Docstoc

Subnetting and CIDR blocks

Document Sample
Subnetting and CIDR blocks Powered By Docstoc
					                                                         IS 435 handout 2: IP Subnetting Primer


               IP Subnet Primer (PP. 1-6 required, 7-8 optional)
  From Internet sources; revised and edited by Dr. Yüe Zhang (4th revision Sept 2005)

Outline
I. IP address space - Class A/B/C
II. What is a subnet and why subnetting?
III. How does a host know who is local and who is remote?
IV. Subnet masking in action
V. More examples
VI. Reserved addresses
VII. An incorrect subnet mask


I. IP address space - Class A/B/C

Every machine on the Internet has an address. Addresses are 32 bits (IPv4). These 32 bits
are split into two parts - a network number followed by a host address.
    - The host address part is for a number of machines on one physical network - say a
        bunch of machines connected with a hub/switch (and this collection of devices is
        the “subnet” we are talking about).
    - The network number represents this group of hosts as a single unit, and routers
        need to know these network numbers to send data from one net to another.

Before you start designing your subnets, you should know what it is that you've been
given. Here are three ways of finding out what class your allocation is in. Use whichever
you find easiest.

     Class A addresses begin with 0xxx, or 1 to 126 decimal. (127 is loopback)
     Class B addresses begin with 10xx, or 128 to 191 decimal.
     Class C addresses begin with 110x, or 192 to 223 decimal.
     Class D addresses begin with 1110, or 224 to 239 decimal. (multicast)
     Class E addresses begin with 1111, or 240 to 254 decimal. (future use)


  First     Class    Network Mask              Network part (N) and node part (n)
  Byte              (explained later)

1-126      A        255.0.0.0           NNNNNNNN.nnnnnnnn.nnnnnnnn.nnnnnnnn
128-191    B        255.255.0.0         NNNNNNNN.NNNNNNNN.nnnnnnnn.nnnnnnnn
192-223    C        255.255.255.0       NNNNNNNN.NNNNNNNN.NNNNNNNN.nnnnnnnn

Class     Number of networks Num of host in each network                    Remarks
A                         126 16,387,064 (roughly 256^3)          Many wasted #s
B           64 X 254 = 16,256     64516 (roughly 256^2)           Many wasted #s
C               32 X 254^2 =              254 (= 256 - 2)         More “reasonable size”;
                    2,064,512                                     still can be divided


                                                                                             1
                                                            IS 435 handout 2: IP Subnetting Primer


Note: In Subnetting as discussed below, we often do not use the 8-bit “natural boundary”,
and often borrow bits from the last 8 bits (last “octet”) for subnets, which means, further
dividing the last 8 bits into subnets.

II. What is a subnet and why subnetting?

1. More efficient use of IP address spaces.
2. Simplification of routing.
3. Isolating local activities (such as broadcasting).

1. More efficient use of IP address spaces. We need subnetting because there are not
enough IP addresses free for you to give a whole Class C network to every site you
manage. So a Class C network will be divided to smaller portions to give to networks that
do not have as many hosts as a Class C network can provide. Think about this: assuming
your environment being a small college with several schools within it. You don’t have a
whole Class C IP range to give to each of the schools, but on the other hand they do need
to have a network of their own. The solution is: subnetting – dividing the IP addresses the
College has into smaller subnets, and give each school a subnet. Subnetting borrows bits
from the usually host part (the last octet or the last eight bits) to expand the network part
– allows us to have more “manageable” sub-networks.

2. Simplification of routing. If the entire network were very small, it would be reasonable
for it to simply pass all traffic everywhere. As the size of the network grows, the amount
of traffic on it also grows. It becomes necessary to draw a distinction between a group of
machines (hosts) that are "local" and those that are "remote." When the traffic is heading
for a remote network, the router on the network of the sender doesn’t need to know the
details of the destination network – it doesn’t need to deliver the message to the
individual receiver, but rather to the network where the receiver is located.

To make an analogy: the post office of Los Angeles doesn’t need to know how to deliver
mails to individuals in Atlanta; all it needs to know is to forward the mails for addresses
in Atlanta to the post office of Atlanta. Everything after that is for the post office in
Atlanta to worry about.

3. Isolating local activities (such as broadcasting). Networks often have broadcasting
messages to send among its member devices. Broadcasting means that “everybody on
this network will receive the message.” So if we do not appropriately isolate a portion of
a larger network (said a school within the college in the above example), many
people/devices would have to face countless of irrelevant traffic/messages.

After subnets are put to work,
- if a host is trying to communicate with another "local" host, then it can simply start
sending data and assume the receiver will get it;
- if the intended recipient is not local, then the sending host must instead send the traffic
to a router and assume that the router knows how to get it where it's supposed to go.




                                                                                                2
                                                          IS 435 handout 2: IP Subnetting Primer


Please note: this structure alleviates the burden of routers to have to know each and every
one device on the network: all they need to know are several subnets, and the traffic
heading for an IP in those subnets only need to be forwarded to the SUBNET rather than
the individual (hundreds or thousands) devices.

A subnet is simply a set of hosts which are all local to one another.

III. How does a host know who is local and who is remote?

Each host knows who is local to it (i.e., on the same subnet) and who is not based on the
combination of (1) its IP address, (2) its subnet mask, and (3) the other host's IP address.

You usually see IP address written as 4 sets of numbers separated by dots ("dotted quad"
notation), such as 130.166.126.131, but this is merely for readability by humans. The
dotted-quad notation is just the decimal value of the 32-bit address taken 8 bits at a time
rather than all together. The address 130.166.126.131 is actually the binary representation
10000010 10100110 01111110 10000011, or rather:
10000010101001100111111010000011.

The IP address is interpreted as divided into two parts, the network portion and the host
portion, as we will see below. Another IP address is local to you (in the same subnet) if
its IP address and yours have the same value in the network portion.

How much of your address is "network" and how much of it is "host" is defined by the
subnet mask.

The subnet mask is also a 32-bit number assigned to a host and is also usually written in
dotted-quad notation, but again we will see that the binary representation is the most
useful for understanding how it works. A commonly seen subnet mask at CSUN is
255.255.255.0, which in binary is 11111111 11111111 11111111 00000000. Note that all
the 1s are to the left and all the 0s are to the right; this is the format of subnet masks.

When examine an IP address,
  - the portion (of that IP) corresponding to the “1”s in the subnet mask is the
      network portion,
  - and the portion (of that IP) corresponding to the “0”s in the subnet mask is the
      host portion.

So, let's look at the example we used before: 130.166.126.131 with a subnet mask of
255.255.255.0. Looking at the binary versions of these numbers, we have:

10000010 10100110 01111110        10000011            (Host IP)
11111111 11111111 11111111        00000000            (Subnet mask)

       Subnet portion             Host portion




                                                                                              3
                                                           IS 435 handout 2: IP Subnetting Primer


The subnet mask has 24 bits of 1 followed by 8 bits of 0, so the first 24 bits of
10000010 10100110 01111110 10000011 (130.166.126.131)
comprise the network portion, while the remaining 8 bits are the host portion. So, in this
example, any other machine whose IP address also begins with
10000010 10100110 01111110 (= 130.166.126)
is on the same subnet and considered "local;" everyone else is “remote”.

IV. Subnet Masking in Action

Applying a subnet mask to an address allows you to identify the network and node
sections of an IP address. Doing a bitwise AND (can be understood as “bit-by-bit
multiplication”) on the IP address and the subnet mask results in the network address.

IP address
Subnet mask
--------------------
Network address (or subnet)

For example:

10000010 10100110 01111110 10000011 130.166.126.131  IP
11111111 11111111 11111111 00000000 255.255.255.000  Mask
----------------------------------------------------
10000010 10100110 00000001 00000000 130.166.126.000  Subnet

This is CSUN network, and the “.126 network” (or “.126 subnet”) within CSUN.

V. More examples

Let's look at some examples that do not fit so nicely on 8-bit boundaries, i.e., several bits
in the last 8 bits are used for the subnet portion.

1. Example 1

Starting with the same IP address (130.166.126.131), let's use a subnet mask of
255.255.255.192, another commonly seen one on campus.

255.255.255.192 in binary is 11111111 11111111 11111111 11000000 - 26 bits of 1
followed by 6 bits of zero. So now, the first 26 bits of my IP address is the network
portion, and the last 6 is the host portion:

10000010 10100110 01111110 10000011 (host)
11111111 11111111 11111111 11000000 (mask)

Any other host whose IP address has the same first 26 bits as here is on the same subnet.




                                                                                               4
                                                         IS 435 handout 2: IP Subnetting Primer


Let's look at exactly what addresses share the network portion here. That would be any
address that is
10000010 10100110 01111110 10xxxxxx, where "xxxxxx" can be 000000, 111111, or
anything in between.

If "xxxxxx" is 000000, the full address is
10000010 10100110 01111110 10000000, or 130.166.126.128.
If "xxxxxx" is 111111, the full address is
10000010 10100110 01111110 10111111, or 130.166.126.191.

So in this example, my subnet begins at 130.166.126.128 and ends at 130.166.126.191.
The boundaries between subnets do not correspond to the dot-separated fields, which are
only there for readability. 130.166.126.5, for example, is not on my subnet. [If you can’t
see it, please note that the range of my subnet is .128~.191, and .5 is NOT in this
range]

2. Example 2

Let's use the same IP address, but this time with the subnet mask 255.255.255.248. [Note:
in Example 1 the subnet mask was .192]

As before, the address is 130.166.126.131, or 10000010 10100110 01111110 10000011,
and the subnet mask is now
11111111 11111111 11111111 11111000.

10000010 10100110 01111110 10000011 (host)
11111111 11111111 11111111 11111000 (mask)

So, my subnet is 10000010 10100110 01111110 10000xxx, and again "xxx" can be 000,
111, or anywhere in between. This makes full addresses in the range between

10000010 10100110 01111110 10000000 and 10000010 10100110 01111110 10000111

Written in dotted-quad notation, these are 130.166.126.128 through 130.166.126.135.
There are only 8 addresses including my own that are local to me!

The next subnet begins at 130.166.126.136. This is because 130.166.126.136 written in
binary is
10000010 10100110 01111110 10001000 - note that one of the bits which is represented
by a 1 in the subnet mask has changed; the subnet is now.136 (10001000, compared to
.128, or 10000000; compare the two digits connected by the dotted-line arrow), so
therefore it is now a different subnet.




                                                                                             5
                                                            IS 435 handout 2: IP Subnetting Primer


VI. Reserved addresses

There are some IP addresses which are reserved and which may not be assigned to a host.
For example, 127.0.0.0 is a reserved network.

Each subnet also has certain addresses that are reserved. You may not assign a host
address such that the host portion of that address is all zeros or all ones. Using the first
example with 130.166.126.* and a mask of 255.255.255.0, this means you may not assign
130.166.126.0 (“0” here is in fact 00000000) or 130.166.126.255 (“255” here is in fact
11111111) to any host. The all zeros address is reserved for designating the network
block (usually called “network/subnet ID”), and the all ones address is reserved for
broadcast traffic within that subnet.

In addition, one address on each subnet must be reserved for a routing device of some
sort - this is your "default gateway." It is the path that traffic destined for any non-local
address will take. By convention, the lowest numbered non-zero address in each range is
reserved for this purpose.

Keep this in mind when allocating address space. In the example above with a mask of
255.255.255.248, it is true that there are 8 addresses on that subnet, but you may only
assign 5 of them to hosts. [But we will consider the default gateway as a host. So defined,
this subnet would have a maximum of 6 hosts]

In all, if the number of subnet bits in the last octet is n, and the number of host bits is m (n
+ m = 8), then
                        Number of subnets = 2n - 2, Number of hosts = 2m – 2.

[Reserved: subnet ID and broadcasting]

VII. An incorrect subnet mask

If your subnet mask is set incorrectly, some parts of the network will be unreachable to
you. Let's assume that your IP address is 130.166.126.131, and your correct subnet mask
should be 255.255.255.128. This means effectively that the top half (“higher numbers” –
128-255) of 130.166.126.* is local to you.

If you mistakenly set your subnet mask to 255.255.255.0, your host will believe that all
of 130.166.126.* is local. This will make the bottom half of it unreachable. If you try to
send a packet to 130.166.126.4, your host will mistakenly send the packet out on the local
network (since it thinks the destination is local) rather then sending the packet to the
router, and 130.166.126.4 will never hear it.

If you set the subnet mask too small, say 255.255.255.192, then part of your local
network (in this case, the top half) will be unreachable. Your host will think these packets
are not local and will send them to the router rather then directly to the receiving host.
(The router will ignore them.)


                                                                                                6
                                                           IS 435 handout 2: IP Subnetting Primer


===============================================================
Extra info for those who are interested (not required, but helps your team network
design project):

Subnetting Class C - most typical example: /28 "all zeroes, all ones" excluded. Mask is
11110000

This table may be all you ever need to know, for many installations. This is a typical
example and possibly the most common one.
Because it is such a useful table, this is the only large one we will list in full.

Network part     Subnet.host    Host addresses                    Broadcast Address
130.166.1.0      0000xxxx       130.166.1.1 to 130.166.1.14       130.166.1.15 -
                                                                  UNUSABLE -
                                                                  NETMASK ALL 0000's
130.166.1.16     0001xxxx       130.166.1.17 to                   130.166.1.31
                                130.166.1.30
130.166.1.32     0010xxxx       130.166.1.33 to                   130.166.1.47
                                130.166.1.46
130.166.1.48     0011xxxx       130.166.1.49 to                   130.166.1.63
                                130.166.1.62
130.166.1.64     0100xxxx       130.166.1.65 to                   130.166.1.79
                                130.166.1.78
…             …                 …                                 …
130.166.1.208 1101xxxx          130.166.1.209 to                  130.166.1.223
                                130.166.1.222
130.166.1.224 1110xxxx          130.166.1.225 to                  130.166.1.239
                                130.166.1.238
130.166.1.240 1111xxxx          130.166.1.241 to                  130.166.1.255 -
                                130.166.1.254                     UNUSABLE -
                                                                  NETMASK ALL 1111's

A /30 is particularly wasteful - 50% of the hosts are unusable. Similarly, a /26 is pretty
bad, because 50% of the nets are unusable. a /28 is best because it lets you have
(16 - 2) * (16 - 2) = 192 hosts.

Variable subnetting example 2 (insert /28 from above into /26)

Here we have a different and possibly more useful example of variable subnetting. Let's
say we have a central office with 50 workstations, one remote office with 10, and another
remote office with 9 workstations.




                                                                                               7
                                                        IS 435 handout 2: IP Subnetting Primer


The following table tells you how many workstations and how many offices you can have
for each size of subnet mask:

Bit       Subnet       Block      Max Useable Subnets       # C IPs/Subnet
Split     Mask         Size       (number of offices)       (number of workstations)
2/6       192 (/26)    64         2                         62
3/5       224 (/27)    32         6                         30
4/4       240 (/28)    16         14                        14
5/3       248 (/29)    8          30                        6
6/2       252 (/30)    4          62                        2

Practice question (for those who like challenges)

You are a sys admin at a small ISP. You asked your upstream vendor for a /19 allocation
(equivalent to 32 Class C networks). You were given the following: 167.114.209.0
through 167.114.240.0. Will these do what you want?




References

    IP Address Subnetting Tutorial
     http://www.ralphb.net/IPSubnet/

    Daryl's TCP/IP Primer
    http://ipprimer.windsorcs.com/addressing.cfm
    http://ipprimer.windsorcs.com/bitbybit.cfm

    IP Subnet Calculations (Check here for a quick refresher in binary arithmetic)
     http://www.swcp.com/~jgentry/topo/unit3.htm

    Subnet masking, definition and summary
    http://www.exabyte.net/lambert/subnet/subnet_masking_definition.htm
    http://www.exabyte.net/lambert/subnet/subnet_masking_summary.htm

A reasonable subnet calculator that makes some attempt to warn about unusable subnets
     http://www.agt.net/public/sparkman/netcalc.htm




                                                                                            8

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:8
posted:9/26/2011
language:English
pages:8