*NIX

Jan. 9, 2008, 5:09 a.m.
posted by whitehat

How Subnet Masks Group IP Addresses into Networks



How Subnet Masks Group IP Addresses into Networks

Subnet masks are used to tell which part of the IP address represents the network on which the computer is connected (network portion) and the computer's unique identifier on that network (host portion). The term netmasks is often used interchangeably with the term subnet masks; this book uses the latter term for the sake of consistency.

A simple analogy would be a phone number, such as (808) 225-2468. The (808) represents the area code, and the 225-2468 represents the telephone within that area code. Subnet masks enable you to specify how long you want the area code to be (network portion) at the expense of the number of telephones that are in the area code (host portion).

Most home networks use a subnet mask of 255.255.255.0. Each 255 means this octet is for the area code (network portion). So if your server has an IP address of 192.168.1.25 and a subnet mask of 255.255.255.0, the network portion would be 192.168.1 and the server or host would be device #25 on that network.

In all cases, the first IP address in a network is reserved as the network's base address and the last one is reserved for broadcast traffic that is intended to be received by all devices on the network. In our example, 192.168.1.0 would be the network address and 192.168.1.255 would be used for broadcasts. This means you can then use IP addresses from #1 to #254 on your private network.

Calculating the Number of Addresses Assigned to a Subnet

Most office and home networks use networks with 255 IP addresses or less in which the subnet mask starts with the numbers 255.255.255. This is not a pure networking text, so I'll not discuss larger networks because that can become complicated; but in cases where less than 255 IP addresses are required a few rules apply. There are only seven possible values for the last octet of a subnet mask. These are 0, 192, 128, 224, 240, 248 and 252. You can calculate the number of IP addresses for each of these by subtracting the value from 256.

In many cases the subnet mask isn't referred to by the dotted decimal notation, but rather by the actual number of bits in the mask. So for example a mask of 255.255.255.0 may be called a /24 mask instead. A list of the most commonly used masks in the office or home environment is presented in Figure.

The Dotted Decimal and Slash Subnet Mask Notations

Dotted Decimal Format

Slash Format

Available Addresses

255.255.255.0

/24

256

255.255.255.128

/25

128

255.255.255.192

/26

64

255.255.255.224

/27

32

255.255.255.240

/28

16

255.255.255.248

/29

8

255.255.255.252

/30

4


So for example, if you have a subnet mask of 255.255.255.192, you have 64 IP addresses in your subnet (256 192).

Calculating the Range of Addresses on Your Network

If someone gives you an IP address of 97.158.253.28 and a subnet mask of 255.255.255.248, how do you determine the network address and the broadcast addressin other words, the boundaries of your network? The following section outlines the steps to do this using both a manual and programmed methodology.

Manual Calculation

Take out your pencil and papermanual calculation can be tricky. Here we go!

1.
Subtract the last octet of the subnet mask from 256 to give the number of IP addresses in the subnet (256 248 = 8).

2.
Divide the last octet of the IP address by the result of step 1; don't bother with the remainder (for example, 28 / 8 = 3). This gives you the theoretical number of subnets of the same size that are below this IP address.

3.
Multiply this result by the result of step 1 to get the network address (8 x 3 = 24). Think of it as the third subnet with 8 addresses in it. The network address is therefore 97.158.253.24.

4.
The broadcast address is the result of step 3 plus the result of step 1 minus 1. (24 + 8 1 = 31). Think of it as the broadcast address being the network address plus the number of IP addresses in the subnet minus 1. The broadcast address is 97.158.253.31.

Let's do this for 192.168.3.56 with a mask of 255.255.255.224:

  1. 256 224 = 32

  2. 56 / 32 = 1

  3. 32 x 1 = 32. Therefore the network base address is 192.168.3.32.

  4. 32 + 32 1 = 63. Therefore the broadcast address is 192.168.3.63.

Let's do this for 10.0.0.75 with a mask of 255.255.255.240:

  1. 256 240 = 16

  2. 75 / 16 = 4

  3. 16 x 4 = 64. Therefore the network base address is 10.0.0.64.

  4. 64 + 16 1 = 79. Therefore the broadcast address is 10.0.0.79.

Note

As a rule of thumb, the last octet of your network base address must be divisible by the "256 minus the last octet of your subnet mask" and leave no remainder. If you are sub-netting a large chunk of IP addresses it's always a good idea to lay it out on a spreadsheet to make sure there are no overlapping subnets. Once again, this calculation exercise only works with subnet masks that start with "255.255.255".


Calculation Using a Script

There is a BASH script in Appendix II that will do this for you. Here is an example of how to use it; just provide the IP address followed by the subnet mask as arguments. It will accept subnet masks in dotted decimal format or /value format:

      [root@bigboy tmp]# ./subnet-calc.sh 216.151.193.92 /28

      IP Address           : 216.151.193.92
      Network Base Address : 216.151.193.80
      Broadcast Address    : 216.151.193.95

      Subnet Mask          : 255.255.255.240
      Subnet Size          : 16 IP Addresses

      [root@bigboy tmp]#

Subnet Masks for the Typical Business DSL Line

If you purchased a DSL service from your ISP that gives you fixed IP addresses, they will most likely provide you with a subnet mask of 255.255.255.248 that defines 8 IP addresses. For example, if the ISP provides you with a public network address of 97.158.253.24, a subnet mask of 255.255.255.248, and a gateway of 97.158.253.25, your IP addresses will be

          97.158.253.24 - Network base address
          97.158.253.25 - Gateway
          97.158.253.26 - Available
          97.158.253.27 - Available
          97.158.253.28 - Available
          97.158.253.29 - Available
          97.158.253.30 - Available
          97.158.253.31 - Broadcast

     Python   SQL   Java   php   Perl 
     game development   web development   internet   *nix   graphics   hardware 
     telecommunications   C++ 
     Flash   Active Directory   Windows