of traffic each segment must receive. A routing prefix is the sequence of leading bits of an IP address that precede the portion of the address used as host identifier. In IPv4 networks, the routing prefix is often expressed as a "subnet mask", which is a bit mask covering the number of bits used in the prefix. An IPv4 subnet mask is frequently expressed
address written, for human readability, into 4 octets and a subnet mask of like size and notation. In order to facilitate the routing process the address is divided into two pieces: The network prefix (some contiguous range of higher-order bits) that is significant for routing decisions at that particular topological point. The network host (the remaining bits) that specify a particular device in the network.
This works much like a postal address in that network prefix would represent the city and the network host would represent the address of a specific house on that street. The subnet mask (e.g. 255.255.192.0 to specify the top 18 bits; in binary: 11111111.11111111.11000000.00000000) or CIDR suffix address (e.g. /18) is used in conjunction with the network address to determine how many higherorder bits are used for the network prefix. For instance, the following are equivalent: 192.168.0.0 with netmask 255.255.0.0 192.168.0.0/16
Example
Dotdecimal Address
Binary
Subnet Masking
Applying a subnet mask to an IP address allows you to identify the network and node parts of the address. The network bits are represented by the 1s in the mask, and the node bits are represented by the 0s. Performing a bitwise logical AND operation between the IP address and the subnet mask results in the Network Address or Number. For example, using our test IP address and the default Class B subnet mask, we get: 10001100.10110011.11110000.11001000 140.179.240.200 Class B IP Address 11111111.11111111.00000000.00000000 255.255.000.000 Default Class B Subnet Mask -------------------------------------------------------10001100.10110011.00000000.00000000 140.179.000.000 Network Address Default subnet masks: Class A 255.0.0.0 11111111.00000000.00000000.00000000 Class B 255.255.0.0 11111111.11111111.00000000.00000000 Subnet 255.255.25 11111111.11111111.11111111.0 Mask 5.0 0000000
00000000.00000000.00000000.0 0001010
Subnet masks consist of 32 bits, usually a block of ones (1) followed by a block of 0s. The last block of zeros (0) designate that part as being the host identifier. This allows a classful network to be broken down into subnets. A classful network is a network that has a subnet mask of 255.0.0.0, 255.255.0.0 or 255.255.255.0.
between the Subnet address and the Broadcast address. This gives a total of 49,140 nodes for the entire class B address subnetted this way. Notice that this is less than the 65,534 nodes an unsubnetted class B address would have. You can calculate the Subnet Address by performing a bitwise logical AND operation between the IP address and the subnet mask, then setting all the host bits to 0s. Similarly, you can calculate the Broadcast Address for a subnet by performing the same logical AND between the IP address and the subnet mask, then setting all the host bits to 1s. That is how these numbers are derived in the example above. Subnetting always reduces the number of possible nodes for a given network. There are complete subnet tables available here for Class A, Class B and Class C. These tables list all the possible subnet masks for each class, along with calculations of the number of networks, nodes and total hosts for each subnet. An Example Here is another, more detailed, example. Say you are assigned a Class C network number of 200.133.175.0 (apologies to anyone who may actually own this domain address). You want to utilize this network across multiple small groups within an organization. You can do this by subnetting that network with a subnet address. We will break this network into 14 subnets of 14 nodes each. This will limit us to 196 nodes on the network instead of the 254 we would have without subnetting, but gives us the advantages of traffic isolation and security. To accomplish this, we need to use a subnet mask 4 bits long. Recall that the default Class C subnet mask is 255.255.255.0 (11111111.11111111.11111111.00000000 binary) Extending this by 4 bits yields a mask of 255.255.255.240 (11111111.11111111.11111111.11110000 binary) This gives us 16 possible network numbers, 2 of which cannot be used: Subnet Network bits Number Node Broadcast Addresses Address
Example:
10001100.10110011.11011100.11001000 140.179.220.200 IP Address 11111111.11111111.11100000.00000000 255.255.224.000 Subnet Mask -------------------------------------------------------10001100.10110011.11000000.00000000 140.179.192.000 Subnet Address 10001100.10110011.11011111.11111111 140.179.223.255 Broadcast Address In this example a 3 bit subnet mask was used. There are 6 (23-2) subnets available with this size mask (remember that subnets with all 0's and all 1's are not allowed). Each subnet has 8190 (213-2) nodes. Each subnet can have nodes assigned to any address
0000 0001
200.133.175.0 200.133.175.16
Reserved
None
.17 thru . 200.133.175.31 30 .33 thru . 200.133.175.47 46 .49 thru . 200.133.175.63 62 .65 thru . 200.133.175.79 78 .81 thru . 200.133.175.95 94
IPv4 classes
IPv4 addresses are broken down into three parts: the network part, the subnet part (now often considered part of the network part, although originally it was part of the rest part), and the host part. Even though classful networks are obsolete, both classful and classless networks are shown in the following table.
0010
200.133.175.32
0011
200.133.175.48
0100
200.133.175.64
0101
200.133.175.80
0110
.97 thru . 200.133.175.96 200.133.175.111 110 200.133.175.11 .113 thru . 200.133.175.127 2 126 200.133.175.12 .129 thru . 200.133.175.143 8 142 200.133.175.14 .145 thru . 200.133.175.159 4 158 200.133.175.16 .161 thru . 200.133.175.175 0 174 200.133.175.17 .177 thru . 200.133.175.191 6 190 200.133.175.19 .193 thru . 200.133.175.207 2 206 200.133.175.20 .209 thru . 200.133.175.223 8 222 200.133.175.22 .225 thru . 200.133.175.239 4 238 200.133.175.24 Reserved 0 None
Class
End
in
0111
1000
A (CID 0 R /8)
0.0.0.0
127.255.255.2 255.0.0.0 55
1001
1010
B (CID 10 R / 16)
1011
1100
1101
1110
224.0.0. 239.255.255.2 0 55
1110
1111
240.0.0. 255.255.255.2 0 54
1111
While the 127.0.0.0/8 network is in the Class A area, it is designated for loopback and cannot be assigned to a network.
Class D multicasting Class E reserved Subnetting is the process of allocating bits from the host portion as a network portion. The above example shows the bitwise "AND" process being performed on a classful network. The following example shows bits being borrowed to turn a classful network into a subnet
subnetworks. Each bit can take the value 1 or 0, giving 4 possible subnets (22 = 4) Network Network (binary) Broadcast address
192.168.5.0 11000000.10101000.0000010 192.168.5. /26 1.00000000 63 192.168.5.6 11000000.10101000.0000010 192.168.5. 4/26 1.01000000 127 192.168.5.1 11000000.10101000.0000010 192.168.5. 28/26 1.10000000 191 192.168.5.1 11000000.10101000.0000010 192.168.5. 92/26 1.11000000 255
Example
Dot-decimal Binary Address
According to the RFC 950 standard the subnet values consisting of all zeros and all ones are reserved, reducing the number of available subnets by 2. However due to the inefficiencies introduced by this convention it is no longer used on the public Internet, and is only relevant when dealing with legacy equipment that does not understand CIDR. The only reason not to use the all-zeroes subnet is that it is ambiguous when the exact suffix length is not available. All CIDR-compliant routing protocols transmit both length and suffix. See RFC 1878 for a subnetting table with extensive examples. The remaining bits after the subnet are used for addressing hosts within the subnet. In the above example the subnet mask consists of 26 bits, leaving 6 bits for the address (32 26). This allows for 64 possible combinations (26), however the all zeros value and all ones value are reserved for the network ID and broadcast address respectively, leaving 62 addresses. In general the number of available hosts on a subnet can be calculated using the formula 2n 2, where n is the number of bits used for the host portion of the address. RFC 3021 specifies an exception to this rule when dealing with 31 bit subnet masks (i.e. 1 host bit). According to the above rule a 31 bit mask would allow for 21 2 = 0 hosts. The RFC makes allowances in this case for certain types of networks (point-to-point) to disregard the network and broadcast address, allowing two host addresses to be allocated. Possible subnets for a /24 suffix (traditional Class C):
In this example two bits were borrowed from the original host portion. This is beneficial because it allows this network to be split into four smaller networks. A /24 suffix (Class C block) allows 254 hosts; split into four parts, the prefix is /26, each has 62 hosts.
CIDR Available Total Available notatio Network Mask Hosts per usable Networks n network hosts /24 /25 /26 /27 /28 /29 /30 /31 255.255.255.0 1 254 126 62 30 14 6 2 2* 254 252 248 240 224 192 128 256 255.255.255.12 2 8 255.255.255.19 4 2 255.255.255.22 8 4 255.255.255.24 16 0 255.255.255.24 32 8 255.255.255.25 64 2 255.255.255.25 128 4
addresses. The "classful" system of allocating IP addresses can be very wasteful; anyone who could reasonably show a need for more that 254 host addresses was given a Class B address block of 65533 host addresses. Even more wasteful were companies and organizations that were allocated Class A address blocks, which contain over 16 Million host addresses! Only a tiny percentage of the allocated Class A and Class B address space has ever been actually assigned to a host computer on the Internet. People realized that addresses could be conserved if the class system was eliminated. By accurately allocating only the amount of address space that was actually needed, the address space crisis could be avoided for many years. This was first proposed in 1992 as a scheme called Supernetting. Under supernetting, the classful subnet masks are extended so that a network address and subnet mask could, for example, specify multiple Class C subnets with one address. For example, If I needed about 1000 addresses, I could supernet 4 Class C networks together: 192.60.128.0 (11000000.00111100.10000000.00000000) Class C subnet address 192.60.129.0 (11000000.00111100.10000001.00000000) Class C subnet address 192.60.130.0 (11000000.00111100.10000010.00000000) Class C subnet address 192.60.131.0 (11000000.00111100.10000011.00000000) Class C subnet address -------------------------------------------------------192.60.128.0 (11000000.00111100.10000000.00000000) Supernetted Subnet address 255.255.252.0 (11111111.11111111.11111100.00000000) Subnet Mask 192.60.131.255 (11000000.00111100.10000011.11111111) Broadcast address In this example, the subnet 192.60.128.0 includes all the addresses from 192.60.128.0 to 192.60.131.255. As you can see in the binary representation of the subnet mask, the Network portion of the address is 22 bits long, and the host portion is 10 bits long.
Under CIDR, the subnet mask notation is reduced to a simplified shorthand. Instead of spelling out the bits of the subnet mask, it is simply listed as the number of 1s bits that start the mask. In the above example, instead of writing the address and subnet mask as 192.60.128.0, Subnet Mask 255.255.252.0 the network address would be written simply as: 192.60.128.0/22 which indicates starting address of the network, and number of 1s bits (22) in the network portion of the address. If you look at the subnet mask in binary (11111111.11111111.11111100.00000000), you can easily see how this notation works. The use of a CIDR notated address is the same as for a Classful address. Classful addresses can easily be written in CIDR notation (Class A = /8, Class B = / 16, and Class C = /24) It is currently almost impossible for an individual or company to be allocated their own IP address blocks. You will simply be told to get them from your ISP. The reason for this is the ever-growing size of the internet routing table. Just 10 years ago, there were less than 5000 network routes in the entire Internet. Today, there are over 100,000. Using CIDR, the biggest ISPs are allocated large chunks of address space (usually with a subnet mask of /19 or even smaller); the ISP's customers (often other, smaller ISPs) are then allocated networks from the big ISP's pool. That way, all the big ISP's customers (and their customers, and so on) are accessible via 1 network route on the Internet. But I digress. It is expected that CIDR will keep the Internet happily in IP addresses for the next few years at least. After that, IPv6, with 128 bit addresses, will be needed. Under IPv6, even sloppy address allocation would comfortably allow a billion unique IP addresses for every person on earth! The complete and gory details of CIDR are documented in RFC1519, which was released in September of 1993.
# bits
255.192.0.0
/10
419430 8388604 2 209715 12582900 0 104857 14680036 4 524286 15728580 262142 16252804 131070 16514820 65534 32766 16382 8190 4094 2046 1022 510 254 16645636 16710660 16742404 16756740 16760836 16756740 16742404 16710660 16645636 16514820
255.224.0.0
/11
4 5 6 7 8 9 10 11
14 30 62 126 254 510 1022 2046 4094 8190 16382 32766 65534
255.255.240.0 12 13 14 15 16 17
255.255.248.0 /21 255.255.252.0 /22 255.255.254.0 /23 255.255.255.0 /24 255.255.255.1 /25 28 255.255.255.1 /26 92 255.255.255.2 /27 24
131070 126
262142 62
16252804
524286 30
15728580
20
14680036
21
12582900
22
8388604
scenario
based
on
Suppose a home network consists of computers named Foo and Bar, connected to a router, and then via a cable modem to the Internet. The home network is configured as a subnet: address 17.76.99.1 is assigned to Foo, address 17.76.99.2 to Bar, and address 17.76.99.100 to the router. The subnet has been configured so that the first three octets of its members' addresses are all the same subnet id, 17.76.99, and this fact is expressed by the subnet mask 255.255.255.0 (binary 11111111 11111111 11111111 00000000) configured in the router. When Foo sends data to example.com at 208.77.188.166, the router performs a logical AND of the destination example.com address with the subnet mask. It also performs a logical AND of the origin address (17.76.99.1) and recognizes that these two results are different, and therefore sends the data over the Internet, via the subnet's default gateway. When Foo sends data to Bar, however, it determines that the results of the two AND operations are the same, therefore the destination lies within the subnet and the default gateway is not required. The data is transmitted directly from Foo to Bar within the home network.