On IP Subnetting and Subnet Masks

7/30/2019 On IP Subnetting and Subnet Masks

1/4

On IP Subnetting and Subnet Masks

This page covers octal and decimal math with respect to IP subnetting, subnetmasks, broadcast addresses and the like. It's meant to de-mystify the simplemath of IP networking for the novice LAN administrator. A soundunderstanding of these concepts is critical for security and general networkstability. However, even university-level textbooks seem to gloss over thistopic.

Subnet Masks and Subnets:

notation resulting subnet

netmask shorthand number of addresses

255.255.255.0 /24 [8-bit] 2 = 256 = 254 hosts + 1 bcast + 1 net base




255.255.255.240 /28 [4-bit] 2 4 = 16 = 14 hosts + 1 bcast + 1 net base



255.255.255.254 /31 [1-bit] 2 1 = - invalid (no possible hosts)

255.255.255.255 /32 [0-bit] 2 = 1 a host route (odd duck case)

Some Quick Notes: An IP number has four 8-bit octets. Since each binary bit has two possiblevalues, either on or off (0 or 1), each octet can represent 2 8 = 256 decimalnumbers (0..255). If we count up all 32 bits (4x8=32), we have an Internet of 256x256x256x256 = 2 32 = 4,294,967,296 possible addresses. That's too manyfor any one network; this number is segmented into more manageablechunks, or subnets, via routing. The network base address and subnet mask

determines what portion of the 32-bit Internet belongs to a given subnet.

A network interface (NIC) should not waste its processing power looking atany and all IP traffic. We want each NIC to ignore anything not meant for itself. A subnet mask provides a way to quickly and efficiently filter outanything not meant for our subnet. NICs on hosts, routers, etc., use a


2/4

combination of network "base" address and "mask" to determine what toignore and what to listen to.

The netmask shorthand notation (the /##'s) just specifies how many 1's to

_keep_ to determine the _network_ address of an interface. Each octet haseight 1's. With no masking, that's "11111111.11111111.11111111.11111111".The netmask would be 0.0.0.0 or just /0, meaning look at all the ones in all theoctets -- the entire Internet. Again, we generally do not want a NIC to listen for the entire Internet.

The netmask is called a "mask" because it also tells how many 1's on the left-hand side to mask-out when figuring out a specific _host_ address.

For a "Class C" or "8-bit" subnet (32-24=8), the network interfaces only careabout the last octet. So we use 255.255.255.0, or its shorthand equivalent,/24.

For a Class B or "16-bit" subnet (32-16=16), we need the details of the lasttwo octets. So we use 255.255.0.0, or /16.

A Question to See if You're Awake:Question: How many 9-bit subnets can fit into a 13-bit subnet?

Answer:

21 -- =29

213 - 9 = 2 4 = 16

A Non "8-bit" Example:207.199.153.192/27 is a "5-bit" subnet (32-27=5). There are 32 IP's in thesubnet. The "base" address or first IP of the range is simply 207.199.153.192,

and is unusable as a host address. The 30 Usable IPs are207.199.153.193..207.199.153.223. The last one, 207.199.153.224, is thebroadcast address for the subnet. Similar to the network base address, thebroadcast address is not usable as a host address.


3/4

General Network Architecture:The internal subnetting uses the private "Class B" network, 172.16.0.0/16,divvied up as follows:

network/mask usable IP address range bcast address location172.16.1.0/24 172.16.1.1..172.16.1.254 172.16.1.255 Chantilly

172.16.2.0/25 172.16.2.1..172.16.2.126 172.16.2.127 Leesburg

172.16.3.0/25 172.16.3.1..172.16.3.126 172.16.3.127 Alexandria

172.16.4.0/24 172.16.4.1..172.16.4.254 172.16.4.255 Winchester

172.16.5.0/24 172.16.5.1..172.16.5.254 172.16.5.255 Arlington

172.16.6.0/24 172.16.6.1..172.16.6.254 172.16.6.255 Washington

With a Class B of 65+ thousand host addresses (256x256) to burn up,

efficiency isn't often much of an issue for a "private" subnet. However, notethat the 7-bit (32-25=7) subnets 172.16.2.128/25 and 172.16.3.128/25 aregoing unused. Sticking to "plain jane" 8-bit ("Class C") subnetting wouldsimplify life. On the private network, we'd have 254 possible 8-bit subnets.

Network Base Address and Broadcast Address: The network base address is the first IP address in a given subnet; thebroadcast address is the last. There's nothing "special" about these first andlast numbers in the math; it's just the engineering specification that definesthem to these functions. All NICs have to listen for traffic directed at their specific IP address(es) and the broadcast address for their subnet. The basenetwork address is all 0's for the hostid and refers to the subnet itself; thebroadcast address is all 1's and refers to all hosts on the subnet.

32-bit Octal to Dotted Quad Decimal Conversion:Computers love octal math because they're essentially binary in nature (theylike a switch to be either OFF/0 or ON/1) the same way humans like base ten(because we count on our fingers). Our base ten tendencies cause our eyesto glaze over when presented with octal numbers. Still, some understanding of the octal number system helps us comprehend IP networking a bit moreclearly.

The eight "places" in 11111111 equate to 128 64 32 16 8 4 2 1.


4/4

So, the following numbers are equivalent:

10000000.00001010.00000010.00011110 32-bit Octal

128.10.2.30 Dotted Quad Decimal

Octal Decimal (128.10.2.30)- 128 64 32 16 8 4 2 1 ttl

10000000 128 + 0 + 0 + 0 + 0 + 0 + 0 + 0 = 128

00001010 0 + 0 + 0 + 0 + 8 + 0 + 2 + 0 = 10

00000010 0 + 0 + 0 + 0 + 0 + 0 + 2 + 0 = 2

00011110 0 + 0 + 0 + 16 + 8 + 4 + 2 + 0 = 30

The reverse is a little bit like long division. For each octet, just keep grabbing

the biggest power of two in whatever's left till we get to 0.

11001111.11000111.10011001.11000010 32-bit Octal

207.199.153.194 Dotted Quad Decimal

Decimal (207.199.153.194) Octal

- 128 64 32 16 8 4 2 1 -

207 = 128 + 64 + 0 + 0 + 8 + 4 + 2 + 1 11001111

199 = 128 + 64 + 0 + 0 + 0 + 4 + 2 + 1 11000111

153 = 128 + 0 + 0 + 16 + 8 + 0 + 0 + 1 10011001

194 = 128 + 64 + 0 + 0 + 0 + 0 + 2 + 0 11000010

Documents

On IP Subnetting and Subnet Masks