IP subnetting made easy

By George Ou June 28, 2006, 12:00 AM PST

Email Alert RSS

P net!or" engineer# nee$ a #oli$ un$er#tan$ing o% &o! P #u'netting !or"#((yet t&e #u')e*t i# o%ten taug&t #o +oorly, #tu$ent# !in$ u+ *om+letely 'a%%le$, George Ou &a# $e-elo+e$ a #im+le, gra+&i*al a++roa*& t&at e.+lain# P #u'netting in a !ay t&at %inally ma"e# #en#e,
This article is also available as a PDF download.

P #u'netting i# a %un$amental #u')e*t t&at/# *riti*al %or any P net!or" engineer to un$er#tan$, yet #tu$ent# &a-e tra$itionally &a$ a $i%%i*ult time gra#+ing it, O-er t&e year#, /-e !at*&e$ #tu$ent# nee$le##ly #truggle t&roug& #*&ool an$ in +ra*ti*e !&en $ealing !it& #u'netting 'e*au#e it !a# ne-er e.+laine$ to t&em in an ea#y(to(un$er#tan$ !ay, /-e &el+e$ *ountle## in$i-i$ual# learn !&at #u'netting i# all a'out u#ing my o!n gra+&i*al a++roa*& an$ *al*ulator #&ort*ut#, an$ /-e +ut all t&at e.+erien*e into t&i# arti*le,
IP addresses and subnets

Alt&oug& P #tan$# %or nternet Proto*ol, it/# a *ommuni*ation# +roto*ol u#e$ %rom t&e #malle#t +ri-ate net!or" to t&e ma##i-e glo'al nternet, An P a$$re## i# a uni0ue i$enti%ier gi-en to a #ingle $e-i*e on an P net!or", T&e P a$$re## *on#i#t# o% a 12('it num'er t&at range# %rom 0 to 2232364235, T&i# mean# t&at t&eoreti*ally, t&e nternet *an *ontain a++ro.imately 2,1 'illion uni0ue o')e*t#, But to ma"e #u*& a large a$$re## 'lo*" ea#ier to &an$le, it !a# *&o++e$ u+ into %our 8('it num'er#, or 6o*tet#,6 #e+arate$ 'y a +erio$, n#tea$ o% 12 'inary 'a#e(2 $igit#, !&i*& !oul$ 'e too long to rea$, it/# *on-erte$ to %our 'a#e(256 $igit#, O*tet# are ma$e u+ o% num'er# ranging %rom 0 to 255, T&e num'er# 'elo! #&o! &o! P a$$re##e# in*rement, 0.0.0.0 0.0.0.1 ...increment 252 hosts... 0.0.0.254 0.0.0.255 0.0.1.0 0.0.1.1 ...increment 252 hosts... 0.0.1.254 0.0.1.255 0.0.2.0 0.0.2.1 ...increment 4+ billion hosts... 255.255.255.255 T&e !or$ subnet i# #&ort %or sub network((a #maller net!or" !it&in a larger one, T&e #malle#t #u'net t&at &a# no more #u'$i-i#ion# !it&in it i# *on#i$ere$ a #ingle 6'roa$*a#t $omain,6 !&i*& $ire*tly *orrelate# to a #ingle 7A8 9lo*al area net!or": #egment on an Et&ernet #!it*&, T&e

'roa$*a#t $omain #er-e# an im+ortant %un*tion 'e*au#e t&i# i# !&ere $e-i*e# on a net!or" *ommuni*ate $ire*tly !it& ea*& ot&er/# MA; a$$re##e#, !&i*& $on/t route a*ro## multi+le #u'net#, let alone t&e entire nternet, MA; a$$re## *ommuni*ation# are limite$ to a #maller net!or" 'e*au#e t&ey rely on ARP 'roa$*a#ting to %in$ t&eir !ay aroun$, an$ 'roa$*a#ting *an 'e #*ale$ only #o mu*& 'e%ore t&e amount o% 'roa$*a#t tra%%i* 'ring# $o!n t&e entire net!or" !it& #&eer 'roa$*a#t noi#e, <or t&i# rea#on, t&e mo#t *ommon #malle#t #u'net i# 8 'it#, or +re*i#ely a #ingle o*tet, alt&oug& it *an 'e #maller or #lig&tly larger, Su'net# &a-e a 'eginning an$ an en$ing, an$ t&e 'eginning num'er i# al!ay# e-en an$ t&e en$ing num'er i# al!ay# o$$, T&e 'eginning num'er i# t&e 68et!or" =6 an$ t&e en$ing num'er i# t&e 6Broa$*a#t =,6 >ou/re not allo!e$ to u#e t&e#e num'er# 'e*au#e t&ey 'ot& &a-e #+e*ial meaning !it& #+e*ial +ur+o#e#, T&e 8et!or" = i# t&e o%%i*ial $e#ignation %or a +arti*ular #u'net, an$ t&e en$ing num'er i# t&e 'roa$*a#t a$$re## t&at e-ery $e-i*e on a #u'net li#ten# to, Anytime you !ant to re%er to a #u'net, you +oint to it# 8et!or" = an$ it# #u'net ma#", !&i*& $e%ine# it# #i?e, Anytime you !ant to #en$ $ata to e-eryone on t&e #u'net 9#u*& a# a multi*a#t:, you #en$ it to t&e Broa$*a#t =, 7ater in t&i# arti*le, /ll #&o! you an ea#y mat&emati*al an$ gra+&i*al !ay to $etermine t&e 8et!or" an$ Broa$*a#t =#, The graphical subnet ruler O-er t&e year#, a# !at*&e$ +eo+le #truggle !it& t&e #u')e*t o% P #u'netting, !ante$ a 'etter !ay to tea*& t&e #u')e*t, #oon reali?e$ t&at many #tu$ent# in T la*"e$ t&e ne*e##ary 'a*"groun$ in mat&emati*# an$ &a$ a &ar$ time !it& t&e *on*e+t o% 'inary num'er#, To &el+ *lo#e t&i# ga+, *ame u+ !it& t&e gra+&i*al met&o$ o% illu#trating #u'net# #&o!n in Figure A, n t&i# e.am+le, !e/re loo"ing at a range o% P a$$re##e# %rom 10,0,0,0 u+ to 10,0,12,0, 8ote t&at t&e en$ing P o% 10,0,12,0 it#el% i# a*tually t&e 'eginning o% t&e ne.t #u'net, T&i# net!or" range en$# at t&e num'er rig&t 'e%ore it, !&i*& i# 10,0,11,255,

Figure A

8ote t&at %or e-ery 'it in*rea#e, t&e #i?e o% t&e #u'net $ou'le# in lengt&, along !it& t&e num'er o% &o#t#, T&e #malle#t ti*" mar" re+re#ent# 8 'it#, !&i*& *ontain# a #u'net !it& 256 &o#t#(('ut #in*e you *an/t u#e t&e %ir#t an$ la#t P a$$re##e#, t&ere are a*tually only 252 u#a'le &o#t# on t&e net!or", T&e ea#ie#t !ay to *om+ute &o! many u#a'le &o#t# are in a #u'net i# to rai#e 2 to t&e +o!er o% t&e 'it #i?e minu# 2, Go u+ to 3 'it# ,an$ !e/re u+ to 510 u#a'le &o#t#, 'e*au#e 2 to t&e 3t& i# 512, an$ !e $on/t *ount t&e 'eginning an$ en$ing, @ee+ on going all t&e !ay u+ to 11 'it#, an$ !e/re u+ to 8,130 u#a'le &o#t# %or t&e entire ruler #&o!n a'o-e,

Learning to properly chop subnets Su'net# *an 'e #u'$i-i$e$ into #maller #u'net# an$ e-en #maller one# #till, T&e mo#t im+ortant t&ing to "no! a'out *&o++ing u+ a net!or" i# t&at you *an/t ar'itrarily +i*" t&e 'eginning an$ en$ing, T&e *&o++ing mu#t 'e along *lean 'inary $i-i#ion#, T&e 'e#t !ay to learn t&i# i# to loo" at my #u'net ruler an$ #ee !&at/# a -ali$ #u'net, n Figure B, green #u'net# are -ali$ an$ re$ #u'net# are not, Figure B

T&e ruler !a# *on#tru*te$ li"e any ot&er ruler, !&ere !e mar" it $o!n t&e mi$$le an$ 'i#e*t it, T&en, !e 'i#e*t t&e remaining #e*tion# an$ !it& #&rin"ing mar"er# e-ery time !e #tart a ne! roun$ o% 'i#e*ting, n t&e #am+le a'o-e, t&ere !ere %i-e roun$# o% 'i#e*tion#, % you loo" *are%ully at t&e e$ge o% any -ali$ 9green: #u'net 'lo*"#, you/ll noti*e t&at none o% t&e mar"er# *ontaine$ !it&in t&e #u'net i# &ig&er t&an t&e e$ge/# mar"er#, T&ere i# a mat&emati*al rea#on %or t&i#, !&i*& !e/ll illu#trate later, 'ut #eeing it gra+&i*ally !ill ma"e t&e mat& ea#ier to un$er#tan$, The role of the subnet mask T&e #u'net ma#" +lay# a *ru*ial role in $e%ining t&e #i?e o% a #u'net, Ta"e a loo" at Figure C, 8oti*e t&e +attern an$ +ay #+e*ial attention to t&e num'er# in re$, A&ene-er you/re $ealing !it& #u'net#, it !ill *ome in &an$y to remem'er eig&t #+e*ial num'er# t&at reo**ur !&en $ealing !it& #u'net ma#"#, T&ey are 255, 254, 252, 248, 240, 224, 192, an$ 128, >ou/ll #ee t&e#e num'er# o-er an$ o-er again in P net!or"ing, an$ memori?ing t&em !ill ma"e your li%e mu*& ea#ier,

Figure C

/-e in*lu$e$ t&ree *la## #i?e#, >ou/ll #ee t&e %ir#t t!o *la##e#, !it& &o#t 'it lengt& %rom 0 to 16, mo#t o%ten, t/# *ommon %or =S7 an$ T1 P 'lo*"# to 'e in t&e 0( to 8('it range, Pri-ate net!or"# ty+i*ally !or" in t&e 8( to 22('it range, 8ote &o! t&e 'inary ma#" &a# all t&o#e ?ero# gro!ing %rom rig&t to le%t, T&e #u'net ma#" in 'inary %orm al!ay# &a# all one# to t&e le%t an$ all ?ero# to t&e rig&t, T&e num'er o% ?ero# i# i$enti*al to t&e subnet length, #&o!e$ only t&e +ortion o% t&e 'inary #u'net in t&e o*tet t&at/# intere#ting, #in*e all o*tet# to t&e rig&t *on#i#t o% ?ero# an$ all o*tet# to t&e le%t *on#i#t o% one#, So i% !e loo" at t&e #u'net ma#" !&ere t&e #u'net lengt& i# 11 'it# long, t&e %ull 'inary #u'net ma#" i# 11111111,11111111,11111000,00000000, A# you *an #ee un$er mask octet, t&e #u'net ma#" tran#ition# %rom 1 to 0 in t&e t&ir$ o*tet, T&e +arti*ular 'inary #u'net ma#" tran#late# $ire*tly to 'a#e(256 %orm a# 255,255,228,0,

The "mask" in subnet mask T&e #u'net ma#" not only $etermine# t&e #i?e o% a #u'net, 'ut it *an al#o &el+ you +in+oint !&ere t&e en$ +oint# on t&e #u'net are i% you/re gi-en any P a$$re## !it&in t&at #u'net, T&e rea#on it/# *alle$ a #u'net 6ma#"6 i# t&at it literally ma#"# out t&e &o#t 'it# an$ lea-e# only t&e 8et!or" = t&at 'egin# t&e #u'net, On*e you "no! t&e 'eginning o% t&e #u'net an$ &o! 'ig it i#, you *an $etermine t&e en$ o% t&e #u'net, !&i*& i# t&e Broa$*a#t =, To *al*ulate t&e 8et!or" =, you #im+ly ta"e any P a$$re## !it&in t&at #u'net an$ run t&e A8= o+erator on t&e #u'net ma#", 7et/# ta"e an P a$$re## o% 10,20,214,15 an$ a #u'net ma#" o% 255,255,228,0, 8ote t&at t&i# *an 'e an$ o%ten i# !ritten in #&ort&an$ a# 10.20.237.15/21'e*au#e t&e #u'net ma#" lengt& i# 21, Figure an$ Figure ! #&o! t&e =e*imal an$ Binary -er#ion# o% t&e A8= o+eration, Figure

=e*imal mat&

Figure !

Binary mat&

T&e 'inary -er#ion #&o!# &o! t&e 0# a*t a# a ma#" on t&e P a$$re## on to+, n#i$e t&e ma#"ing 'o., t&e 0# *on-ert all num'er# on to+ into ?ero#, no matter !&at t&e num'er i#, A&en you ta"e t&e re#ultant 'inary 8et!or" = an$ *on-ert it to $e*imal, you get 10,20,212,0 a# t&e 8et!or" =, One t&ing t&at/# al!ay# 'ot&ere$ me a'out t&e !ay #u'netting i# taug&t i# t&at #tu$ent# are not #&o!n a #im+le tri*" to 'y+a## t&e nee$ %or 'inary *on-er#ion# !&en $oing A8= o+eration#, e-en #ee T +eo+le in t&e %iel$ u#ing t&i# #lo! an$ *um'er#ome te*&ni0ue to *on-ert e-eryt&ing to 'inary, run t&e A8= o+eration, an$ t&en *on-ert 'a*" to $e*imal u#ing t&e Ain$o!# ;al*ulator, But t&ere/# a really #im+le #&ort*ut u#ing t&e Ain$o!# ;al*ulator, #in*e t&e A8= o+erator !or"# $ire*tly on $e*imal num'er#, Sim+ly +un*& in 214, &it t&e A8= o+erator, an$ t&en 228 an$ BEnterC to in#tantly get 212, a# #&o!n in Figure F, /ll ne-er un$er#tan$ !&y t&i# i#n/t e.+laine$ to #tu$ent#, 'e*au#e it ma"e# ma#" *al*ulation# a lot ea#ier,

Figure F

Sin*e t&ere are 11 ?ero# in t&e #u'net ma#", t&e #u'net i# 11 'it# long, T&i# mean# t&ere are 2D11, or 2,028, ma.imum &o#t# in t&e #u'net an$ t&e la#t P in t&i# #u'net i# 10,20,213,255, >ou *oul$ *om+ute t&i# 0ui*"ly 'y #eeing t&ere are t&ree ?ero# in t&e t&ir$ o*tet, !&i*& mean# t&e t&ir$ o*tet o% t&e P a$$re## *an &a-e a -arian*e o% 2D1, or 8, So t&e ne.t #u'net #tart# at 10,20,212E8,0, !&i*& i# 10,20,220,0, % !e $e*rea#e t&at 'y 1, !e &a-e 10,20,213,255, !&i*& i# !&ere t&i# #u'net en$#, To &el+ you -i#uali?e t&i#, Figure " #&o!# it on my #u'net ruler, Figure "

IP classes made simple <or an ar'itrary *la##i%i*ation o% P #u'net#, t&e *reator# o% t&e nternet *&o#e to 'rea" t&e nternet into multi+le *la##e#, 8ote t&at t&e#e aren/t im+ortant a# %ar a# your #u'net *al*ulation# are *on*erne$F t&i# i# )u#t &o! t&e nternet i# 6lai$ out,6 T&e nternet i# lai$ out a# ;la## A, B, ;, =, an$ E, ;la## A u#e# u+ t&e %ir#t &al% o% t&e entire nternet, ;la## B u#e# &al% o% t&e remaining &al%, ;la## ; u#e# t&e remaining &al% again, ;la## = 9Multi*a#ting: u#e# u+ t&e remaining &al% again, an$ !&ate-er i# le%t o-er i# re#er-e$ %or ;la## E, /-e &a$ #tu$ent# tell me t&at t&ey #truggle$ !it& t&e memori?ation o% P *la##e# %or !ee"# until t&ey #a! t&i# #im+le ta'le #&o!n in Figure #, T&i# i# 'e*au#e you $on/t a*tually nee$ to memori?e anyt&ing, you )u#t learn t&e te*&ni0ue %or *on#tru*ting t&e ruler u#ing &al% o% !&at/# a-aila'le,

Figure #

Remem'er t&at all #u'net# #tart !it& EGE8 num'er# an$ all #u'net en$ing# are O==, 8ote t&at 0,0,0,0H8 90,0,0,0 to 0,255,255,255: i#n/t u#e$ an$ 124,0,0,0H8 9124,0,0,0 to 124,255,255,255: i# re#er-e$ %or loo+'a*" a$$re##e#, All ;la## A a$$re##e# &a-e t&eir %ir#t o*tet 'et!een 1 to 126 'e*au#e 0 an$ 124 are re#er-e$, ;la## A #u'net# are all 22 'it# long, !&i*& mean# t&e #u'net ma#" i# only 8 'it# long, <or e.am+le, !e &a-e t&e entire 1,0,0,0H8 #u'net o!ne$ 'y GE, #in*e GE !a# lu*"y enoug& to get in early to 'e a##igne$ 16,8 million a$$re##e#, T&e I,S, Army o!n# 6,0,0,0H8, 7e-el 1 ;ommuni*ation# o!n# 8,0,0,0H8, BM o!n# 3,0,0,0H8, ATJT o!n# 12,0,0,0H8, Kero. o!n# 11,0,0,0H8, LP o!n# 15,0,0,0H8 an$ 16,0,0,0H8, A++le o!n# 14,0,0,0H8, All ;la## B a$$re##e# &a-e t&eir %ir#t o*tet 'et!een 128 an$ 131, ;la## B #u'net# are all 16 'it# long, !&i*& mean# t&e #u'net ma#"# are 16 'it# long, <or e.am+le, BB8 ;ommuni*ation# o!n# 128,1,0,0H16, !&i*& i# 128,1,0,0 to 128,1,255,255, ;arnegie Mellon Ini-er#ity o!n# 128,2,0,0H16, All ;la## ; a$$re##e# &a-e t&eir %ir#t o*tet 'et!een 132 an$ 221, ;la## ; #u'net# are all 8 'it# long, #o t&e #u'net ma#" i# only 22 'it# long, 8ote t&at AR 8 9t&e organi?ation t&at a##ign# nternet a$$re##e#: !ill #ell 'lo*"# o% %our ;la## ; a$$re##e# only to in$i-i$ual *om+anie# an$ you &a-e to really )u#ti%y !&y you nee$ 1,022 Pu'li* P a$$re##e#, % you nee$ to run BGP #o you *an u#e multi+le SP# %or re$un$an*y, you &a-e to &a-e your o!n 'lo*" o% P a$$re##e#, Al#o note t&at t&i# i#n/t t&e ol$ $ay#, !&ere 'lo*"# o% 16,8 million ;la## A a$$re##e# !ere &an$e$ out %or 'a#i*ally not&ing, >ou &a-e to +ay an annual %ee %or your 'lo*" o% 1,022 a$$re##e# !it& a #u'net ma#" o% H22, or 255,255,252,0, T&e *on*e+t o% #u'net *la##e# *an *au#e &arm in a*tual +ra*ti*e, /-e a*tually #een +eo+le %orget to turn *la##e# o%% in t&eir ol$ ;i#*o router an$ !at*& large #u'net route# get &i)a*"e$ on a large AA8 *on%igure$ %or $ynami* routing !&ene-er #ome route# !ere a$$e$, T&i# i# 'e*au#e a ;i#*o router !ill a##ume t&e #u'net ma#" i# t&e %ull H8 or H16 or H22 e-en i% you $e%ine #omet&ing in 'et!een, All ne!er ;i#*o OS #o%t!are -er#ion# turn o%% t&e *on*e+t o% #u'net *la##e# an$ u#e# *la##le## routing 'y $e%ault, T&i# i# $one !it& t&e $e%ault *omman$ 6 P ;la##le##,6 Public versus private IP addresses Be#i$e# t&e re#er-e$ P a$$re##e# 90,0,0,0H8 an$ 124,0,0,0H8: mentione$ a'o-e, t&ere are ot&er a$$re##e# not u#e$ on t&e +u'li* nternet, T&e#e private subnets *on#i#t o% +ri-ate P a$$re##e# an$ are u#ually 'e&in$ a %ire!all or router t&at +er%orm# 8AT 9net!or" a$$re## tran#lation:, 8AT i# nee$e$ 'e*au#e +ri-ate P a$$re##e# are nonrouta'le on t&e +u'li* nternet, #o t&ey mu#t 'e tran#late$ into +u'li* P a$$re##e# 'e%ore t&ey tou*& t&e nternet, Pri-ate P# are ne-er route$

'e*au#e no one really o!n# t&em, An$ #in*e anyone *an u#e t&em, t&ere/# no rig&t +la*e to +oint a +ri-ate P a$$re## to on t&e +u'li* nternet, Pri-ate P a$$re##e# are u#e$ in mo#t 7A8 an$ AA8 en-ironment#, unle## you/re lu*"y enoug& to o!n a ;la## A or at lea#t a ;la## B 'lo*" o% a$$re##e#, in !&i*& *a#e you mig&t &a-e enoug& P# to a##ign internal an$ e.ternal P a$$re##e#, T&e %ollo!ing 'lo*"# o% P a$$re##e# are allo*ate$ %or +ri-ate net!or"#: 10,0,0,0H8 910,0,0,0 to 10,255,255,255: 142,16,0,0H12 9142,16,0,0 to 142,11,255,255: 132,168,0,0H16 9132,168,0,0 to 132,168,255,255: 163,252,0,0H16 9163,252,0,0 to 163,252,255,255:M M8ote t&at 163,252,0,0H16 i# a 'lo*" o% +ri-ate P a$$re##e# u#e$ %or ran$om #el% P a##ignment !&ere =L;P #er-er# are not a-aila'le,

10,0,0,0H8 i# normally u#e$ %or larger net!or"#, #in*e t&ere are a++ro.imately 16,8 million P a$$re##e# a-aila'le !it&in t&at 'lo*", T&ey *&o+ it u+ into lot# o% #maller grou+# o% #u'net# %or ea*& geogra+&i* lo*ation, !&i*& are t&en #u'$i-i$e$ into e-en #maller #u'net#, Smaller *om+anie# ty+i*ally u#e t&e 142,16,0,0H12 range, *&o++e$ u+ into #maller #u'net#, alt&oug& t&ere/# no rea#on t&ey *an/t u#e 10,0,0,0H8 i% t&ey !ant to, Lome net!or"# ty+i*ally u#e a H22 #u'net !it&in t&e 132,168,0,0H16 #u'net, T&e u#e o% +ri-ate P a$$re##e# an$ 8AT &a# +rolonge$ t&e li%e o% P-2 %or t&e %ore#eea'le %uture 'e*au#e it e%%e*ti-ely allo!# a #ingle +u'li* P a$$re## to re+re#ent t&ou#an$# o% +ri-ate P a$$re##e#, At t&e *urrent rate t&at P-2 a$$re##e# are &an$e$ out, !e &a-e enoug& P-2 a$$re##e# %or a++ro.imately 14 year#, AR 8 i# mu*& more #tingy no! a'out &an$ing t&em out, an$ #mall 'lo*"# o% P a$$re##e# are relati-ely e.+en#i-e *om+are$ to t&e ol$ $ay#, !&en *om+anie# li"e A++le !ere #im+ly &an$e$ a 'lo*" o% 16,8 million a$$re##e#, T&e ne.t -er#ion o% P a$$re##e#, *alle$ P-6, i# 128 'it# long((an$ t&ere are more t&an 43 t&ou#an$ trillion trillion time# more P a$$re##e# t&an P-2, E-en i% you a##igne$ 2,1 'illion +eo+le on t&e +lanet !it& 2,1 'illion P a$$re##e# ea*&, you !oul$ #till &a-e more t&an 18 million trillion P-6 a$$re##e# le%tN