The Subnetting Handout

needleorderΔίκτυα και Επικοινωνίες

24 Οκτ 2013 (πριν από 3 χρόνια και 10 μήνες)

68 εμφανίσεις

The Subnetting Handout

The N+ exam does not require candidates to have an in
-
depth knowledge of subnetting, but for
informational purposes, here is a better explanation of the process.

An IP Address is 32 bits (some combination of ones and zeros) long

00000000 00000000 00000000 00000000

Typically, we divide these 32 bits up into four groups of eight bits that we call
Octets
.

An Octet is a binary (base 2) number. In the Base 10 system we’re more used to seeing, we count by
powers of 10, and we represen
t
numbers like this:

Remember learning to add and
subtract in grade school? You
learned about the ones place and
the 10s place and the 100s place
and the
1000s
place?

That’s what we’re talking about.





In binary numbering, we use base
2, so our numbers
are powers of 2.
2
0

is still 1, so there’s still a 1s
place, but then we have a 2s place,
a 4s place, an 8s place, a 16s place
and so on.

To read the value of a binary
number, just add up the values in
each of the positions.


For example:


Normally, we g
o ahead and convert an Octet to Base 10 because it’s relatively difficult for human beings
to distinguish one eight
-
digit binary number
from another. An Octet, made up of eight bits, can have any
value from 0 to 255. Four Octets put together makes up one 3
2
-
bit IP address

in what we call
Dotted
Decimal notation
.

An IP address is divided into two parts. One part, the
Network Portion

describes the destination
network for routing purposes. The other part is called the
Host Portion

and uniquely identifies a hos
t on
a particular network.

For example, if 16 bits describe the network portion of an address and 16 bits describe the host portion:

00000000 00000000

00000000 00000000

Here the network portion is in blue and the host portion is in red.

IP networking uses
the
Subnet Mask

to determine how much of any particular IP address describes its
network portion.

T
he subnet mask is a second 32
-
bit number that uses binary 1s to represent the amount of a given IP
address that describes the network portion of its address.

IP Address:


00000000 00000000

00000000 00000000

Subnet Mask:

11111111 11111111 00000000 000000000

Subnet mask in octets: 255.255.0.0

A very simple scheme for determining subnet mask values uses
Address Classification

(though we don’t
actually do this any more).


As the graphic shows, we use the value of the first few bits of the first octet to determine how much of
the IP address to treat as the network portion and how much to treat as the host portion.

This process
implies the subnet mask value for each address class:

Class A:


11111111

00000000

00000000

00000000

255

0

0

0



There are 2
8

networks that can each support 2
24

hosts in the class A range.

Class B:

11111111

11111111

00000000

00000000

255

255

0

0



There are 2
16

networks that can each support 2
16
hosts in the class B range.

Class C:

11111111

11111111

11111111

00000000

255

255

255

0



There are 2
24

networks that can each support 2
8

hosts in the class C range.

There are two important issues here. The

first is that some of these classes of addresses are
impractically large. 2
24

= 16.7 Million hosts on
a single LAN!

The second is that the smallest class of addresses is really, really small. 255 hosts might not be enough
to support one floor in a large o
ffice building.

So we need ways to divide up large blocks of addresses and combine smaller ones.

Subnetting


The process of dividing up address

ranges

is called
subnetting
. In a scenario where subnetting is
necessary, what we do is “borrow” some extra bits

from the host portion of an IP address and apply
them to the network portion.

The “borrowed” bits come from the most significant portion of the host portion of the address.

For example, if
someone with a class B address needs to make two networks:

0000000
0 00000000

0
0000000 00000000

The borrowed bit is shown in green.

In this case, we now have a network address that can be addressed by the rest of the internet as normal,
a host address range that is
15

bits long (2
15

= 32,768) an
d a spare bit that
describes the two sub
-
divided
network.

In dotted decimal notation, the subnet mask would look like this: 255.255.128.0

Why 128? Because we borrowed the “128s place” bit from the host portion of the address.

The math in this case is pretty simple
. Since we’
re just dividing 256 by two, our interval will be 128
. Host
addresses starting with 0


127 would be on the first subnet and addresses 128


255 go on the second.

How about a more complicated case?

Same class B range, but now we need to sub
-
divide
six

ways
.

The first problem is that six is not a power of two. Six is more than 2
2

(2 bits, or four)
but less than 2
3

(three bits, or eight)
, so what we’ll actually wind up doing is
dividing eight ways.

00000000 00000000

000
00000 00000000

Now we have eight sub
-
n
etworks that each contain 2
13

hosts (8192).

The subnet mask in this case will be 255.255.
2
2
4
.0

Why 192? Because we borrowed the 128s, 64s, and 32s place from the host portion of the address.

Since we are dividing our octet (256 values) eight ways, the inte
rval between values will be 32 units,
giving us a table like the following.

Subnet
#

Binary
Value of
borrowed
bits

Start of Range
of 1
st

host

Octet

End of Range
of 1st
host
Octet

1

000

0

31

2

001

32

63

3

010

64

95

4

011

96

127

5

100

128

159

6

101

160

191

7

110

192

223

8

111

224

255


Regardless of what address range we’re dividing, there is a relationship between the number of
borrowed bits and the interval of values in the first host octet. It looks like this:

Number of
Borrowed
Bits

Number of
Possible
Networks

Subnetted
value

Interval in
1st Host
octet

0

1

0

256

1

2

128

128

2

4

192

64

3

8

224

32

4

16

240

16

5

32

248

8

6

64

252

4

7

128

254

2


If someone needed to subdivide a class A range 40 ways, they would need to borrow 6 bits
(because
2
5

is
32 and can’t represent enough divisions)
from

the host portion of the address, the 128s, 64s, 32s, 16s,
8s and 4s place bits. 128 + 64 + 32 + 16 + 8 + 4 = 252, so the subnet mask would be 255.252.0.0. The
interval between each network would
be 4 digits in the first host octet, which for a class A network is
the second octet.

The list of valid IPs per subnet would look something like this. The interval is four digits in the second
octet, and we’re also omitting the
“all 0s” and “all 1s” addres
ses in each range.

10.0.0.1


10.3.255.254

10.4.0.1


10.7.255.254

10.8.0.1


10.11.255.254



10.247.0.1


10.251.255.254

10.252.0.1


10.255.255.254

Supernetting


In some cases, it’s also possible to take blocks of contiguous addresses and combine them to make one
larger range. This process is called
Supernetting
. In supernetting, if a someone owns adjacent blocks of
addresses, they can choose to treat them as one l
arger grouping.

For example, if someone owns
192.168.0.0,
192.168.1.0
,

192.168.2.0,
192.168.3.0, all

normally class C
blocks with subnet masks of 255.255.255.0, they can combine them
by returning one of the bits in the
network portion of the address to the

host portion.

In this case, since we need to return four (2
2
) bits,
we need to use
two bits in total from the network portion of the address.

11
00000
1
0
1
0
100 000000

0
0


00000000

The last octet has its
full eight bits, and the “borrowed” bit
s

ha
ve

been taken from the
least significant

bit in the network portion of the address, making the subnet mask for this combined network
255.255.
25
2
.0

The scheme works very similarly to subnetting, but in reverse. Since we’re returning bits to the least
signific
ant part of the network

portion of the address, we wind up inverting the table.

Number
of
Returned
Bits

Number
of
Combined
Networks

Last octet in
supernetted
subnet
mask

0

1

0

1

2

254

2

4

252

3

8

248

4

16

240

5

32

224

6

64

192

7

128

128


CIDR

As
previously mentioned, addresses are almost never assigned by classes any more. Instead, blocks are
given in groups of a few thousand at a time. Those few thousand addresses might be from what was at
one time the class A, B or C ranges, but now rather than

describing them that way, we simply indicate
the number of bits used in the subnet mask in a scheme that is called
Classless Internet Domain Routing

or
CIDR
.

In this scheme, we write out the network portion of the address as normal, followed by a slash (
/ ) then
the number of bits that are used in the subnet mask.

The traditional class A, B and C ranges are written as /8, /16 and /24, respectively, making their subnet
masks 255.0.0.0, 255.255.0.0 and 255.255.255.0 as normal, while a /20 would indicate a b
lock of
addresses with a subnet mask of 255.255.
240.0.

How did we obtain that value?

Start by subtracting as many eights as possible from the CIDR number

20


8 = 12 (that’s one full octet worth of 1s so the first octet will be 255)

12


8 = 4 (that’s a

second full octet of 1s, so the second octet will also be 255)

We’re borrowing 4 digits in the 3
rd

octet, so we need the 128s, 64s, 32s and 16s place.

128 + 64 + 32 + 16 = 240


CIDR notation can yield some unusual network ranges.
128.210.10.0/2
5

would be

a network of 126
computers smack dab in the middle of the traditional class B range, while
208.16.120.0/20 indicates a
network of 4,190 computers in the traditional class C.

Number of hosts per network = 2
(32


CIDR value)

The lesson to take from all of
this is that it is very useful to know the values for powers of 2 and
how to add those values together.