Networking Tips

  


[an error occurred while processing this directive]

No Title

[an error occurred while processing this directive]

Reference: Cisco: Internetworking Basics

Contents

Introduction

An IP subnet is simply a collection of network addresses which can communicate with each other "without" having to refer to a router to accomplish the communication. In other words, the media-protocol drivers support direct communication between all nodes in the same subnet. Transmitting data between two separate subnets requires the use of a router, often called a gateway in this context. To determine wheter or not two systems are in teh same subnet, you can perform the following:

Using Base-2 Mathematics with the IP Address

An IP address is a collection of 32 bits, divided into four groups of 8 bits for convenient presentation in the form of 4 unsigned integers (decimals). Each grouping of 8 bits can be expressed as a value between 0 and 255. Take the following example:

Here is an example IP address (as you see it in base-10)


192.168.1.101

The computer reads the IP address in base-2 (also known as binary):


11000000101010000000000101100101

Split the IP address into 4 groups of 8 bits:


11000000   10101000   00000001   01100101

Each bit in the address represents a successively greater power of two as you move from right to left. Note that the powers of two, listed below, start at 20.


27 26 25 24 23 22 21 20 128 64 32 16 8 4 2 1

A "1" in a given bit position indicates that the corresponding power of two counts towards the final value. A "0" in a given bit position means to ignore that position and not count anything towards the final value. If we label the bit position b7-b0 (moving from left to right), we can write out the following formula for our binary-to-decimal conversion:


128*b7 + 64*b6 + 32*b5 + 16*b4 + 8*b3 + 4*b2 + 2*b1 + 1*b0

We can now use the above binary-to-decimal formula to convert 11000000 as follows:


128*1 + 64*1 + 32*0 + 16*0 + 8*0 + 4*0 + 2*0 + 1*0
128 + 64 + 0 + 0 + 0 + 0 + 0 + 0 = 192

By observing the above example, you can see that the bit positions where there was a "1" contributed to the final value; the position containing "0" did not. Converting the other three values in our initial IP address yields:


10101000 = 168 00000001 = 1 01100101 = 101

The Subnet Mask

A subnet mask is nothing more than a 32 bit number used to divide the 32 IP address into two parts:

The subnet mask simply tells the computer how many bits (from left to right) are in the network address. The remaining bits comprise the host address. See the following example:

Figure 1: Subnet Mask Influence

In the early days of IP networking, there were only three types of networks: class A, class B, and class C, each with its own fixed subnet mask. This means that there were only three ways to divide the 32 bits in an IP address into a network and a host address. This type of subnetting was extremely limited. To get around this limitation, the "Classless Inter-Domain Routing" (CIDR) was born. With CIDR, you can divide the IP address almost anywhere wihtin its 32 bits. You can think of it as drawing a line in the same and proclaiming: "All bits to the left of this line comprise the network address, and all bits to the right of this line comprise the host address."

The delineation between the two fields of the IP address is presented with the subnet mask. The computer performs a binary-AND operation of the IP address and the subnet mask. Here is a quick example:


11000000 10101000 00000001 01100101 IP address bitwise-AND 11111111 11111111 11111100 00000000 subnet mask ----------------------------------- 11000000 10101000 00000000 00000000 network address

From the example above, you can see where there is a "1" in the subnet mask, the bit in the IP address is copied into the network address. Where there is a "0" in the subnet mask, a "0" is copied into the network address. This is what is called masking, and it is something that can be performed very quickly by computer hardware. Dealing with "1"s and "0"s is great for a computer, but a different representation is required for human use. The following are three popular representations:

 

There cannot be a "0" followed by a "1" in a subnet mask. Recall that the subnet mask is telling us how many bits (from left to right) are in the network address. Because the network and host fields are contiguous, and all bits must be used, there are no gaps.

Parameters Related to the Subnet Mask

Given an IP address and its assocaited subnet mask, it is possible to calculate other properties. In addition to calculating the network address (like in the examples above), the following parameters can also be calculated:

Class A, B and C Networks

Given a full explanation of how to think about subnets, it is safe to introduce the traditional "classed" subnet definitions. In the early days, these conventions dictated the values of the first four bits in the address (known as the prefix), which, in turn implied how the 32 bit address space was separated into network and host portions. This way, routers could share network route information with each other without including the subnet mask.

 

While this was initially a great savings, it ended up costing a lot later in terms of confusion and rework to implement CIDR.

The different designations split the address on octet boundaries, which lessened the need for base-2 math skills on the part of the network administrator. The designations are listed below:

Subnet Class Designations
  Prefix Bits in Subnet Mask
class A 0 8
class B 10 16
class C 110 24
class D 1110 n/a
class E 1111 n/a

Thus, a class A address must have the first bit set to zero, and it uses the first 8 bits for the network address and the remaining 24 bits for the host address. Classes B and C each set another bit in the prefix and shift the subnet mask over by 8 bits. Class D is used for multicast addresses (11100000 in binary equals 224 in decimal). Class E is reserved for future use.

Because the prefix places certain limitations on the network address, you can easily identify which class an address is in by looking at the first octet. So if you see 151.30.22.12 and you know that your network is following the class conventions, you instantly know that this is a class B network and that the subnet mask is /16. The ranges are listed below:

Subnet Class Address Ranges
Class Network Address Range Host Sddress Range
class A 0 - 126 0.0.1 - 255.255.254
class B 128.0 - 191.255 0.1 - 255.254
class C 192.0.0 - 223.255.255 1 - 254

Of the three "classes", class C would be the most frequently used. People often use this to refer to any network with a 24-bit subnet mask and 8-bit host address, although properly, it includes only those network addresses that begin with 110.

Carving Up IP Address Space using CIDR

The last section in this document, deals with how to take an address space allocated to you and divvy it up into several IP subnets. You have to choose either the number of separate subnets you want to create, or how many hosts should be in each subnet. To divide the original subnet, you add bits to the network address (thereby removing bits from the host portion of the address) until you have the desired number of subdivisions in the original address space.

If you choose to create N subnets, you need an additional m = log2N 1's in the subnet mask. An easier way to think about the math is to realize that adding m bits to the subnet mask will result in 2m additional subnets. Take the following example:

Example 1

Take the address space 192.168.18.0/24 and carve it up into 8 subnets. N = 8, so m = log28 = 3, which is the number of bits to add to the subnet mask. The result is 8 subnets with network addresses of 192.168.18.x/27.

Now we need the 8 values for x:    x1, x2, x3, x4, x5, x6, x7, x8, to that we can write out the network address for each subnet. The first one always starts where the original address space started, in this case 0. The subsequent values for xn are found by adding the number of hosts in each subnet to the proceding value of x. In this example, the number of host addresses is 2(32-27) = 25, = 32, and we can write out our network addresses accordingly:


x1 192.168.18.0/27 x2 192.168.18.32/27 x3 192.168.18.64/27 x4 192.168.18.96/27 x5 192.168.18.128/27 x6 192.168.18.160/27 x7 192.168.18.192/27 x8 192.168.18.224/27

The number of usable host addresses in each subnet is 30. You could calculate the broadcast address for each of these, although they can be written down by inspection. Since the broadcast address is the last address in the subnet, it must be one lower than the next network address as shown in the example list below:


broadcast address for x1 192.168.18.31 broadcast address for x2 192.168.18.63 broadcast address for x3 192.168.18.95 broadcast address for x4 192.168.18.127 broadcast address for x5 192.168.18.109 broadcast address for x6 192.168.18.191 broadcast address for x7 192.168.18.223 broadcast address for x8 192.168.18.255

You won't be able to use the maskbits representation of the subnet mask for most networking commands, so you should go ahead and convert it back to decimal. Remember that the 27 bits must be contiguous, from left to right, so they must be 11111111.11111111.11111111.11100000, which is 255.255.255.224. You don't really have to write out the full 32 bits each time, just start subtracting 8 from the maskbits. Each time you can substract 8, copy down 255. When you are left with a number less than 8, look it up in the table and copy down the decimal representation. If you have not yet written down 4 decimal values, then write down "0"s for the rest.

Before we move on to the next example, let's look at one more property of the subnet mask and the network address that you can use to double-check your work.


11000000 . 10101000 . 00010010 . 01100000 network address (192.168.18.96) 11111111 . 11111111 . 11111111 . 11100000 subnet mask (255.255.255.224)

Notice, when you line up the network address and the subnet mask, that the network address is all "0"s to the right of the subnet mask's last "1". This will always be the case. If it's not, then you have made a mistake. Simply put, you are in a completely different subnet. Recall that the purpose of the subnet mask is to divide the IP address into network and host fields. The bits in the host field are reserved for hosts.

Example 2

You could also pick the number of hosts you would like in the subnet and use this to calculate the subnet mask and network address. Let's assume that you need a subnet with at least 1400 addresses. Since we have to pick a power of two, and 1024 is not large enough, we have to take 2048. A subnet that has 2048 host addresses in it needs to have log22048 = 11 bits to hold the address. There are 32 bits total, so this leaves 21 bits for the network address.

Now that you know the subnet mask, chances are good that you'll need to carve it out of some private address space. If you want to take this space from the RFC-1918 allocation for private class A (10.x.x.x) or class B (172.16-31.x.x) networks, you have no worries. The class A network space as 24 bits of host address - more than plenty. The same is true for any of the 16 different private class B networks. They each have 16 bits of host address. (Remember that we need only 11). Just choose an unused one, slap on the /21, and start CIDRing.

However, if you want to use an aggregate of private class Cs (the 192.168.x.x address space), things can get a little sticky. The last example included a prologue which showed that the network bits cannot run over into the host portion of the IP address. That wasn't so tough when we had a network and wanted to carve out addresses. But now we have addresses and want to fit them into a network. The first thing to do is to write out the subnet mask in binary:


11111111.11111111.11111000.00000000

Now we find a network address that does not have a "1" in any of the last 3 bits of the third octet. (If a "1" appears here, the network address is spilling into the host portion.) This is not as difficult as it should once you write out the subnet mask in binary. Using 0 (binary 00000000) for the third octet will meet the criterion. If this address space is not available, then the next choice is to copy down the octet with the right-most "1" in the subnet mask intact, and everything else "0" - so in this case 00001000 (8). Any multiple of this value will also meet the requirements, up to copying down the octet from the subnet mask itself (11111000). So we are free to choose from:


192.168.0.0/21 11000000 . 10101000 . 00000000 . 00000000 192.168.8.0/21 11000000 . 10101000 . 00001000 . 00000000 192.168.16.0/21 11000000 . 10101000 . 00010000 . 00000000 192.168.24.0/21 11000000 . 10101000 . 00011000 . 00000000 . . . 192.168.248.0/21 11000000 . 10101000 . 11111000 . 00000000

Each of these has room for 2046 hosts and will have its own broadcase address. If you are still unclear on calculating the broadcast address, try calculating it for 192.168.64.0/21. You should come up with 192.168.71.255.

If you try to start anywhere in the address space, e.g., at 192.168.2.0/21, you'll have problems. Let's write this network address out in binary and alilgn it with the subnet mask:

network address 11000000 . 10101000 . 00000010 . 00000000
subnet mask 11111111 . 11111111 . 11111000 . 00000000

As you can see, the network address spills over into the host portion of the address (to the right of the last "1" inthe netmask). By doing this, you specified a host within the subnet, and not a network address. If you ever try something like this within the OS, it will let you know:


# /sbin/route add -net 192.168.2.0 netmask 255.255.248.0 eth0 route: netmask doesn't match route address

More Subnet-Related Definitions

Here are a few more notes on subnet terminology:

About the Author

Jeffrey Hunter is an Oracle Certified Professional, Java Development Certified Professional, Author, and an Oracle ACE. Jeff currently works as a Senior Database Administrator for The DBA Zone, Inc. located in Pittsburgh, Pennsylvania. His work includes advanced performance tuning, Java and PL/SQL programming, developing high availability solutions, capacity planning, database security, and physical / logical database design in a UNIX / Linux server environment. Jeff's other interests include mathematical encryption theory, tutoring advanced mathematics, programming language processors (compilers and interpreters) in Java and C, LDAP, writing web-based database administration tools, and of course Linux. He has been a Sr. Database Administrator and Software Engineer for over 20 years and maintains his own website site at: http://www.iDevelopment.info. Jeff graduated from Stanislaus State University in Turlock, California, with a Bachelor's degree in Computer Science and Mathematics.



Copyright (c) 1998-2017 Jeffrey M. Hunter. All rights reserved.

All articles, scripts and material located at the Internet address of http://www.idevelopment.info is the copyright of Jeffrey M. Hunter and is protected under copyright laws of the United States. This document may not be hosted on any other site without my express, prior, written permission. Application to host any of the material elsewhere can be made by contacting me at jhunter@idevelopment.info.

I have made every effort and taken great care in making sure that the material included on my web site is technically accurate, but I disclaim any and all responsibility for any loss, damage or destruction of data or any other property which may arise from relying on it. I will in no case be liable for any monetary damages arising from such loss, damage or destruction.

Last modified on
Wednesday, 28-Dec-2011 14:13:52 EST
Page Count: 16984