Networking Subnet Masks
Subnet Masks
A subnet (short for "subnetwork") is an identifiably separate part of an organization's network. Typically, a subnet may represent all the machines at one geographic location, in one building, or on the same local area network. Having an organization's network divided into subnets allows it to be connected to the Internet with a single shared network address. Without subnets, an organization could get multiple connections to the Internet, one for each of its physically separate subnetworks, but this would require an unnecessary use of the limited number of network numbers the Internet has to assign. It would also require that Internet routing tables on gateways outside the organization would need to know about and have to manage routing that could and should be handled within an organization.The Internet is a collection of networks whose users communicate with each other. Each communication carries the address of the source and destination networks and the particular machine within the network associated with the user or host computer at each end. This address is called the IP address (Internet Protocol address). This 32-bit IP address has two parts: one part identifies the network (with the network number) and the other part identifies the specific machine or host within the network (with the host number). An organization can use some of the bits in the machine or host part of the address to identify a specific subnet. Effectively, the IP address then contains three parts: the network number, the subnet number, and the machine number.
The IP Address
The 32-bit IP address (we have a separate definition of it with IP address) is often depicted as a dot address (also called dotted quad notation) - that is, four groups (or quads) of decimal numbers separated by periods. Here's an example:130.5.5.25
Each of the decimal numbers represents a string of eight binary digits. Thus, the above IP address really is this string of 0s and 1s:
10000010.00000101.00000101.00011001
As you can see, we inserted periods between each eight-digit sequence just as we did for the decimal version of the IP address. Obviously, the decimal version of the IP address is easier to read and that's the form most commonly used.
Some portion of the IP address represents the network number or address and some portion represents the local machine address (also known as the host number or address). IP addresses can be one of several classes, each determining how many bits represent the network number and how many represent the host number. The most common class used by large organizations (Class B) allows 16 bits for the network number and 16 for the host number. Using the above example, here's how the IP address is divided:
<--Network address--><--Host address--> 130.5 . 5.25
If you wanted to add subnetting to this address, then some portion (in this example, eight bits) of the host address could be used for a subnet address. Thus:
<--Network address--><--Subnet address--><--Host address--> 130.5 . 5 . 25
To simplify this explanation, we've divided the subnet into a neat eight bits but an organization could choose some other scheme using only part of the third quad or even part of the fourth quad.
The Subnet Mask
Once a packet has arrived at an organization's gateway or connection point with its unique network number, it can be routed within the organization's internal gateways using the subnet number as well. The router knows which bits to look at (and which not to look at) by looking at a subnet mask. A mask is simply a screen of numbers that tells you which numbers to look at underneath. In a binary mask, a "1" over a number says "Look at the number underneath"; a "0" says "Don't look." Using a mask saves the router having to handle the entire 32 bit address; it can simply look at the bits selected by the mask.Using the previous example (which is a very typical case), the combined network number and subnet number occupy 24 bits or three of the quads. The appropriate subnet mask carried along with the packet would be:
255.255.255.0Or a string of all 1's for the first three quads (telling the router to look at these) and 0's for the host number (which the router doesn't need to look at). Subnet masking allows routers to move the packets on more quickly.
IP-Subnet-Mask numbers
IP mask numbers are used to divide internet addresses into blocks called subnets. The mask number represents the number of 1s in the binary of the address that is 'masked" against the address So that it ignores the last bits which as for the group of IP addresses in the masked address.
The first address of a subnet block (all 0s) is called the network address or
network ID. The last address (all 1s) is the broadcast address of the
network. Typically the network address +1 or the broadcast address -1 is the
gateway to the internet. The 'slash' notation (ie /24) is known as CIDR
format, while the more conventional 255.255.255.0 notation is considered a
subnet mask.
Net bits | Subnet mask | total-addresses |
---|---|---|
/20 |
255.255.240.0 |
4096 |
/21 |
255.255.248.0 |
2048 |
/22 |
255.255.252.0 |
1024 |
/23 |
255.255.254.0 |
512 |
/24 |
255.255.255.0 |
256 |
/25 |
255.255.255.128 |
128 |
/26 |
255.255.255.192 |
64 |
/27 |
255.255.255.224 |
32 |
/28 |
255.255.255.240 |
16 |
/29 |
255.255.255.248 |
8 |
/30 |
255.255.255.252 |
4 |
The first address of a subnet block (all 0s) is called the network address or network ID. The last address (all 1s) is the broadcast address of the network. Typically the network address +1 or the broadcast address -1 is the gateway to the internet. This leaves us with total address -3 for host address with in a sub net block. That's why you either get 1 IP (4-1) or if you ask for one more you get 5 (8-3).
Here is an example:
192.168.1.0/25 would include all address between 192.168.1.0 and 192.168.1.127
while 192.168.1.128/25 would include 192.168.1.128 and 192.168.1.255
Below is a mask table that makes it easy to look up the mask for a group of IP addresses.
Mask table
Mask = /24
0-255
Mask = /25
0-127
128-255
Mask = /26
0-63
64-127
128-191
192-255
Mask = /27
0-31
32-63
64-95
96-127
128-159
160-191
192-223
224-255
Mask = /28
0-15
16-31
32-47
48-63
64-79
80-95
96-111
112-127
128-143
144-159
160-175
176-191
192-207
208-223
224-239
240-255
Mask = /29
0-7
8-15
16-23
24-31
32-39
40-47
48-55
56-63
64-71
72-79
80-87
88-95
96-103
104-111
112-119
120-127
128-135
136-145
146-151
152-159
160-167
168-175
176-183
184-191
192-199
200-207
208-215
216-223
224-231
232-239
240-247
248-255
Mask = /30
0-3
4-7
8-11
12-15
16-19
20-23
24-27
28-31
32-35
36-39
40-43
44-47
48-51
52-55
56-59
60-63
64-67
68-71
72-75
76-79
80-83
84-87
88-91
92-95
96-99
100-103
104-107
108-111
112-115
116-119
120-123
124-127
128-131
132-135
136-139
140-143
144-147
148-151
152-155
156-159
160-163
164-167
168-171
172-175
176-179
180-183
184-187
188-191
192-195
196-199
200-203
204-207
208-211
212-215
216-219
220-223
224-227
228-231
232-235
236-239
240-243
244-247
248-251
252-255
Netmasks
Netmask Netmask (binary) CIDR Notes
255.255.255.255 11111111.11111111.11111111.11111111 /32 Single Host
255.255.255.254 11111111.11111111.11111111.11111110 /31 Unuseable
255.255.255.252 11111111.11111111.11111111.11111100 /30 2
255.255.255.248 11111111.11111111.11111111.11111000 /29 6
255.255.255.240 11111111.11111111.11111111.11110000 /28 14
255.255.255.224 11111111.11111111.11111111.11100000 /27 30
255.255.255.192 11111111.11111111.11111111.11000000 /26 62
255.255.255.128 11111111.11111111.11111111.10000000 /25 126
255.255.255.0 11111111.11111111.11111111.00000000 /24 Class C
255.255.254.0 11111111.11111111.11111110.00000000 /23 2
255.255.252.0 11111111.11111111.11111100.00000000 /22 4
255.255.248.0 11111111.11111111.11111000.00000000 /21 8
255.255.240.0 11111111.11111111.11110000.00000000 /20 16
255.255.224.0 11111111.11111111.11100000.00000000 /19 32
255.255.192.0 11111111.11111111.11000000.00000000 /18 64
255.255.128.0 11111111.11111111.10000000.00000000 /17 128
255.255.0.0 11111111.11111111.00000000.00000000 /16 "Class B"
255.254.0.0 11111111.11111110.00000000.00000000 /15 2
255.252.0.0 11111111.11111100.00000000.00000000 /14 4
255.248.0.0 11111111.11111000.00000000.00000000 /13 8
255.240.0.0 11111111.11110000.00000000.00000000 /12 16
255.224.0.0 11111111.11100000.00000000.00000000 /11 32
255.192.0.0 11111111.11000000.00000000.00000000 /10 64
255.128.0.0 11111111.10000000.00000000.00000000 /9 128
255.0.0.0 11111111.00000000.00000000.00000000 /8 "Class A"
254.0.0.0 11111110.00000000.00000000.00000000 /7
252.0.0.0 11111100.00000000.00000000.00000000 /6
248.0.0.0 11111000.00000000.00000000.00000000 /5
240.0.0.0 11110000.00000000.00000000.00000000 /4
224.0.0.0 11100000.00000000.00000000.00000000 /3
192.0.0.0 11000000.00000000.00000000.00000000 /2
128.0.0.0 10000000.00000000.00000000.00000000 /1
0.0.0.0 00000000.00000000.00000000.00000000 /0 IP space