Questions about this topic? Sign up to ask in the talk tab.


From NetSec
Jump to: navigation, search

General Subnetting

Bits are binary numbers, which can be 0 or 1. An IP address is 32 bits, but can also be split into 4 octets, with an octet being 8 bits (or 1 byte).

The easiest way to use a table is to simply start from right to left, 1 and then doubling up continuously, so an 8 bit binary table is like so:

       128 64 32 16 8 4 2 1

You then place your bits under that, one bit under each number.

For example:


Is the same as:

Each set is 8 bits, therefore, when you apply the table to them and add the numbers above each bit, you find that a series of 1's mean 255 and a series of 0's mean 0. Now in this case, it's a class C subnet mask using the old system, this means you can have 254 hosts.

Now a class C is a /24 in CIDR notation because CIDR simply states the amount of bits allocated to the network. Let's say the IP Address we had was, which leaves 8 bits for the hosts. We know that with a CIDR mask of /24, we can count 24 bits to the right and that will be the network.

This lets us know the size of that network, or the expected growth size depending on how it's been designed. 121 is the host, all the rest is the network. Networks are an important concept in routing, as you need routers to transfer packets between networks, generally speaking and addresses obviously signify networks and hosts, like streets and houses.

So let's get on to the other two most common subnet classes, A and B. These classes are partly antiquated, created when the internet was still young. This is one of the main reasons why we are out of ipv4 addresses now because so many companies have been sold massive blocks of class A's. Class A's are or /8, with over 16 million hosts. Class B's are or /16. Now we've invented technologies like NAT to get around this problem, but the original concept was allocate every machine a public IP.

An example of a modern CIDR mask is /30. This will give you 4 hosts, and it's subnet mask is Ignoring the 255's as we know they're all 1's, 262 is 1111100, 128+64+32+16+8+4 = 252. The two 0's, can be flipped around in different ways, "10,01,00,11". This gives us 4 different hosts but we can't use all 4. This is due to the broadcast address always being the top address and the network address always being the bottom address in the subnet. Now, 11111100 is the network address and by ANDing with the address, you will get the network addresses. Anything addressed to the broadcast address is sent to the broadcast domain, ie subnet, however, broadcasts do not travel over switches and routers without special configuration.

Real Life Example of Subnetting

This isn't the most realistic scenario but the tools we use and techniques are very realistic and will help you understand ip addresses in-depth. We shall use the ip range, and we have a class C subnet or /24, that means we have a single pool of 255 addresses to split between all our subnets/networks. So we know our subnet mask is Let's say we have 3 routers with point to point connection, router a -> router b -> router c. So there are also two connections there, for which we need two groups of 2 ips. We also have a large group of hosts, about 50 computers, and we have 2 groups of ~20 computers and each of these networks is connected to one of the routers, Router a = 50 computers which is attached to router b = 20 computers which is attached to router c = 20 computers.

There are switches inbetween, but we don't need to worry about them when considering this address scheme, as they don't need addresses in our configuration as they use a different protocol. In total, we have 5 point to point connections, 90 hosts split 50-20-20, and now we need to give them all addresses. We don't want to shove all these machiens on the same network, splitting them up will separate them, which is what we want, because they all hate each other and there was much drama between them.

So let's start with that box, it represents all 255 addresses we have, the best way to start to segment them is to split the number in half, so now it's 126 hosts for each of those networks. We need to split that again as it is still far too much and we are not planning for expansion. So split one of the boxes and now there should be 64(0-64), 64(65-128) and 128(129-256). We then reserve one of these blocks for our 50 host block as it wouldn't fit in a 32 host subnet, making 0-64 the 50 host block.


Basically, we have 0-64 for the 50 computer network, and we now need to worry about our two 20 host networks. To make host networks for that, we split the next 64 host block into 2x32 block networks, 64-96 and 96-128. Notice how the addresses we are writing overlap, that will be explained later and the ranges for now are rough. So that is half our space left, which is fine, as all that is left to address is the 5 point to point connections.


To make addresses for these, we are going to split the first section of the second half until we get our 5 sets of 2 addresses. Now this is where it's important to note that you will be wanting 252's or /30's because you always need to remember that you'll need to accomodate for 2 extra addresses, the network and broadcast.


We should now have 5 sets of .252 or /30 address ranges with 4 hosts each, shown as:

IP Address Subnet Mask
Subnetting is part of a series on administration.