Simple Subnetting Made Simple
advertisement
Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University Subnetting Made Simple IP Subnetting without Tables, Tools, or Tribulations Larry Newcomer The Pennsylvania State University York Campus Abstract Every networking professional should have a thorough understanding of TCP/IP subnetting. Subnetting can improve network performance by splitting up collision and broadcast domains. Subnets can reflect organizational structure and help support security policies. WAN links typically join different subnets. Subnets can define administrative units and hence support the structuring and delegation of administrative tasks. Unfortunately, mastering subnetting can pose difficulties for both professionals and students because of the binary mathematics that underlies the technology. While it is imperative to present subnetting concepts in terms of the underlying binary representation, most texts also present subnetting procedures in binary terms. Such an approach can make it difficult for students to learn how to actually carry out subnetting without tables or other reference materials, even when they understand the basic concepts. This paper presents a simple, alternative method for understanding and implementing subnetting without software, calculators, tables, or other aids. The only knowledge of binary arithmetic required is familiarity with the powers of 2 from 0 to 8 (2x for x = 0, 1, …, 8). With a little decimal arithmetic thrown in, the whole process is simple enough to be carried out mentally. This paper assumes the reader is already somewhat familiar with IP addressing, the role of subnet masks, and the uses for subnetting. It proceeds quickly from a brief introduction to a thorough discussion of simple techniques for determining the number of subnets and hosts, calculating the subnet mask, determining (sub)network id’s, and figuring the available IP addresses for each subnet. The methodology is helpful both to those who aspire to be network professionals and to those who seek a simple way to teach subnetting in networking courses. Introduction Every networking student should have a solid understanding of TCP/IP subnetting (Loshin, 1997). Subnetting’s importance in modern networking is reflected by its many © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 1 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University and varied uses. It can enhance network performance by splitting up collision and broadcast domains in a routed network (Odom, 2000). Large networks can be organized into separate subnets representing departmental, geographical, functional, or other divisions (Feit, 1997). Since hosts on different subnets can only access each other through routers, which can be configured to apply security restrictions, subnetting can also serve as a tool for implementing security policies (Bulette, 1998). Dividing a large network into subnets and delegating administrative responsibility for each subnet can make administration of a large network easier. Routers can require that a WAN link connecting two networks must itself form a separate subnet (Bulette, 1998). Troubleshooting, diagnosing, and fixing problems in a TCP/IP internetwork typically require thorough familiarity with subnetting. Network design requires both the ability to understand and carry out subnetting. A major stumbling block to successful subnetting is often a lack of understanding of the underlying binary math. In fact, the principles of subnetting are difficult to grasp without mastery of binary arithmetic, logic, and binary/decimal conversions. On the other hand, it is not necessary to be able to think in binary in order to plan, design, and implement simple subnetting. The methodology discussed below allows anyone with the following capabilities to successfully carry out all the subnetting essentials: Know the decimal values of the powers of 2 from 0 to 8 as presented in Table 1 below (e.g., 24 = 16) Know how to add and subtract the decimal values of the powers of 2 in the following table (e.g., 27 – 25 = 128 – 32 = 96). If this decimal arithmetic can be done mentally, then subnetting itself can be accomplished mentally. Table 1 x 2x 2x in Decimal 0 20 1 1 21 2 2 22 4 3 23 8 4 24 16 5 25 32 6 26 64 7 27 128 © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 2 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University x 2x 2x in Decimal 8 28 256 It is helpful to memorize Table 1 before proceeding. The discussion below presents a simple, step-by-step methodology for determining the number of subnets, the maximum number of hosts per subnet, the subnet mask, the network id’s, and the valid IP addresses for each subnet. In short, the method covers all the major steps in the subnetting process. First, however, we present a rapid review of subnetting concepts. Simple Subnetting Concepts Before discussing the subnetting procedure, it is necessary to become familiar with the basic concepts of IP addressing, subnet masks, and the separation of an IP address into a network ID and a host ID. An IPv4 (IP version 4) address consists of a 32-bit binary number, which can be viewed as a series of 4 octets (Odom, 1999). Each octet consists of 8 bits, so 4 octets make up 4 * 8 = 32 bits, the exact number of bits in an IP address. Since IP addressing operates at the OSI network layer (Layer 3), IP addresses must be able to identify both individual hosts (the TCP/IP term for any device connected by a network adapter to a TCP/IP network, such as a computer, printer, router, etc.) and individual networks. This is accomplished by dividing the 32-bit IP addresses into two parts: an initial network ID portion that identifies (i.e., addresses) individual networks, followed by a host ID portion that identifies (i.e., addresses) individual hosts on a given network (Lammle, 2000). Thus IP addressing works by uniquely specifying: a) A particular TCP/IP network as identified by the network ID portion of the IP address b) A particular host on that network as identified by the host ID portion of the IP address It is critical to understand the difference between the MAC address (also known as the hardware, physical, or NIC address) at the Data-Link layer (Layer 2), and the IP address which operates at the Network layer (Layer 3). The MAC address uniquely identifies each network adapter (NIC or Network Interface Card) with a 48-bit binary number. The assignment of MAC addresses is supervised by the IEEE to ensure worldwide uniqueness. Each MAC address consists of two parts: the first part uniquely identifies the NIC manufacturer, and the second part uniquely identifies each NIC produced by a given manufacturer (Poplar, 2000). A device attached to a TCP/IP network via a NIC is called a TCP/IP host. Note that the MAC addressing scheme does not provide a way to identify individual networks, only individual hosts. © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 3 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University With IP addressing, individual hosts can still be uniquely identified, but in a different way. Hosts are identified by specifying both: a) the network on which the host resides (the network id), plus b) a unique host number on that network (the host ID). Thus Layer 3 devices can work either with individual networks by using just the network ID (the beginning portion of the IP address), or with individual hosts by using both the network ID and host ID, i.e., the entire IP address (Heywood, 1997). Network layer (Layer 3) software and devices thus must be able to separate IP addresses into their network ID and host ID portions. This is accomplished with the help of another 32-bit binary number called a subnet mask. The job of the subnet mask is to tell which part of the IP address is the network ID, and which part is the host ID. Since the network ID is always the leading part of an IP address and the host ID is always the trailing part, a simple masking scheme can be used (Dulaney, 1998). A subnet mask always consists of a series of uninterrupted 1 bits followed by a series of uninterrupted 0 bits. These two portions of the subnet mask (all 1’s and all 0’s) correspond to the two parts of an IP address. The 1 bits in the subnet mask match up with the Network ID, and the 0 bits in the subnet mask match up with the Host ID in the IP address. By looking at the subnet mask, it is easy to tell which part of an IP address represents the network ID and which part represents the host ID. The following example illustrates the use of a subnet mask to separate the network ID and host ID portions of an IP address for a standard Class B network (for Class B networks the first 2 octets of the IP address make up the network ID and the last 2 octets make up the host ID): 32-bit IP Address: 10010010101010000000000000000111 32-bit Subnet Mask: 11111111111111110000000000000000 To enhance clarity we repeat the example above, this time adding some white space between the octets in both the IP address and the subnet mask: IP Address: Subnet Mask: 10010010 10101000 00000000 00000111 11111111 11111111 00000000 00000000 Observe how the subnet mask consists of 2 octets of uninterrupted 1’s (indicating the network ID part of the corresponding IP address), and 2 octets of uninterrupted 0’s (indicating the host ID part of the corresponding IP address). Using the subnet mask, we can readily separate the IP address into its two parts: Network ID: Host ID: 10010010 10101000 00000000 00000111 Although it is easiest to understand the role of the subnet mask while working in binary, binary notation is in general too cumbersome for humans. Hence IP addresses and subnet masks are usually written in dotted-decimal notation (Cunningham, 1998), in which each octet is converted to its equivalent decimal number, and the four decimal numbers are separated with dots (i.e., periods). The IP address and subnet mask from the example above would appear in dotted-decimal as: © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 4 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University IP Address: Subnet Mask: 146.168.0.7 255.255.0.0 Network ID: Host ID: 146.168 0.7 Note that the network ID is usually seen written as 4 octets (which can be created by appending any necessary 0 octets to the end of the network ID as delimited by the subnet mask), and that leading 0 octets are usually dropped from the host ID, as in: Network ID: 146.168.0.0 Host ID: 7 It is also important to remember that the octet 00000000 in binary becomes 0 in dotteddecimal notation, and the octet 11111111 in binary becomes 255 in dotted-decimal notation. Finally, we consider the basic concepts of subnetting. Imagine that your organization has obtained an official “public” network address from your Internet Service Provider (ISP) for your organization to use on the Public Internet. You could equally well imagine that your organization has chosen a “private” IP address to use for an internal TCP/IP network that will not be connected to the Public Internet (i.e., an intranet). In either scenario, you have the same problem: Your organization has enough hosts that they cannot, for a variety of reasons beyond the scope of this paper, coexist on the same TCP/IP network (Craft, 1998). The network must be broken up (or segmented) into separate subnetworks. Reasons to segment a large network may include such things as: reducing the size of collision domains, reducing the size of broadcast domains, implementing security, organizing subnetworks to reflect corporate structures, joining networks across WAN links, and segmenting network administration responsibilities (Bulette, 1998). To segment the original network, we must devise an addressing scheme that is able to identify each subnetwork within the (original) larger network. This will require the use of an additional subnet ID along with the original network ID. A Given host will then be uniquely identified by the combination of: 1. A network ID that uniquely specifies the network on which the host resides (if the network is on the public Internet, this network ID is the address that will identify the network (including all its subnets) on the public Internet) 2. A subnet ID that uniquely specifies the subnetwork (within the original network in item 1 above) on which the host resides 3. A host ID that uniquely specifies the host on the subnetwork in item 2 above An IP address already accommodates a network ID and a host ID, so all that is required is some way to create the subnet ID field. Since we can’t expand the size of the IP address (32 bits for IPv4), we most “borrow” some bits from the existing address to use for the © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 5 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University subnet ID. We can’t borrow bits from the network ID part of the IP address because this has been pre-assigned by our ISP to uniquely identify our organization’s network. Changing the network ID would wreck our ISP’s assignments of network ID’s to the ISP’s customers. Hence we are forced to borrow bits to create the subnet ID from the existing host ID field. The process of borrowing bits from the host ID field to form a new subnet ID field is known as subnetting. The process is shown in Table 2 below: Table 2 Network ID 3 Bits Borrowed for Subnet ID 10010010 10101000 000 Host ID (3 bits Shorter) 00000 00000111 Notice that when we “borrow” bits from the host ID for the subnet ID, the original subnet mask is no longer accurate. As shown in Table 3 below, the original subnet mask has binary 0’s matching up with the bits in the new Subnet ID. Since binary 0’s in the subnet mask indicate the Host ID field, the newly created “Subnet ID” field still appears to belong to the original Host ID field. Table 3 Network ID 3 Bits Borrowed for Subnet ID Host ID (3 Bits Shorter) IP Address: 10010010 10101000 000 00000 00000111 Original Subnet Mask: 11111111 11111111 000 (0 bits here make subnet ID appear to be part of host ID) 00000 00000000 To eliminate confusion over what bits still belong to the original Host ID field and what bits belong to the new Subnet ID field, we must extend the binary 1’s in the original Subnet Mask with enough 1 bits to match the size of the newly created Subnet ID field (and correspondingly reduce the number of 0’s which originally identified the Host ID in the Subnet Mask by the same amount). The new subnet mask is called a custom subnet mask. After this adjustment, the total number of bits in the custom subnet mask will still be 32, but the number of binary 1’s will have increased by the size of the subnet ID, and the number of binary 0’s will have decreased accordingly. This operation is illustrated in Table 4 below: © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 6 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University Table 4 Network ID Bits Borrowed for Subnet ID Shortened Host ID IP Address: 10010010 10101000 000 00000 00000111 Original Subnet Mask: 11111111 11111111 000 00000 00000000 Custom Subnet Mask 11111111 11111111 111 (1 bits here indicate field belongs to network ID) 00000 00000000 A critical issue when “borrowing” bits from the host ID to create the subnet ID is to accurately determine the following information: 1. How many subnets are needed 2. How many bits must be “borrowed” from the host ID field for the new subnet ID field to accommodate the required number of subnets 3. What is the largest number of hosts that will ever be on a given subnet 4. How many bits must be retained in the host ID field to accommodate the maximum number of hosts needed These considerations mandate that careful planning should be carried out before the subnetting process is begun. It is obviously prudent to plan for future as well as for current needs. Once pre-planning is complete, the actual subnetting process involves the following steps: 1. Determine how many subnets are needed 2. Determine the maximum number of hosts that will be on any given subnet 3. Determine how many bits to borrow from the host ID field for the subnet ID field 4. Determine how many bits must remain in the host ID field (and therefore cannot be borrowed for the subnet ID) 5. Determine how many bits are in the original network ID and host ID fields 6. Check to ensure that the number of bits to be “borrowed” from the host ID does not exceed the number of bits to be retained for the host ID (i.e., check that the subnetting problem is solvable) 7. Set an optimal length for the subnet ID field, including room for future growth © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 7 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University 8. Create a modified (custom) subnet mask for the network 9. Determine the valid subnet ID’s for the network 10. Determine the valid ranges of IP addresses for each subnet on the network A Simple Subnetting Procedure The following step-by-step procedure can be used to subnet a TCP/IP network. It is assumed that the reader is already familiar with IP addressing, subnet masks, the separation of an IP address into a network ID and a host ID, and basic subnet concepts as discussed above. 1. Determine the required number of subnets and call it S (“big S”) When estimating the required number of subnets, it is critical to consider not only your current subnet needs, but also to plan for future growth. If there is historical information available, use it as a guide to predict how many subnets will be needed next year, two years from now, three, etc. Remember to include both current and anticipated subnetworks in your total. If your WAN links are handled as separate subnets, then count each WAN link too. Remember to leave plenty of room for growth. Nothing is more embarrassing (and costly) than to have to redo a network design because of poor planning. Work closely with users and management to uncover upcoming changes that might affect future growth in ways not shown by historical data (such as an anticipated merger or acquisition, introduction of a new product line, etc.). In the steps that follow, assume that S = 5. 2. Determine the maximum number of hosts per subnet and call it H (“big H”) In TCP/IP terminology, a “host” is any device that attaches to the network via a network interface. The count should reflect the largest number of network interfaces that will ever be on a given subnet. Remember to include not only network interfaces for computers, but also any network interfaces in printers, routers, or any other networked devices. Some computers (called multihomed hosts) may have more than one NIC, in which case each NIC is counted separately. Other devices (such as bridges or routers) will also have more than one network interface. It is not necessary to tabulate the number of network interfaces for every subnet. The purpose of step 2 is to count the maximum number of interfaces that will ever be needed for the largest subnet. As with step 1, remember to plan for growth. Use historical data if available, but also look for upcoming changes that could lead to significant growth not reflected in the © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 8 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University historical data. Again, nothing is more embarrassing than to have to redo a network design because of poor planning. In the steps that follow, assume that H = 50. 3. Find the smallest integer s (“little s”) such that 2s – 2 ≥ S This step calculates the number of bits s (“little s”) needed in the IP address for the subnet ID’s. “Little s” is the smallest integer (whole number) such that 2s – 2 is at least S (“big S”, the required number of subnets). As the following table illustrates, with s bits for the subnet ID, we can address 2s different subnets. However, a subnet ID is not allowed to be either all 0’s (which according to TCP/IP standards always means the current subnet and therefore cannot be used as a subnet ID for an actual subnet), or all 1’s (which according to TCP/IP standards is always a broadcast address and therefore cannot be used as a subnet ID for an actual subnet) (Heywood, 1997). Hence with s bits for the subnet ID, the effective number of addressable subnets is 2s – 2, as shown in Table 5 below: Table 5 s = number of bits for subnet ID 2s – 2 = number of addressable subnets Valid subnet addresses (all 0s or all 1’s are invalid and are shown crossed out) 1 (produces no valid addresses) 21 – 2 = 2 – 2 = 0 0 1 2 22 – 2 = 4 – 2 = 2 00 01 10 11 3 23 – 2 = 8 – 2 = 6 000 001 010 011 100 101 110 111 Calculating s is easier if we rewrite the inequality 2s – 2 ≥ S as 2s ≥ S + 2. If you are comfortable with the entries in Table 1, you can quickly find the smallest s such that 2s ≥ S + 2 as follows: © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 9 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University 1. Find the smallest integer value in the right-hand column of Table 1 that is equal to or greater than S + 2 (“big S” plus 2) 2. Using Table 1, find the corresponding value of s (“little s”) from the left-hand column 3. This is the number of bits needed for the subnet ID’s in your IP addresses For example, if S = 5, the smallest integer value from the right-hand column of Table 1 that is ≥ 5 + 2 = 7 is 8. The corresponding value of s (from the left-hand column of Table 1) is 3. If on the other hand S = 7, the smallest integer value from the righthand column of Table 1 that is greater than or equal to 7 + 2 = 9 is 16. Hence the value of s is 4. 4. Find the smallest integer h (“little h”) such that 2h – 2 ≥ H This step calculates the number of bits h (“little h”) needed in the IP address for the host ID’s, and is similar to step 3. In fact, the TCP/IP standards state that a host ID cannot be all 0’s, since a 0 host ID always refers to the current host (and so can never be used as the address for a particular host), or all 1’s, since all 1’s indicates a broadcast address (and so can never be used for the address of a particular host) (Heywood, 1997). Hence the formula for finding the number of bits needed for the host ID’s is exactly parallel to that used to calculate the number of bits needed for the subnet ID’s. Similar to step 3, we look for the smallest integer h such that 2h – 2 ≥ H. By rewriting the inequality as 2h ≥ H + 2, we can use a parallel procedure to that in step 3: 1. Find the smallest integer value in the right-hand column of Table 1 that is equal to or greater than H + 2 (“big H” plus 2) 2. Using Table 1, find the corresponding value of h (“little h”) from the left-hand column 3. This is the number of bits needed for the host ID’s in your IP addresses For example, if H = 50, the smallest integer value from the right-hand column of Table 1 that is ≥ 50 + 2 = 52 is 64. The corresponding value of h (from the left-hand column of Table 1) is 6. If on the other hand H = 30, the smallest integer from the right-hand column of Table 1 that is greater than or equal to H + 2 = 30 + 2 = 32 is 32. Hence h = 5. 5. Determine the total number of host ID bits in the standard subnet mask for your assigned address class. Call the number of host ID bits T (“big T”). Table 6 below shows the standard number of Host ID bits for each of the three major address classes, A, B, and C. To determine the address class of a network ID, look at the first octet in dotted-decimal notation. As Table 6 shows, if the first octet is between 1 – 126, the network is Class A; if the first octet is between 128 – 191, the © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 10 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University network is Class B; if the first octet is between 192 – 223, the network is Class C. Once you know the address class, it is easy to determine the number of host ID bits from Table 6. For example, if you have been officially assigned a Class B address, T = 16; if you have been officially assigned a Class C address, T = 8; etc. To do mental subnetting, it is helpful to memorize Table 6. Table 6 Address Class Starting Octet for Network ID (in decimal) Network ID Bits in Standard Subnet Mask Host ID Bits in Standard Subnet Mask (T) A 1 – 126 8 24 B 128 – 191 16 16 C 192 - 223 24 8 For example, assume the official network ID is 146.168.0.0. According to Table 6, this is a Class B address (since 146 is between 128 – 191, inclusive) and the number of host ID bits in the standard subnet mask is T = 16. 6. If s + h > T, then you need more host ID bits than are available for your official address class. You cannot meet your subnetting requirements (i.e., the problem is not solvable using your assigned address class) In this case your officially assigned Network ID requires so many bits in the IP address that there are not enough bits left over to satisfy your needs for subnet ID’s and host ID’s. In short, your subnetting requirements S (”big S”) and H (“big H”) when taken together are too large for your assigned address class. You will either have to reduce the values of S and/or H, or apply for an official network ID that requires fewer network ID bits and leaves more host ID bits (i.e., change from class C to class B, or from class B to class A). If s + h > T, start over again at step 1 after changing your requirements (i.e., the estimated number of subnets and/or the maximum required number of hosts per subnet), and/or changing your officially assigned address class. In our example, T = 16, s = 3, and h = 6. Hence s + h = 3 + 6 = 9, which is not greater than T = 16. Hence we can proceed to the next step. 7. If s + h = T, skip the next step (step 8) You have exactly enough bits for the desired subnetting. Skip step 8 and go on to step 9. In our example, s + h = 3 + 6 = 9 and T = 16, so we must carry out step 8. © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 11 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University 8. If s + h < T, then you have T – s – h “extra” bits to distribute between s and h in a manner that best provides for unanticipated future growth. Calculate r (“little r”) as r = T – s – h, the number of bits that you can deploy either for extra subnet ID bits and/or for extra host ID bits, then increase s and/or h accordingly You have r (“little r”) bits to distribute between s (“little s”, the number of bits needed for subnet ID’s) and h (“little h”, the number of bits needed for host ID’s). Increase s and/or h until you’ve used up all r bits (at which point T = s + h, as in step 7). Since you are more likely to run out of subnets before you run out of host ID’s on any given subnet, it is probably safer to make sure that s is comfortably large before increasing h. Assume that at the beginning of step 8, T = 16, s = 7, and h = 6. You then have T – s – h = 16 – 7 – 6 = 3 bits to distribute between s and h. Since it is probably a safer hedge to increase s, you might give 2 of the 3 “extra” bits to s (making s = 9), and give 1 of the 3 extra bits to h (making h = 7). If done correctly, the new values of s and h will sum to T (9 + 7 = 16). In the example we’ve been following from previous steps, r = T – s – h = 16 – 3 – 6 = 7 bits to distribute between s and h. We will increase s by 1 (making the new value of s = 4), and increase h by 6 (making the new value of h = 12). Since it is often more important to increase s than to increase h, we should carefully question our decision to increase s by only one. Let us assume that we have a very high degree of confidence in our original estimate for S, but are less sure of our original estimate for H. Hence we (perhaps atypically) decide to favor h over s in this step. 9. Determine the custom subnet mask for your network Start with the default (standard) subnet mask for your address class as shown in Table 7 below: We will extend the network ID portion of the default subnet mask by replacing its leftmost zero octet (shown bolded in the table) with a new value. Table 7 Address Class Default Subnet Mask Leftmost Zero Octet A 255.0.0.0 255. .0.0 B 255.255.0.0 255.255. .0 C 255.255.255.0 255.255.255. Calculate the new value for the leftmost zero octet in the standard subnet mask as: 256 – 28 - s © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 12 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University For example, if the adjusted value of s is 4, we calculate 256 – 28 – 4 = 256 – 24 = 256 – 16 = 240. This value will replace the leftmost zero octet in the default subnet mask for our network class, thus forming the custom subnet mask. Since in Step 5 we determined that our network ID was Class B, our default subnet mask from Table 7 is 255.255.0.0. Replace the leftmost zero octet (shown bolded) with the value 240 to obtain the custom subnet mask 255.255.240.0. 10. Determine the Valid Network ID’s for the New Subnets The next step is to determine the network (and subnetwork) ID’s for the new subnets. Start by identifying the leftmost 0 octet in the original network ID for your network (expressed as four octets in dotted-decimal). This is the octet that corresponds to the leftmost 0 octet in the standard subnet mask (i.e., the octet shown bolded in Table 7). For the original subnet mask in our example, it would be the third octet from the left (shown bolded): 146.168.0.0. For a Class A network, this will always be the second octet (as in 13.0.0.0), for a class B network, this will always be the third octet (as in 146.168.0.0), and for a Class C network, this will always be the fourth octet (as in 193.200.17.0). Note this particular octet will always have all 0’s in the extended subnet ID area (the area “borrowed” from the original host ID), and so is not a valid subnetwork ID (recall that a zero value is not permitted for either a network or subnetwork ID). To obtain the first valid subnetwork ID, add 28 – s to the leftmost 0 octet (as identified above) in the original network address. Now add 28 – s to the same octet in the first subnetwork ID to get the second subnetwork ID, add 28 – s to the same octet in the second to get the third, etc. Continue in this fashion until you have obtained 2s – 2 subnetwork ID’s, or until you reach the value of your custom subnet mask. Note that the custom subnet mask value itself is not a valid network ID because the subnet ID is all 1’s (the reserved broadcast address). In our example, the original network ID is 146.168.0.0 (the leftmost zero octet is shown bolded), the updated value of s is 4, and 28 – s = 28 – 4 = 24 = 16. We expect 2s – 2 = 24 – 2 = 16 – 2 = 14 subnets, which we find as follows: The first network ID is obtained by adding 28 – s (i.e., 16) to the leftmost 0 octet in the original network address, forming the first network ID, i.e., add 16 to the third octet (shown bolded) in 146.168.0.0 to yield 146.168.16.0 (first valid subnet ID) The second subnet ID is obtained by adding 28 – s (16) to the same octet in the first valid subnet ID (shown bolded above), i.e., add 16 to the third octet (shown bolded) in 146.168.16.0 to yield 146.168.32.0 © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 13 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University To form the third network ID, again add 28 – s (16) to the same octet in the second valid subnet ID (shown bolded above), i.e., add 16 to the bolded octet in 146.168.32.0 to yield 146.168.48.0 Repeat this procedure until you have obtained the expected 14 subnetwork addresses (or until you reach the custom subnet mask from Step 9). The results are shown in Table 8 below: Table 8 Original Network ID (Not a valid subnetwork address) 146.168.0.0 Network ID for Subnet 1 146.168.16.0 Network ID for Subnet 2 146.168.32.0 Network ID for Subnet 3 146.168.48.0 Network ID for Subnet 4 146.168.64.0 Network ID for Subnet 5 146.168.80.0 Network ID for Subnet 6 146.168.96.0 Network ID for Subnet 7 146.168.112.0 Network ID for Subnet 8 146.168.128.0 Network ID for Subnet 9 146.168.144.0 Network ID for Subnet 10 146.168.160.0 Network ID for Subnet 11 146.168.176.0 Network ID for Subnet 12 146.168.192.0 Network ID for Subnet 13 146.168.208.0 Network ID for Subnet 14 146.168.224.0 Custom Subnet Mask value (Not a valid subnetwork address) 146.168.240.0 © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 14 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University 11. Determine the Valid IP Addresses for Each Subnet The final step in subnetting is to determine the valid IP addresses for each new subnetwork. To generate the valid IP addresses for a given subnetwork, start with that subnetwork’s network address (as shown in Table 8, for example). Add 1 to the rightmost octet in the subnet address to obtain the first valid IP address on that subnet. In our example: Network ID of first subnet: 146.168.16.0 First valid IP address on that subnet: 146.168.16.1 Continue to add 1 to the rightmost octet until one of the following three conditions occurs: 1. The octet that you are incrementing reaches 255. When incrementing the value 255, instead of adding 1 (to get 256), roll the 255 back to 0 and add 1 to the next octet to the left. This operation is similar to a carry in ordinary decimal addition. For example, assume you have just added 1 to 146.168.16.254 to obtain 146.168.16.255. The next step would not be to add 1 again to obtain 146.168.16.256 (which is not a valid IP address). Instead, roll the 255 back to 0 and add 1 to the next octet to the left (the 16), yielding 146.168.17.0. From this point, continue to increment as before to obtain additional IP addresses for the current subnet 2. While incrementing, you get to the point where another increment would reach one less than the network ID for the next subnet. In this case, you have listed all the valid IP addresses for the current subnet, and you must move on to the next subnet (by starting with its network ID and repeatedly incrementing the rightmost octet by 1) 3. You reach a total of 2h – 2 IP addresses for a given subnet. This is equivalent to condition 2 above, and in fact is just another way of looking at the same situation. As in condition 2, you have listed all the valid IP addresses for the current subnet. Move on to the next subnet by starting with its network ID and repeatedly incrementing by 1 Repeat this process for all subnetworks to obtain a complete list of valid IP addresses for each subnet. In our example, we start with 146.168.16.0, the network ID for the first subnet (see Table 8). Add 1 to the rightmost octet to obtain the first valid IP address for this subnet, namely 146.168.16.1. Again, add 1 to the rightmost octet to obtain the second valid IP address for this subnet, namely 146.168.16.2. Continue in this fashion until reaching 146.168.16.254, which after incrementing yields an IP address of 146.168.16.255. Note that this is a valid IP address on the subnet. The next valid IP address is found by rolling the 255 back to 0 and incrementing the next octet to the © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 15 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University left, yielding 146.168.17.0. Continue incrementing until reaching 146.168.17.255, which is followed by 146.168.18.0. Again, the process repeats until we hit 146.168.18.255, which is followed by 146.168.19.0. This process will continue all the way to 146.168.30.255, which is followed by 146.168.31.0. We continue to increment until reaching 146.168.31.254. We are now at the point where yet another increment would yield one less than the next subnet’s network ID (i.e., if we were to carry out one more increment we would be at 146.168.31.255, which if it were itself incremented would yield the subnet ID for the next subnet, 146.168.32.0). At this point we have a complete list of all valid IP addresses for the first subnet. We would then have to repeat the entire process for the second subnet, etc. Table 9 summarizes the IP addresses for the first subnet: Table 9 IP Addresses for Subnet 1 (Network Address 146.168.16.0) 146.168.16.1 to 146.168.16.255 146.168.17.0 to 146.168.17.255 146.168.18.0 to 146.168.18.255 146.168.19.0 to 146.168.19.255 146.168.20.0 to 146.168.20.255 146.168.21.0 to 146.168.21.255 … 146.168.30.0 to 146.168.30.255 146.168.31.0 to 146.168.31.254 Do not be confused by the fact that some valid IP addresses end in 0 or 255. This happens normally when subnetting, and the rules about not having network, subnetwork, or host ID’s equal to all 0’s or all 1’s are not necessarily violated just because an octet is equal to all 0’s or all 1’s. The rules place restrictions on the values of network, subnetwork, and host ID’s, not on the values of octets. To understand this, consider the IP address 146.168.17.0 from Table 9 and analyze it according to the custom subnet mask for our example network, 255.255.240.0. © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 16 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University Table 10 Standard Network ID Part of IP Address Bits Borrowed from Host ID to form Subnet ID Part of IP Address Shortened Host ID Part of IP Address IP Address 146.168.17.0 10010010 10101000 0001 0001 00000000 Custom Subnet Mask 255.255.240.0 11111111 11111111 1111 0000 00000000 Notice that although the rightmost octet of the Host ID consists of all zero bits, the full Host ID is a total of 12 bits and is not all 0’s (the sole one bit is shown bolded). For a second example, consider the IP address 146.168.21.255 from Table 9. Although the last octet is 255 (eight 1’s in binary), the following analysis shows that the full host ID is not all 1 bits (the two zero bits in the host ID are shown bolded): Table 11 Standard Network ID Part of IP Address Bits Borrowed from Host ID to form Subnet ID Part of IP Address Shortened Host ID Part of IP Address IP Address 146.168.21.255 10010010 10101000 0001 0101 11111111 Custom Subnet Mask 255.255.240.0 11111111 11111111 1111 0000 00000000 A Class C Example Suppose an ISP assigns a Class C network address of 193.200.35.0 to an organization (call it Widgets, Inc., or just Winc). We will work through the 11 steps presented above in order to subnet this Class C network. © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 17 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University 1. After meetings with relevant Winc personnel and study of historical growth trends, it is determined that Winc currently needs 2 subnets, with practically no likelihood of adding other subnets in the future. Therefore, we set S (“big S”) at 2. 2. After meetings with relevant Winc personnel and study of historical growth trends, it is determined that Winc currently needs at most 25 hosts on any subnet. In the future, subnet size is not expected to pass 30 hosts. Hence, we set H (“big H”) at 30. 3. To find the smallest integer s such that 2s – 2 ≥ S, we first rewrite the inequality as 2s ≥ S + 2. Since S = 2, this becomes 2s ≥ 2 + 2 or 2s ≥ 4. Reference to Table 1 shows that the smallest such integer s is 2. 4. To find the smallest integer h such that 2h – 2 ≥ H, we first rewrite the inequality as 2h ≥ H + 2. Since H = 30, this becomes 2h ≥ 30 + 2 or 2h ≥ 32. Reference to Table 1 shows that the smallest such integer h is 5. 5. Winc’s assigned network address is 193.200.35.0, which begins with 193. Hence Winc has a Class C network address for which T (“big T”) is 8 (see Table 6). 6. Now we can calculate s + h = 2 + 5 = 7, which does not exceed the value of “big T” (T = 8). Hence we have a solvable subnetting problem and can proceed to step 7. 7. Since s + h = 2 + 5 = 7 which is not equal to 8 (the value of T), we must carry out step 8 8. Since s + h = 2 + 5 = 7 is less than T = 8, we have r = T – s – h = 8 – 2 – 5 = 1 bit left over to increase the value of either s or h. Since in general Winc is more likely to run short of subnets rather than hosts on a subnet, we allocate the extra bit to s, incrementing s so that now s = 3. Note that now s + h = 3 + 5 = 8 = T. 9. To determine the custom subnet mask for Winc’s network, we start with the standard (default) subnet mask for Class C (Winc’s network class), which according to Table 7 is 255.255.255.0. We will replace the leftmost zero octet in the original subnet mask (i.e., the 0 in 255.255.255.0), with a new octet that will extend the subnetwork ID into the host ID. Calculate the new value for the original leftmost zero octet as 256 – 28 – s, which is 256 – 28 – 3 or 256 – 25 or 256 – 32 or 224. Hence the custom subnet mask for Winc’s network is 255.255.255.224. 10. Now we determine the valid network ID’s for the new subnets by identifying the leftmost 0 octet in the original network ID assigned by the ISP. Since this network ID is 193.200.35.0, the leftmost 0 octet (the only 0 octet) is also the rightmost 0 octet (shown bolded). We now add 28 – s = 28 – 3 = 25 = 32 to this 0 octet to get the new value for the octet in the first subnet ID: 32 + 0 = 32. Thus the network ID for the first subnet is © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 18 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University 193.200.35.32 We continue adding 28 – s to this octet until we either reach the value of the custom subnet mask (255.255.255.224) or until we have network addresses for 2s – 2 subnets (these two conditions are equivalent and so will occur at the same time). In our case, 2s – 2 = 23 – 2 = 8 – 2 = 6 subnets, so we continue adding 28 – s five more times (for a total of six times) as shown below: Table 12 Original Network ID (not a valid subnet address since subnet ID is all 0’s) 193.200.35.0 Address for subnet 1 193.200.35.32 Address for subnet 2 193.200.35.64 Address for subnet 3 193.200.35.96 Address for subnet 4 193.200.35.128 Address for subnet 5 193.200.35.160 Address for subnet 6 193.200.35.192 Custom Subnet Mask (not a valid subnet address since subnet ID is all 1’s) 193.200.35.224 11. To determine the valid IP addresses for each subnet, we begin with the network ID for the subnet. Let us start with the first subnet whose address (as seen from Table 12) is 193.200.35.32. To find the first IP address on the subnet, we add 1 to the rightmost octet of the subnet address: 32 + 1 = 33. Thus the first IP address on subnet 1 is 193.200.35.33 We will continue incrementing until we reach 255, or until the next increment would reach two less than the next subnet address, or until we have generated 2h – 2 IP addresses (these last two conditions are equivalent and will always occur at the same time). Since in our case h = 5, we can expect 25 – 2 = 32 – 2 = 30 IP addresses per subnet. The valid IP addresses for subnet 1 are shown in the following table: Subnet 1 Address # 1 2 3 IP Address 193.200.35.33 193.200.35.34 193.200.35.35 © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 19 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University Subnet 1 Address # 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 IP Address 193.200.35.36 193.200.35.37 193.200.35.38 193.200.35.39 193.200.35.40 193.200.35.41 193.200.35.42 193.200.35.43 193.200.35.44 193.200.35.45 193.200.35.46 193.200.35.47 193.200.35.48 193.200.35.49 193.200.35.50 193.200.35.51 193.200.35.52 193.200.35.53 193.200.35.54 193.200.35.55 193.200.35.56 193.200.35.57 193.200.35.58 193.200.35.59 193.200.35.60 193.200.35.61 193.200.35.62 Note that if we increment the last octet of the 30th IP address (see Table 12), we get 63, which is one less than the network ID for the next subnet. Hence 193.200.35.62 is indeed the final IP address on subnet 1. The IP addresses for the remaining 5 subnets can be found in a similar manner. © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 20 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University References Bulette, G. TCP/IP MCSE Study Guide, Foster City, CA, IDG Books Worldwide, 1998. Craft, M., Mayo, B., Pherson, J., et. al., CCNA Cisco Certified Network Associate Study Guide (Exam 640-407), Berkeley, CA, Osborne McGraw-Hill, 1998 Cunningham, S., Frederick, B., First, T., et. al., MCSE Microsoft TCP/IP on Windows NT 4.0 Study Guide, Berkeley, CA, Osborne McGraw-Hill, 1998 Dulaney, E., Sherwood, L., Scrimger, R., MCSE Training Guide TCP/IP, Indianapolis, IN, New Riders Publishing, 1998. Feit, S. TCP/IP, New York, NY, McGraw-Hill, 1997. Heywood, D., Scrimger, R., Networking with Microsoft TCP/IP Certified Administrator’s Resource Edition, Indianapolis, IN, New Riders Publishing, 1997. Lammle, T., CCNA Cisco Certified Network Associate Study Guide (Exam 640-507), 2nd ed., Alameda, CA, SYBEX, 2000 Loshin, P. TCP/IP Clearly Explained, San Diego, CA, Academic Press, 1997. Odom, W., CCNA Exam Certification Guide, Indianapolis, IN, Cisco Press, 1999 Odom, W., Cisco CCNA Exam #640-507 Certification Guide, Indianapolis, IN, Cisco Press, 2000 Poplar, M., Waters, J., McNutt, S., and Stabenaw, D., CCNA Routing and Switching, Scottsdale, AR, Coriolis, 2000 \\ Search Search IP subnetting made easy by George Ou | Jun 28, 2006 7:00:00 AM Tags: NETWORKING, Network technology, George Ou, subnet, IP... 53 comment(s) © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 21 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University Email Share o Digg o Yahoo! Buzz o Twitter o Facebook o Google o del.icio.us o StumbleUpon o Reddit o Newsvine o Technorati Save Print Recommend 69 Takeaway: IP network engineers need a solid understanding of how IP subnetting works--yet the subject is often taught so poorly, students wind up completely baffled. George Ou has developed a simple, graphical approach that explains IP subnetting in a way that finally makes sense. This article is also available as a PDF download. IP subnetting is a fundamental subject that's critical for any IP network engineer to understand, yet students have traditionally had a difficult time grasping it. Over the years, I've watched students needlessly struggle through school and in practice when dealing with subnetting because it was never explained to them in an easy-to-understand way. I've helped countless individuals learn what subnetting is all about using my own graphical approach and calculator shortcuts, and I've put all that experience into this article. IP addresses and subnets © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 22 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University Although IP stands for Internet Protocol, it's a communications protocol used from the smallest private network to the massive global Internet. An IP address is a unique identifier given to a single device on an IP network. The IP address consists of a 32-bit number that ranges from 0 to 4294967295. This means that theoretically, the Internet can contain approximately 4.3 billion unique objects. But to make such a large address block easier to handle, it was chopped up into four 8-bit numbers, or "octets," separated by a period. Instead of 32 binary base-2 digits, which would be too long to read, it's converted to four base-256 digits. Octets are made up of numbers ranging from 0 to 255. The numbers below show how IP addresses increment. 0.0.0.0 0.0.0.1 ...increment 252 hosts... 0.0.0.254 0.0.0.255 0.0.1.0 0.0.1.1 ...increment 252 hosts... 0.0.1.254 0.0.1.255 0.0.2.0 0.0.2.1 ...increment 4+ billion hosts... 255.255.255.255 The word subnet is short for sub network--a smaller network within a larger one. The smallest subnet that has no more subdivisions within it is considered a single "broadcast domain," which directly correlates to a single LAN (local area network) segment on an Ethernet switch. The broadcast domain serves an important function because this is where devices on a network communicate directly with each other's MAC addresses, which don't route across multiple subnets, let alone the entire Internet. MAC address communications are limited to a smaller network because they rely on ARP broadcasting to find their way around, and broadcasting can be scaled only so much before the amount of broadcast traffic brings down the entire network with sheer broadcast noise. For this reason, the most common smallest subnet is 8 bits, or precisely a single octet, although it can be smaller or slightly larger. Subnets have a beginning and an ending, and the beginning number is always even and the ending number is always odd. The beginning number is the "Network ID" and the ending number is the "Broadcast ID." You're not allowed to use these numbers because they both have special meaning with special purposes. The Network ID is the official designation for a particular subnet, and the ending number is the broadcast address that every device on a subnet listens to. Anytime you want to refer to a subnet, you point to its Network ID and its subnet mask, which defines its size. Anytime you want to send data to everyone on the subnet (such as a multicast), you send it to the Broadcast ID. Later in this © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 23 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University article, I'll show you an easy mathematical and graphical way to determine the Network and Broadcast IDs. The graphical subnet ruler Over the years, as I watched people struggle with the subject of IP subnetting, I wanted a better way to teach the subject. I soon realized that many students in IT lacked the necessary background in mathematics and had a hard time with the concept of binary numbers. To help close this gap, I came up with the graphical method of illustrating subnets shown in Figure A. In this example, we're looking at a range of IP addresses from 10.0.0.0 up to 10.0.32.0. Note that the ending IP of 10.0.32.0 itself is actually the beginning of the next subnet. This network range ends at the number right before it, which is 10.0.31.255. Figure A © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 24 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University Note that for every bit increase, the size of the subnet doubles in length, along with the number of hosts. The smallest tick mark represents 8 bits, which contains a subnet with 256 hosts--but since you can't use the first and last IP addresses, there are actually only 254 usable hosts on the network. The easiest way to compute how many usable hosts are in a subnet is to raise 2 to the power of the bit size minus 2. Go up to 9 bits ,and we're up to 510 usable hosts, because 2 to the 9th is 512, and we don't count the beginning and ending. Keep on going all the way up to 13 bits, and we're up to 8,190 usable hosts for the entire ruler shown above. © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 25 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University Learning to properly chop subnets Subnets can be subdivided into smaller subnets and even smaller ones still. The most important thing to know about chopping up a network is that you can't arbitrarily pick the beginning and ending. The chopping must be along clean binary divisions. The best way to learn this is to look at my subnet ruler and see what's a valid subnet. In Figure B, green subnets are valid and red subnets are not. Figure B The ruler was constructed like any other ruler, where we mark it down the middle and bisect it. Then, we bisect the remaining sections and with shrinking markers every time we start a new round of bisecting. In the sample above, there were five rounds of bisections. If you look carefully at the edge of any valid (green) subnet blocks, you'll notice that none of the markers contained within the subnet is higher than the edge's markers. There is a mathematical reason for this, which we'll illustrate later, but seeing it graphically will make the math easier to understand. The role of the subnet mask The subnet mask plays a crucial role in defining the size of a subnet. Take a look at Figure C. Notice the pattern and pay special attention to the numbers in red. Whenever you're dealing with subnets, it will come in handy to remember eight special numbers that reoccur when dealing with subnet masks. They are 255, 254, 252, 248, 240, 224, 192, and 128. You'll see these numbers over and over again in IP networking, and memorizing them will make your life much easier. Figure C © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 26 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University I've included three class sizes. You'll see the first two classes, with host bit length from 0 to 16, most often. It's common for DSL and T1 IP blocks to be in the 0- to 8-bit range. Private networks typically work in the 8- to 24-bit range. Note how the binary mask has all those zeros growing from right to left. The subnet mask in binary form always has all ones to the left and all zeros to the right. The number of zeros is identical to the subnet length. I showed only the portion of the binary subnet in the octet that's interesting, since all octets to the right consist of zeros and all octets to the left consist of ones. So if we look at the subnet mask where the subnet length is 11 bits long, the full binary subnet mask is 11111111.11111111.11111000.00000000. As you can see under mask octet, the subnet mask transitions from 1 to 0 in the third octet. The particular binary subnet mask translates directly to base-256 form as 255.255.248.0. The "mask" in subnet mask The subnet mask not only determines the size of a subnet, but it can also help you pinpoint where the end points on the subnet are if you're given any IP address within that © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 27 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University subnet. The reason it's called a subnet "mask" is that it literally masks out the host bits and leaves only the Network ID that begins the subnet. Once you know the beginning of the subnet and how big it is, you can determine the end of the subnet, which is the Broadcast ID. To calculate the Network ID, you simply take any IP address within that subnet and run the AND operator on the subnet mask. Let's take an IP address of 10.20.237.15 and a subnet mask of 255.255.248.0. Note that this can be and often is written in shorthand as 10.20.237.15/21 because the subnet mask length is 21. Figure D and Figure E show the Decimal and Binary versions of the AND operation. Figure D Decimal math Figure E Binary math The binary version shows how the 0s act as a mask on the IP address on top. Inside the masking box, the 0s convert all numbers on top into zeros, no matter what the number is. When you take the resultant binary Network ID and convert it to decimal, you get 10.20.232.0 as the Network ID. One thing that's always bothered me about the way subnetting is taught is that students are not shown a simple trick to bypass the need for binary conversions when doing AND operations. I even see IT people in the field using this slow and cumbersome technique to convert everything to binary, run the AND operation, and then convert back to decimal using the Windows Calculator. But there's a really simple shortcut using the Windows Calculator, since the AND operator works directly on decimal numbers. Simply punch in 237, hit the AND operator, and then 248 and [Enter] to instantly get 232, as shown in Figure F. I'll never understand why this isn't explained to students, because it makes mask calculations a lot easier. Figure F © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 28 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University Since there are 11 zeros in the subnet mask, the subnet is 11 bits long. This means there are 2^11, or 2,048, maximum hosts in the subnet and the last IP in this subnet is 10.20.239.255. You could compute this quickly by seeing there are three zeros in the third octet, which means the third octet of the IP address can have a variance of 2^3, or 8. So the next subnet starts at 10.20.232+8.0, which is 10.20.240.0. If we decrease that by 1, we have 10.20.239.255, which is where this subnet ends. To help you visualize this, Figure G shows it on my subnet ruler. Figure G IP classes made simple For an arbitrary classification of IP subnets, the creators of the Internet chose to break the Internet into multiple classes. Note that these aren't important as far as your subnet calculations are concerned; this is just how the Internet is "laid out." The Internet is laid out as Class A, B, C, D, and E. Class A uses up the first half of the entire Internet, Class B uses half of the remaining half, Class C uses the remaining half again, Class D (Multicasting) uses up the remaining half again, and whatever is left over is reserved for Class E. I've had students tell me that they struggled with the memorization of IP classes for weeks until they saw this simple table shown in Figure H. This is because you don't actually need to memorize anything, you just learn the technique for constructing the ruler using half of what's available. © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 29 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University Figure H Remember that all subnets start with EVEN numbers and all subnet endings are ODD. Note that 0.0.0.0/8 (0.0.0.0 to 0.255.255.255) isn't used and 127.0.0.0/8 (127.0.0.0 to 127.255.255.255) is reserved for loopback addresses. All Class A addresses have their first octet between 1 to 126 because 0 and 127 are reserved. Class A subnets are all 24 bits long, which means the subnet mask is only 8 bits long. For example, we have the entire 3.0.0.0/8 subnet owned by GE, since GE was lucky enough to get in early to be assigned 16.8 million addresses. The U.S. Army owns 6.0.0.0/8. Level 3 Communications owns 8.0.0.0/8. IBM owns 9.0.0.0/8. AT&T owns 12.0.0.0/8. Xerox owns 13.0.0.0/8. HP owns 15.0.0.0/8 and 16.0.0.0/8. Apple owns 17.0.0.0/8. All Class B addresses have their first octet between 128 and 191. Class B subnets are all 16 bits long, which means the subnet masks are 16 bits long. For example, BBN Communications owns 128.1.0.0/16, which is 128.1.0.0 to 128.1.255.255. Carnegie Mellon University owns 128.2.0.0/16. All Class C addresses have their first octet between 192 and 223. Class C subnets are all 8 bits long, so the subnet mask is only 24 bits long. Note that ARIN (the organization that assigns Internet addresses) will sell blocks of four Class C addresses only to individual companies and you have to really justify why you need 1,024 Public IP addresses. If you need to run BGP so you can use multiple ISPs for redundancy, you have to have your own block of IP addresses. Also note that this isn't the old days, where blocks of 16.8 million Class A addresses were handed out for basically nothing. You have to pay an annual fee for your block of 1,024 addresses with a subnet mask of /22, or 255.255.252.0. The concept of subnet classes can cause harm in actual practice. I've actually seen people forget to turn classes off in their old Cisco router and watch large subnet routes get hijacked on a large WAN configured for dynamic routing whenever some routes were added. This is because a Cisco router will assume the subnet mask is the full /8 or /16 or /24 even if you define something in between. All newer Cisco IOS software versions turn off the concept of subnet classes and uses classless routing by default. This is done with the default command "IP Classless." Public versus private IP addresses © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 30 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University Besides the reserved IP addresses (0.0.0.0/8 and 127.0.0.0/8) mentioned above, there are other addresses not used on the public Internet. These private subnets consist of private IP addresses and are usually behind a firewall or router that performs NAT (network address translation). NAT is needed because private IP addresses are nonroutable on the public Internet, so they must be translated into public IP addresses before they touch the Internet. Private IPs are never routed because no one really owns them. And since anyone can use them, there's no right place to point a private IP address to on the public Internet. Private IP addresses are used in most LAN and WAN environments, unless you're lucky enough to own a Class A or at least a Class B block of addresses, in which case you might have enough IPs to assign internal and external IP addresses. The following blocks of IP addresses are allocated for private networks: 10.0.0.0/8 (10.0.0.0 to 10.255.255.255) 172.16.0.0/12 (172.16.0.0 to 172.31.255.255) 192.168.0.0/16 (192.168.0.0 to 192.168.255.255) 169.254.0.0/16 (169.254.0.0 to 169.254.255.255)* *Note that 169.254.0.0/16 is a block of private IP addresses used for random self IP assignment where DHCP servers are not available. 10.0.0.0/8 is normally used for larger networks, since there are approximately 16.8 million IP addresses available within that block. They chop it up into lots of smaller groups of subnets for each geographic location, which are then subdivided into even smaller subnets. Smaller companies typically use the 172.16.0.0/12 range, chopped up into smaller subnets, although there's no reason they can't use 10.0.0.0/8 if they want to. Home networks typically use a /24 subnet within the 192.168.0.0/16 subnet. The use of private IP addresses and NAT has prolonged the life of IPv4 for the foreseeable future because it effectively allows a single public IP address to represent thousands of private IP addresses. At the current rate that IPv4 addresses are handed out, we have enough IPv4 addresses for approximately 17 years. ARIN is much more stingy now about handing them out, and small blocks of IP addresses are relatively expensive compared to the old days, when companies like Apple were simply handed a block of 16.8 million addresses. The next version of IP addresses, called IPv6, is 128 bits long-and there are more than 79 thousand trillion trillion times more IP addresses than IPv4. Even if you assigned 4.3 billion people on the planet with 4.3 billion IP addresses each, you would still have more than 18 million trillion IPv6 addresses left! 53 comment(s) Email Share o Digg © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 31 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University o Yahoo! Buzz o Twitter o Facebook o Google o del.icio.us o StumbleUpon o Reddit o Newsvine o Technorati Save Print Recommend 69 People who read this, also read... Connecting 500 computers!!HOW? Cisco IP subnetting 101: An introduction to supernetting Subnets needed? How to determine the IP addresses and subnets if there's no DHCP server Cannot see the 10.130.1.x on my 10.130.0.x network. Print/View all Posts Comments on this article IP subnetting made easy JodyGilbert | 06/28/06 IP subnetting made easy Fred King | 06/29/06 I use that first diagram for laying things out georgeou | 06/29/06 © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 32 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University additional info rasta_don@... | 07/20/06 See if this animation helps georgeou | 07/20/06 172.16.0.0/12 (172.16.0.0 to 172.31.255.255) karl.barnes | 10/19/06 You need to stop thinking in terms of classes georgeou | 12/30/06 Good description vince_tuzzeo@... | 05/10/07 Sure thing georgeou | 05/10/07 Personally I cheat for subnetting Deadly Ernest | 07/03/06 An interesant tool ip calculator rimaya@... | 07/03/06 great stuff..! omen_1925@... | 07/03/06 Very Useful gfisher@... | 07/03/06 I rely heavily on the map georgeou | 07/03/06 Very intuitive razvandudu@... | 10/17/06 Very Useful Info On IP Subnetting clint@... | 07/03/06 George, you done good! bowenw@... | 07/03/06 Please download fixed PDF georgeou | 07/03/06 the "AND" operator llidwell | 07/07/06 The procedure is listed in this article georgeou | 07/08/06 Low Level Rules! centronmusic@... | 07/03/06 © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 33 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University Rulers work rob.harrington71@... | 07/03/06 Sorry for a mistake in Figure A and B georgeou | 07/03/06 Sorry for my mistake on Figure A and B, it's been fixed georgeou | 07/03/06 Subnet abdussalam86@... | 07/05/06 GOOD STUFF tjonas@... | 07/05/06 Superb explanation of subnetting stokecity | 07/10/06 Base 256? billgizzle@... | 01/16/07 I can assure you the math is on my side georgeou | 01/17/07 Another question qb4006 | 04/03/07 If that's all they give you, it's a bad question georgeou | 04/04/07 Thanks for the feedback qb4006 | 04/04/07 RE: IP subnetting made easy kumar.manish@... | 06/25/07 RE: IP subnetting made easy vipinsharma11@... | 07/11/07 RE: IP subnetting made easy click101@... | 08/25/07 Remember my calculator shortcut where you don't worry about binaries georgeou | 08/26/07 RE: IP subnetting made easy ans_84@... | 09/05/07 Ah, that's pretty simple. There are 8 in the 3rd octet. georgeou | 09/15/07 RE: IP subnetting made easy mazroyal@... | 09/15/07 © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 34 of 35 Subnetting Made Simple Computers in Education Journal (ASEE) Larry Newcomer, Penn State University RE: IP subnetting made easy rod.lee@... | 09/27/07 RE: IP subnetting made easy sureshkumar.one@... | 10/07/07 RE: IP subnetting made easy ebenedara@... | 10/14/07 RE: IP subnetting made easy nc_prashant@... | 02/07/08 RE: IP subnetting made easy ravi_nand_p@... | 02/27/08 RE: IP subnetting made easy philip_furness@... | 03/19/08 Unfortunately I hear that too often georgeou | 03/19/08 The moment it all kind of clicked Dumphrey | 03/19/08 RE: IP subnetting made easy deepak.dp1@... | 04/15/08 RE: IP subnetting made easy priyanka_deshmukh87@... | 07/05/08 On-Line Subnet Calculator - http://www.gwebtools.com/ip-subnet-calculator sonnenhohl@... | 09/23/08 RE: IP subnetting made easy NothingFace898912@... | 11/25/08 RE: IP subnetting made easy rakhi_74@... | 01/02/09 RE: IP subnetting made easy ronaldbelliott@... | 01/14/09 © L. Newcomer, Computers In Education Journal, lxn@psu.edu Page 35 of 35
