SUBNETTING
Why We Need Subnets
To understand why we need subnets (short for subnetwork), let’s start right from the
beginning and recognize that we need to talk to "things" on networks. Users need to talk to
printers, email programs need to talk to servers, and each of these "things" needs to have
some sort of address. This is no different from a house address, but with one minor exception:
the addresses need to be in numerical form. It is not possible to have a device on a network
that has alphabetical characters in its address like "23rd Street." Its name can be alphanumeric
- and we could translate that name to a numeric address - but the address itself must be
numbers alone.
These numbers are called IP addresses, and they have the important function of figuring out
not only the address of "things," but how communication can occur between them. It is not
enough to just have an address. It is necessary to figure out how a message can be sent from
one address to another.
This is where a little organization comes into play.
It is often necessary to group things on a network together for both organizational and
efficiency’s sake. For example, let’s say you have a group of printers in your company’s
marketing department and a different bunch in the sales offices. You want to limit the printers
that each user sees to those of each department. You could accomplish this by organizing the
addresses of these printers into unique subnets.
A subnet then, is a logical organization of connected network devices.
Each device on each subnet has an address that logically associates it with the others on the
same subnet. This also prevents devices on one subnet from getting confused with hosts on
the other subnet.
1
�In terms of IP addressing and subnets, these devices are referred to as hosts. So, in the
example above, there is a network (the company), which is divided into logical subnets
(marketing and sales departments), each of which has its own hosts (users and printers).
IP Addresses
The "IP" in IP addresses refers to the Internet Protocol, where protocol is loosely defined as
"rules of communication". Imagine using a two-way radio in a police car. Your conversations
would probably end with "over" to indicate you are finishing a particular part of the
conversation. You might also say "over and out" when you are finished the conversation
itself. These are nothing more than the rules of talking over a two-way radio - or the protocol.
So, IP addressing must be understood as part of the rules for conversations over the Internet.
But it has grown so popular that it is also used on most any network connected to the Internet,
making it safe to say IP addressing is relevant for most networks as well as the Internet.
So what is an IP address? Technically, it is the means whereby an entity on a network can be
addressed. It is made up solely of numbers, and these numbers are conventionally written in
the particular form of XXX.XXX.XXX.XXX, which is referred to as dotted decimal format.
Any one of the numbers between the dots can be between 0 and 255, so example IP addresses
include:
• 205.112.45.60
• 34.243.44.155
These numbers can also be written in binary form by taking each of the decimal values
separated by dots and converting to binary. So a number like 205.112.45.60 could be written
as:
11001101.01110000.00101101.00111100
Each of these binary components is referred to as an octet, but this term is not often used in
subnetting practice. It does seem to come up in classrooms and books, so know what it is
(and then forget about it).
Why is each number limited to 0 to 255? Well, IP addresses are limited to 32 bits in length
and the maximum number of combinations of binary numbers you could have in an octet is
256 (mathematically calculated as 28). Hence, the largest IP address you could have would be
255.255.255.255, given that any one octet could be from 0 to 255.
There is one more aspect of an IP address that is important to understand - the concept of a
class.
Each IP address belongs to a class of IP addresses depending on the number in the first octet.
These classes are:
2
�Notice that the number 127 is not included. That’s because it is used in a special, self
reflecting number called a loopback address. Think of this as an address that says, “this is my
address.” Note that only the first three classes - A, B and C - are used by network
administrators. These are the commonly used classes. The other two, D and E, are reserved.
You define the class of an IP address by looking at its first octet value, but the structure of an
IP address for any one class is different. Each IP address has a network address and a host
address. The network part of the address is the common address for any one network, while
the host address part is for each individual device on that network. So, if your phone number
is 711-612-1234, the area code (711) would be the common, or network, component of the
telephone system, while your individual phone number of (612-1234) would be your host
address.
The network and host components of class IP addresses are:
Subnetting and the Subnet Mask
To subnet a network is to create logical divisions of the network. Subnetting, therefore,
involves dividing the network into smaller portions called subnets. Subnetting applies to IP
addresses because this is done by borrowing bits from the host portion of the IP address. In a
sense, the IP address then has three components - the network part, the subnet part and,
finally, the host part.
We create a subnet by logically grabbing the last bit from the network component of the
address and using it to determine the number of subnets required. In the following example, a
Class C address normally has 24 bits for the network address and eight for the host, but we
are going to borrow the left-most bit of the host address and declare it as identifying the
subnet.
3
�If the bit is a 0, then that will be one subnet; if the bit is a 1, that would be the second subnet.
Of course, with only one borrowed bit we can only have two possible subnets. By the same
token, that also reduces the number of hosts we can have on the network to 127 (but actually
125 useable addresses given all zeros and all ones are not recommended addresses), down
from 255.
So how can you tell how many bits should be borrowed, or, in other words, how many
subnets we want to have on our network?
The answer is with a subnet mask.
Subnet masks sound a lot scarier than they really are. All that a subnet mask does is indicate
how many bits are being “borrowed” from the host component of an IP address. If you can’t
remember anything about subnetting, remember this concept. It is the foundation of all
subnetting.
The reason a subnet mask has this name is that it literally masks out the host bits being
borrowed from the host address portion of the IP address.
In the following diagram, there is a subnet mask for a Class C address. The subnet mask is
255.255.255.128 which, when translated into bits, indicates which bits of the host part of the
address will be used to determine the subnet number.
Of course, more bits borrowed means fewer individually addressable hosts that can be on the
network. Sometimes, all the combinations and permutations can be confusing, so here are
some tables of subnet possibilities.
4
�5
�Note that this combination of IP addresses and subnet masks in the charts are written as two
separate values, such as Network Address = 205.112.45.60, Mask = 255.255.255.128, or as
an IP address with the number of bits indicated as being used for the mask, like
205.112.45.60/25.
Subnet masks work because of the magic of Boolean logic. To best understand how a subnet
mask actually does its thing, you must remember that a subnet mask is only relevant when
getting to a subnet. In other words, determining what subnet an IP address lives on is the only
reason for a subnet mask. It’s devices like routers and switches that make use of subnet
masks.
Public Vs. Private IP Addresses
Technically, if all the possible combinations of IP addresses were available, there would be
about 4,228,250,625IP addresses for use. This would have to include all public uses and
private uses - which would then mean, by definition, there would be nothing but public IP
addresses.
However, not all addresses are available. Some are used for special purposes. For example,
any IP address ending in 255 is a special broadcast address.
Other addresses are used for special signaling, including:
• Loopback (127.0.0.1) when a host is referring to itself
• Multicast routing mechanisms
• Limited broadcasts sent to every host, but limited to the local subnet
• Directed broadcasts first routed to a specific subnet, and then broadcast to all hosts on
that subnet
The concept of a private address is similar to that of a private extension in an office phone
system. Someone who wants to call an individual in a company would dial the company’s
public phone number, through which all employees can be reached. Once connected, the
caller would enter in the extension number of the person to whom they wished to speak.
Private IP addresses are to IP addresses what extension numbers are to phone systems.
Private IP addresses allow network administrators to extend the size of their networks. A
network could have one public IP address that all traffic on the Internet sees, and hundreds -
or even thousands - of hosts with private IP addresses on the company subnet.
Anyone can use a private IP address on the understanding that all traffic using these
addresses must remain local. It would not be possible, for example, to have an email message
associated with a private IP address to move across the Internet, but it is quite reasonable to
have the same private IP address work well in the company network.
6
�The private IP addresses that you can assign for a private network can be from the following
three blocks of the IP address space:
• 10.0.0.1 to 10.255.255.255: Provides a single Class A network of addresses
• 172.16.0.1 to 172.31.255.254: Provides 16 contiguous Class B network addresses
• 192.168.0.1 to 192.168.255.254: Provides up to 216 Class C network addresses
A typical network setup using public and private IP addresses with a subnet mask would look
like:
CIDR IP Addressing
Network administrators use Classless Internet Domain Routing (CIDR), pronounced "cider",
to represent IP addresses. The idea behind CIDR is to adapt the concept of subnetting to the
entire Internet. In short, classless addressing means that instead of breaking a particular
network into subnets, we can aggregate networks into larger supernets.
CIDR is therefore often referred to as supernetting, where the principles of subnetting are
applied to larger networks. CIDR is written out in a network/mask format, where the mask is
tacked onto the network address in the form of the number of bits used in the mask. An
example would be 205.112.45.60/25. What is most important to understand about the CIDR
method of subnetting is the use the network prefix (the /25 of 205.112.45.60/25), rather than
the classful way of using the first three bits of the IP address to determine the dividing point
between the network number and the host number.
The process for understanding what this means is:
1. The “205” in the first octet means this IP address would normally contain 24 bits to
represent the network portion of the address. With eight bits to an octet, the arithmetic
7
� is 3 x 8 = 24, or looking at it the other way around, “/24” means no bits are being
borrowed from the last octet.
2. But this is “/25,” which indicates it is “borrowing” one bit from the host portion of the
address.
3. With only one bit, there can only be two unique subnets.
4. So this is the equivalent of a net mask of 255.255.255.128, where there is a maximum
of 126 host addresses addressable on each of the two subnets.
So why did CIDR become so popular? Because it’s a much more efficient allocator of the IP
address space. Using CIDR, a network admin can carve out a number of host addresses that’s
closer to what is required than with the class approach.
For example, say a network admin has an IP address of 207.0.64.0/18 to work with. This
block consists of 16,384 IP addresses. But if only 900 host addresses are required, this wastes
scarce resources, leaving 15,484 (16,384 – 900) addresses unused. By using a subnet CIDR
of 207.0.68.0/22 though, the network would address 1,024 nodes, which is much closer to the
900 host addresses required.
Variable Length Subnet Masking
When an IP network is assigned more than one subnet mask, it is said to a have a variable
length subnet mask (VLSM). This is what is required when you are subnetting a subnet. The
concept is very straightforward: Any one subnet can be broken down into further subnets by
indicating the proper VLSM.
What must be appreciated about VLSM is how RIP 1 routers work. Originally, the IP
addressing scheme and RIP 1 routing protocol did not take into consideration the ability to
have different subnet masks on the same network. When a RIP 1 router receives a packet
destined for a subnet, it has no idea of the VLSM that has been used to generate the packet
8
�address. It just has an address to work with without any knowledge of what CIDR prefix was
originally applied - and therefore no knowledge of how many bits are used for the network
address and how many are for the host address.
A RIP 1 router would handle this by making some assumptions. If the router has a subnet of
the same network number assigned as the local interface, then it assumes the incoming packet
has the same subnet mask as the local interface, otherwise it assumes there is no subnet
involved and applies a classful mask.
The relevance of this is that RIP1 only allows a single subnet mask, making it impossible to
get the full benefit of VLSM. You must use a newer routing protocol like Open Shortest Path
First (OSPF) or RIP2, where the network prefix length or mask value is sent along with route
advertisements from router to router. With these in use, it is possible to use VLSM to its full
potential and have more than one subnet or sub-subnets.
