Back to article
Networking 101: Understanding Subnets and CIDR
Welcome to the second installment of Networking 101
July 30, 2008
This time around we'll learn about subnets and CIDR, hopefully in a more manageable manner than some books present it.
Let's get one thing straight: there is no "Class" in subnetting. In the olden days, there were Class A, B and C networks. These could only be divided up into equal parts, so VLSM, or Variable Length Subnet Masks , were introduced. The old Class C was a /24, B was a /16, and A was a /8. (Check out Understanding IP Addresses if you're not clear on what that means.) That's all you need to know about Classes. They don't exist anymore.
An IP address consists of a host and a network portion. Coupled with a subnet mask, you can determine which part is the subnet, how large the network is, and where the network begins. Operating systems need to know this information in order to determine what IP addresses are on the local subnet and which addresses belong to the outside world and require a router to reach. Neighboring routers also need to know how large the subnet is, so they can send only applicable traffic that direction. Divisions between host and network portions of an address are completely determined by the subnet mask.
Classless Internet Domain Routing (CIDR), pronounced "cider," represents addresses using the network/mask style. What this really means is that an IP address/mask combo tells you a lot of information:
network part / host part
The above string of 32 bits represents a /16 network, since 16 bits are masked.
Throughout these examples (and in the real world), certain subnet masks are referred to repeatedly. They are not special in any way; subnetting is a simple string of 32 bits, masked by any number of bits. It is, however, helpful for memorizing and visualizing things to start with a commonly used netmask, like the /24, and work from there.
Let's take a look at a standard subnetting table, with a little bit different information:
Because of the wonders of binary, it works out that a /31 has two IP addresses available. Imagine the subnet: 188.8.131.52/31. If we picture that in binary, it looks like:
The mask is "masking" the used bits, meaning that the bits are used up for network identification. The number of host bits available for tweaking is equal to one. It can be a 0 or a 1. This results in two available IP addresses, just like the table shows. Also, for each additional bit used in the netmask (stolen from the network portion), you can see that the number of available addresses gets cut in half.
Let's figure out the broadcast address, network address, and netmask for 192.168.0.200/26. The netmask is simple: that's 255.255.255.192 (26 bits of mask means 6 bits for hosts, 2^6 is 64, and 255-64 is 191). You can find subnetting tables online that will list all of this information for you, but we're more interested in teaching people how to understand what's happening. The netmask tells you immediately that the only part of the address we need to worry about is the last byte: the broadcast address and network address will both start with 192.168.0.
Figuring out the last byte is a lot like subnetting a /24 network, but you don't even need to think about that, if it doesn't help you. Each /26 network has 64 hosts. The networks run from .0 to .64, .65 to .128, .129 to .192, and from .193 to .256. Our address, 192.168.0.200/26, falls into the .192 to .256 netblock. So the network address is 192.168.0.192/26. And the broadcast address is even simpler: 192 is 11000000 in binary. Take the last six bits (the bits turned "off" by the netmask), turn them "on", and what do you get? 192.168.0.255. To see if you got this right, now compute the network address and broadcast address for 192.168.0.44/26. (Network address: 192.168.0.0/26; broadcast 192.168.0.63).
It can be hard to visualize these things at first, and it helps to start with making a table. If you calculated that you wanted subnets with six hosts in each of them, (eight, including the network and broadcast address that can't be used) then you can start making the table. The following is 184.108.40.206/29, 220.127.116.11/29, 18.104.22.168/29 and the final subnet of 22.214.171.124/29.
In reality, you're much more likely to stumble upon a network where there's three /26's and the final /26 is divided up into two /27's. Being able to create the above table mentally will make things much easier.
That's really all you need to know. It gets a little trickier with larger subnets in the /16 to /24 range, but the principal is the same. It's 32 bits and a mask. Do, however, realize that there are certain restrictions governing the use of subnets. We cannot allocate a /26 starting with 10.1.0.32. If we utter the IP/mask of 10.1.0.32/26 to most operating systems, they will just assume we meant 10.1.0.0/26. This is because the /26 space requires 64 addresses, and they must start at a natural bit boundary for the given mask. In the above table, what would 126.96.36.199/29 mean? It means you meant to say 188.8.131.52/29.
Those tricky ones do demand a quick example. Remember how the number of IP addresses in a subnet gets halved when you take another bit from the network side to create a larger mask? The same concept works in reverse. If we have a /25 that holds 128 hosts, and steal a bit from the host (netmask) portion, we now have a /24 that holds 256. Google for a "subnet table" to see the relationship between netmasks and network sizes all at once. If a /16 holds 65536 addresses, a /17 holds half as many, and a /15 holds twice as many. It's tremendously exciting! Practice, practice, practice. That's what it takes to understand how this works. Don't forget, you can always fall back to counting bits.
The next step, should you want to understand more about subnets, is to read up on some routing protocols. We'll cover some of them soon, but in the next installment of Networking 101, we're starting our trip up the OSI model.
When he's not writing for Enterprise Networking Planet or riding his motorcycle, Charlie Schluting is the Associate Director of Computing Infrastructure at Portland State University. Charlie also operates OmniTraining.net, and recently finished Network Ninja, a must-read for every network engineer.
Article courtesy of Enterprise Networking Planet