1Jan

Subnet Masks

1 Jan 2000admin
Subnet Masks Rating: 4,4/5 6435 reviews

Mar 03, 2009  IP subnetting made easy. It will come in handy to remember eight special numbers that reoccur when dealing with subnet masks. They are 255, 254, 252, 248, 240, 224, 192,. This guide will help you understand how IP Addresses and Subnet Masks work. This guide only discusses IPv4 addresses. Shure devices do.

The Subnet Masks tab allows you to adjust or modify the subnet masks used by the Sniffer Pro Expert. In Chapter 1, you read about the basics of an IP address. Here, you will configure the IP address in the Expert options. As Figure 4.39 shows, you have the option to either add or delete subnet masks from the Sniffer Pro Expert.

One note to mention is that failure to put the correct IP address class and subnet mask into the Expert options can result in false information reported by the Expert when capturing data. We recommend leaving the defaults. We’ve already discussed the fact that a Class A network uses the first octet as the network address.

You can see from the default subnet mask shown in the preceding table that the first octet is set to all 1 s (dotted decimal 255). Recall that a network ID cannot be set to all 1 s. Thus, when you use logical ANDing with any Class A network and the default subnet mask, it will always yield the Class A network ID. For example, if the Class A network ID is 66.x.y.z, it would be represented as 01000010.x.y.z.

The default subnet mask is represented as 11111111.x.y.z. The logical AND function, shown in Table 1.9, yields 01000010.x.y.z. The default subnet mask is not practical in most network configurations. For example, let us say that you owned a Class B network of 159.247.0.0. Using the default mask, you could have over 16,000 computers on one nonroutable network segment.

What if you had a remote office connected via a WAN link? Would you need to acquire another Class B network range for that office? First, this would be a major waste of your IP addresses and second, good luck on getting someone to give you that many. Luckily, you can create custom subnet masks to split up your IP addresses. By simply changing the subnet mask from 255.255.0.0 to 255.255.255.0, you have instantly given yourself 254 unique routable networks that can support 254 hosts each.

Creating a custom subnet mask is as simple as adding some binary ones to replace zeros in the mask. But what if you need to support 400 computers in a remote network? What does the mask look like then? This is where it gets a little tricky. You will need to convert the dotted decimal to its binary equivalent and perform a simple calculation. Let us take a look at this process.

1.Decide how many subnets or networks you need to support. This is pretty easy to calculate.

Figure out how many networks you have that are separated by a router. 2.Decide how many hosts you need on each network. You need to plan for the number of computers and other IP devices that you will want to support at each network location. Hearts of iron 3 semper fi manual 2017. Remember that you may need IP addresses for network switches, printers, and other IP-enabled devices on top of the number of computers that you need to support each network. You should plan for growth here as well. Give yourself at least 10% growth room for a given network. 3.Calculate the subnet mask.

You now have enough information to calculate the proper custom subnet mask. Perform the following to calculate your subnet mask. A.Convert the standard subnet mask to binary.

If we are using an IP network of 160.240.0.0, then the mask would be 255.255.0.0. The binary conversion is 111110.00000000. Notice that it takes eight binary numbers to make up the number between each decimal. This is why each number between the decimal is referred to as an octet. B.Add one to the number of networks (subnets) you need.

Assume that you need five networks. Add one to it to get six. C.Convert the decimal number to binary. You can do this manually or the calculator in Windows works great for this. In our example, we convert the decimal number six to binary, which is 110.

D.Calculate the bits required for the mask. This is equal to the bits required to create the binary number. Since 110 is three individual numbers, 3 bits are required.

E.Add the bits to the standard subnet mask resulting in a new binary subnet mask of 111110.00000000. Now convert this binary back to decimal resulting in 255.255.224.0. You now have the subnet mask to use on each network segment.Now that you have learned how to create a custom subnet mask, you should be aware that you can use a special subnet calculator to perform these steps for you. However, it is important that you understand how subnetting works if you plan on supporting Windows networks.

ClassIP AddressNetwork IDHost IDAa.b.c.dab.c.dBa.b.c.da.bc.dCa.b.c.da.b.cdKeeping in mind the unique class identifiers within the first byte of the IP address (see Table 4.9), in a subnetted network the network portion can be extended to 255.255.255.0, which would subnet a Class B address space using its third byte. The first two octets of an IP address would identify the Class B network, the next octet would identify the subnet within that network, and the final byte would select an individual host. Subnet masks are on a bit-by-bit basis; thus a subnet mask like 255.255.240.0 (4 bits of subnet; 12 bits of host) can also be used. Luigi DiGrande, in, 2009 Subnet MaskThe subnet mask is used in IPv4 and IPv6 to show what part of the address is the network portion and what part of the address is the host portion.

In IPv4 there are three default subnet masks corresponding to the three classes of IP addresses (as illustrated earlier). There are currently three ways of showing the subnet masks for IPv4 addresses; you can show them in dotted decimal, binary, or classless interdomain routing (CIDR). Dotted decimal is shown in Table 1.8, the binary notation for a Class A default mask would look like 111000.00000000 and finally the CIDR notation uses a slash/then the number of bits that need to be turned on in the mask. So for a Class A it would be /8, for Class B it would be /16, and finally for a Class C it would be /24.For IPv6 the default subnet mask is /64 (the first 64 bits are the network portion).

You could subnet this to make a few smaller networks as with the default mask you have 18,446,744,073,709,551,616 possible addresses on one IPv6 network. SubnetsHostsMaskSubnet BitsHost Bits24,194,302255.192.0.022262,097,150255.224.0.0321141,048,574255.240.0.042055.248.0.051955.252.0.,070255.254.0.071755.255.0.081655.255.128.6,382255.255.192.0,190255.255.224.0,094255.255.240.0,046255.255.2,3821,022255.255.2,766510255.255.254.054255.255.2,070126255.255.25.255.25.255.2,05.255.2,0.255.2,1.255.255.252222. SubnetsHostsMaskSubnet BitsHost Bits262255.255.20255.255.214255.255.26255.255.22255.255.255.25262These subnet mask tables can make it easier for you to determine which subnet mask to use for any given situation. Look at the tables for just a minute and notice what happens. As you go down the table, the number of subnets increases and the number of hosts in each subnet then decreases. Look at the right-hand side of each table. As the number of subnet bits increases, the number of host bits decreases.

Since we have a fixed number of bits to work with in each class of network address, each bit can be used in only one way—specified by the mask. Each bit must be either a subnet bit or a host bit.

An increase in the number of subnet bits causes a reduction in the number of host bits.Notice too that the tables are different sizes for each class of address. Because of the 24-bit, 16-bit and 8-bit host fields for class A, B, and C networks, respectively, we have three different tables. In, 2000 IntroductionVariable-length subnet masks (VLSM) allow network administrators to “right size” each subnet. With fixed-length subnet masks, however, each subnet in the network is the same size because each device has the same subnet mask, regardless of the need for addresses in each subnet. If we select a class mask of 255.255.254.0, each subnet is allocated 510 addresses. Most LANs have an upper limit of less than 150 devices due to traffic patterns and capacity of the physical LAN media.In actual fact, each network, WAN or LAN, has a different number of devices. With VLSM, the address administrator can more closely match the addressing needs of each subnet and use the address space more efficiently.

To determine the appropriate custom subnet mask, typically referred to simply as subnet mask, for a network, you must follow these steps: 1.Determine the number of host bits to be used for subnetting. A.Determine the maximum number of subnets required including consideration for future anticipated growth. B.Determine how many host bits are required to create the number of subnets. C.Add together the values of the left-most bits from the octets, yielding the highest network ID. 2.Determine the new subnetted network IDs.

A.List all the possible binary combinations of the bits taken from the host address space. B.Calculate the incremental value to each subnet and add to the network address. 3.Determine the IP addresses for each new subnet. A.Start with counting out the default class network ID bits. B.Add the bits that were borrowed from the host ID to the default network ID.

4.Determine the appropriate subnet mask. A.Use bitwise ANDing to compare the bits of the IP address and the subnet mask. B.The result of the comparison is the network ID. Brian Caswell, in, 2003 Merging Subnet MasksDeclaring subnets via subnet masks in variable declarations and rule definitions has the potential to consume unnecessary CPU resources. One quick method of maximizing Snort's potential to ensure efficient multinetwork usage is to merge subnet masks. In general, merging subnet masks are a manual task because they must be predefined and declared outside of the Snort program.

Additionally, a good amount of human thought needs to go into the definition process of deciding what networks should be included within any given rule or set of rules. Table 5.9 lists examples of single networks and addresses with the proper corresponding CIDR addresses along with the one merged subnet. Previously in the section “Assigning Source and Destination IP Addresses to Rules”, Table 5.1 detailed examples of using CIDR addresses instead of the corresponding subnet masks. Table 5.9 has examples of the corresponding network addresses and subnet masks that go along with each CIDR address. The first three examples are examples of merging network subnet masks, while the last two examples merge individual IP addresses with CIDR addresses. Merged Subnet MaskSubnets to Be Merged10.1.0.0/2210.1.0.0/24, 10.1.1.0/24, 10.1.2.0/24, 10.1.3.0/2410.1.0.0/2110.1.0.0/24, 10.1.1.0/24, 10.1.2.0/24, 10.1.3.0/24, 10.1.4.0/24, 10.1.5.0/24, 10.1.6.0/24, 10.1.7.0/2410.1.8.0/2210.1.8.0/24, 10.1.9.0/24, 10.1.10.0/24, 10.1.11.0/24198.30.1.0/30198.30.1.1/32, 198.30.1.2/32, 198.30.1.3/32 (single IP addresses)198.30.1.0/29198.30.1.1/32, 198.30.1.2/32, 198.30.1.3/32, 198.30.1.4/32, 198.30.1.5/32, 198.30.1.6/32, 198.30.1.7/32 (single IP addresses)Fortunately, there is a tremendous amount of information on MAC and IP addresses. If you are interested in learning more about defining and referencing network addresses, Steven's TCP/IP Illustrated is the godfather of the books on the TCP/IP stacks.

The examples in Table 5.10 represent merged or combined subnet masks that are incorrectly defined. The first row shows a common example that users make. Namely, the subnets that you are looking to merge must be numerically sequential to one another.

Notice that the four subnets that are “Subnets to Be Merged” define only class C address spaces. The second example might be the trickiest of them all. At first glance, it might appear that nothing is wrong, but the merged subnet mask 198.0.0.0/20 if redefined with the /21 CIDR address would read 198.0.0.0/21 and 198.1.0.0/21. The first class B address would be 198.0 instead of 198.1.

The error in the last example should be obvious by the fact that the two IP addresses that are to be merged are random and separated by 100 other addresses—a blatant error. Tools & Traps Automating Aggregating with AggregateAggregate is a straightforward tool that can be used on most UNIX and Linux platforms to help merge or “aggregate” multiple subnets. The program receives subnets that you want to merge via standard input (STDIN) and will pump the merged subnet to standard out (STDOUT.) There are numerous small or less popular versions of the tool, but the most popular and stable version can be downloaded from At the Debian site, you will be able to download and read the detailed usage README.

If you are a network admin like us, this is a little sheet that you will continually need access to. We hope you find it ashelpful as we do.AddressesHostsNetmaskAmount of a Class C/ 3042255.255.255.2521 / 64/ 2986255.255.255.2481 / 32/ 281614255.255.255.2401 / 16/ 273230255.255.255.2241 / 8/ 266462255.255.255.1921 / 4/ 5.255.255.1281 / 2/ 5.255.255.01/ 5.255.254.02/ 255.255.252.04/ 255.255.248.08/ 255.255.240.016/ 255.255.224.032/ 82255.255.192.064/ 66255.255.128.0128/ 34255.255.0.0256.