Home
Understanding the net mask or subnet mask
To date we have been dealing with
the default net masks for different class IP addresses. We know that
when they are represented in binary,
where there are 1's in the net mask we can resolve the network
address that the IP address belongs
to.
11000100.10101000.00011000.00001000
198.168.24.8 IP Address
11111111.11111111.11111111.00000000
255.255.255.0 subnet mask
11000100.10101000.00011000.00000000
198.168.24.0 Network Address
We know also that there are 254 possible IP addresses in any one class C network address. That is 256 (1 Byte) minus the Network and Broadcast addresses.
What if the network only required 25 IP addresses? Should we just waste the remaining 229 IP addresses, bearing in mind that I am referring here to global address not private addresses and they ARE within the Network Block, of this LAN?
The answer here is no! There is a critical shortage of globally unique IPv4 addresses. We can modify the subnet mask to 'borrow' some of the network bits to allow the IP address to be sub networked. This will produce more networks with fewer nodes enabling a single IP address to be divided up into many different independent networks.
Perhaps you want to have two networks that are isolated from each other for security or privacy reasons. You can achieve this by configuring clients on different networks and using software rules on a router to decide which networks may communicate and which are not permitted.
Let us look at the class C network mask.
11111111.11111111.11111111.00000000 255.255.255.0 Subnet mask
The host portion is in blue above. We can borrow some of the high order host bits and allocate them as part of the subnet mask.
11111111.11111111.11111111.11100000 255.255.255.224 Subnet mask
The effect of this is we now have an additional three bits that are used to subnet the network address. This changes the number of available networks (increases) and the number of hosts on each network (decreases). This will be clearer with a demonstration.
Below is an example of 198.168.24.0 / 27 - note 27 bits in the mask
A single class C network 198.168.24.0 using a subnet mask 255.255.255.224 (or 27 bits), these are the following sub-networks.
11000100.10101000.00011000.00000000
Network 198.168.24.0 (Network zero is no longer permitted
when sub networked)
This
in part contains the original network address which
cannot be used therefore the network block of 30 IP addresses cannot be used.
11000100.10101000.00011000.00100000
Network 198.168.24.32
(This is now a network address due to the subnet mask)
This
network block begins at 198.168.24.32
ends at the broadcast address 198.168.24.63 (tip:
one less than the next network block)
11000100.10101000.00011000.01000000
Network 198.168.24.64
This
network block begins at 198.168.24.64
ends at the broadcast address 198.168.24.95
11000100.10101000.00011000.01100000
Network 198.168.24.96
This
network block begins at 198.168.24.96
ends at the broadcast address 198.168.24.127
11000100.10101000.00011000.10000000
Network 198.168.24.128
This
network block begins at 198.168.24.128
ends
at the broadcast address 198.168.24.159
11000100.10101000.00011000.10100000
Network 198.168.24.160
This
network block begins at 198.168.24.160
ends at the broadcast address 198.168.24.191
11000100.10101000.00011000.11000000
Network 198.168.24.192
This network block begins at 198.168.24.192
ends at the broadcast address 198.168.24.223
11000100.10101000.00011000.11100000
Network 198.168.24.224 (Network all 1's is not permitted
in the subnet)
This
in part contains the original network broadcast address (.255)
which cannot be used therefore the block cannot be
used.
Understanding practical applications of sub netting
An organisation has purchased
a class C network address from the IANA (200.8.8.0). The building
has eight floors
each representing a different department,
and the manager wants to have eight different networks connected by
routers. This enables security
isolation between these different departments.
We need a new subnet mask! The first thing you do in determining
the subnet mask is to find out how many high order bits you need to borrow
to
create at least 8 new networks from your single class C network block.
This is achieved using a rule whereby we add together
the decimal values, right to left, of a binary table until the total value is greater
than the
number of required networks. This is a rule that just works.
| 128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |
| 1 | 1 | 1 | 1 |
Eg Starting from the right 1+2+4+8=15 this is greater than eight.
This means we must borrow at least four high order bits to create the new subnet mask
11111111.11111111.11111111.11110000 255.255.255.240 Subnet mask
We can
calculate the size of the network block (network intervals) by subtracting the subnet value from
256 (256-240=16)
We could have also used this rule with the number of bits borrowed - 24
Because we now know the network
block size we can write down the start of each sub network block, as they will
go up in increments of 16.
| Borrowed Bits
Binary Subnet |
Sub Networks |
No of IP hosts in each network block
|
Permitted? |
Broadcast Address (One less than the next network address) |
| 00000000 |
200.8.8.0 |
14 (.1-.14) |
No |
No |
This means the organisation can have up to 14 networks with each having up to 14 nodes connected in a LAN. They required 8.
- The number of networks can also be determined by the equation 2(Power of the number of 1's borrowed in the netmask) - 2
- The number of nodes on each network can be determined by the equation 2(Power of number of 0's left remaining in the netmask) - 2
- The size of each network block is 2(Number of 0's left in the netmask)
E.G. in the above example 24-2 = 14 Networks, and as it happens here 24-2 = 14 nodes too.
Two exercises to download, we will be doing these in class.
This is a subnet table for class B networks.
|
# Bits |
Mask In Binary (Class “B” examples) |
Mask In Decimal |
# of Subnets |
#Hosts/Nodes |
Valid Subnet |
#Hosts/Nodes |
|
0 |
11111111 .1111111 .00000000 .00000000 |
255 .255 .000 .000 |
0 |
655364 |
No |
655364 |
|
2 |
11111111 .1111111 .11000000 .00000000 |
255 .255 .192 .000 |
2 |
16382 |
Yes |
16382 |
|
3 |
11111111 .1111111 .11100000 .00000000 |
255 .255 .224 .000 |
6 |
8190 |
Yes |
8190 |
|
4 |
11111111 .1111111 .11110000 .00000000 |
255 .255 .240 .000 |
14 |
4094 |
Yes |
4094 |
|
5 |
11111111 .1111111 .11111000 .00000000 |
255 .255 .248 .000 |
30 |
2046 |
Yes |
2046 |
|
6 |
11111111 .1111111 .11111100 .00000000 |
255 .255 .252 .000 |
62 |
1022 |
Yes |
1022 |
|
7 |
11111111 .1111111 .11111110 .00000000 |
255 .255 .254 .000 |
126 |
510 |
Yes |
510 |
|
8 |
11111111 .1111111 .11111111 .00000000 |
255 .255 .255 .000 |
254 |
254 |
Yes |
254 |
|
9 |
11111111 .1111111 .11111111 .10000000 |
255 .255 .255 .128 |
510 |
126 |
Yes |
126 |
|
10 |
11111111 .1111111 .11111111 .11000000 |
255 .255 .255 .192 |
1022 |
62 |
Yes |
62 |
|
11 |
11111111 .1111111 .11111111 .11100000 |
255 .255 .255 .224 |
2046 |
30 |
Yes |
30 |
|
12 |
11111111 .1111111 .11111111 .11110000 |
255 .255 .255 .240 |
4064 |
14 |
Yes |
14 |
|
13 |
11111111 .1111111 .11111111 .11111000 |
255 .255 .255 .248 |
8190 |
6 |
Yes |
6 |
|
14 |
11111111 .1111111 .11111111 .11111100 |
255 .255 .255 .252 |
16380 |
2 |
No |
2 |
This is a subnet table for class C networks.
|
# Bits |
Mask In Binary (Class “C” examples) |
Mask In Decimal |
# of Valid Subnets |
# Hosts/Nodes |
Valid Subnet |
|
0 |
11111111 .1111111 .11111111 .00000000 |
255 .255 .255 .0 |
0 |
254 |
No |
|
2 |
11111111 .1111111 .11111111 .11000000 |
255 .255 .255 .192 |
2 |
62 |
Yes |
|
3 |
11111111 .1111111 .11111111 .11100000 |
255 .255 .255 .224 |
6 |
30 |
Yes |
|
4 |
11111111 .1111111 .11111111 .11110000 |
255 .255 .255 .240 |
14 |
14 |
Yes |
|
5 |
11111111 .1111111 .11111111 .11111000 |
255 .255 .255 .248 |
30 |
6 |
Yes |
|
6 |
11111111 .1111111 .11111111 .11111100 |
255 .255 .255 .252 |
62 |
2 |
No |
Further Reading
FAQ's on Sub-networkingSub-networking
Video about IPV6