Understanding Subnet Masks, Subnetting, and Supernetting
The network addresses previously discussed represent only one physical network. If you have all of your hosts connected to the same piece of physical network equipment, such as an Ethernet 10BaseT hub, you only need one network address. In this case, you could decide to use 125.0.0.0 as your network address and assign host addresses from 125.0.0.1 to 125.255.255.254.
You can't use 125.255.255.255 because this is the all hosts address. Any packets with this destination address will be received by every host in the 125.0.0.0 network. This is otherwise known as the broadcast address for network 125.0.0.0. It requires that all digits in the second, third, and fourth octets be set to 1. The broadcast address for a Class B address, such as 171.54.0.0, would be 171.54.255.255. The broadcast address for a Class C network, such as 220.34.145.0, would be 220.34.145.255.
If you have hosts in two or more locations, and the locations are connected by a router, you cannot use the 125.0.0.0 address in more than one location. This is because systems running IP consider the portion of the address covered by the netmask to be the "network" address and consider the remainder of the address to be the "host" portion. Each network must be unique because that is how systems such as routers—which connect physical networks together and provide layer three connectivity—determine where the IP networks are located.
Consider a router with two Ethernet ports, 0 and 1. If the IP address on port 0 were 125.0.0.1 and the IP address on 1 were 125.0.0.2, the router would not be able to determine which interface a host with the IP address of 125.0.0.3 was reachable over using only layer three information. This is because the router only stores the network portion of the address in its routing table—in this case, 125.0.0.0.
The routing table is the database the router uses to keep track of all available networks. Looking at a packet destined for 125.0.0.3, the router would discover that it is a host system on the 125.0.0.0 network. The router would then query its routing table to determine which interface it knows about network 125.0.0.0 over. In this example, it would discover that both Ethernet 0 and Ethernet 1 have connections to 125.0.0.0. The only logical conclusion the router could reach is that both interfaces are actually connected to the same physical network. In this case, the router should be able to pick either interface to forward the packet over.
The other choice is to send two copies of the packet—one over each interface. Sending duplicate packets is usually not a good idea. They waste processing power on the system receiving them, so the router is likely to randomly select one of the interfaces. If 125.0.0.3 is connected to the physical network the router selects, the packet is received. If it is not, the packet is not received.
With the exception of parallel WAN links using HDLC encapsulation, Cisco routers do not allow the same network address to be applied to more than one interface. This applies to subnets as well.
Think about telephone area codes in the U.S. phone system. Each area code must be unique. Otherwise, the phone system would not be able to deliver the calls successfully.
However, the host portions of an address can be the same on different networks. Just as the phone system allows for numbers such as 408 555 1212 and 650 555 1212, IP networks allow for addresses such as 10.1.2.3 255.0.0.0 and 11.1.2.3 255.0.0.0. The phone system routes the call based on the area code and lets the local office keep track of its available numbers (telephones). The routers in an IP network route IP packets based on their network addresses and let the final router in the path deliver the packet to its final destination (IP end system).
The two solutions to this problem are as follows:
Select a different network address for each location. Use the default network mask for each address. In this case, you could use 126.0.0.0 and 130.0.0 for the next two locations. Remember that 127.0.0.0 and 128.0.0.0 are reserved.
Use subnetting. In this case, you need to come up with what is known as a subnet mask. What you are basically doing is creating subnetworks from a major network.
Note
The term major network or major net is simply a reference to the default network portion of an IP address based on its class. The major net of the Class A host address 125.0.0.1 is 125.0.0.0. (Class A networks reserve only the first octet.) The major net of the Class B host address 168.92.0.1 is 168.92.0.0. (Class B networks reserve the first and second octets.)
Because a Class A address uses the first octet as the network portion and the final three octets as host bits, the only way to create additional networks from the original network address is to somehow steal some of the hosts bits. Keep in mind that in the previous example, the "125" portion of address 125.0.0.1 was fixed. If you were to change it to, say, 126.0.0.1, you would use a completely different Class A address, which is not your goal. Your goal is to create more networks from the original 125.0.0.0 network.
If you understand that the default mask of 255.0.0.0 for a Class A indicates that the first octet is fixed and that the remaining bits can be set to any value except 255.255.255, you are well on your way to understanding the solution to subnetting. Consider the following:
255.0.0.0
125.0.0.0
The 255 overlays the first octet. What would happen if you extended the default mask by another octet?
255.255.0.0
125.0.0.0
You would be indicating that both the first and the second octet are now fixed—the first one because of the default mask for a Class A address, and the second one because you added a subnet mask. In this case, the default mask is 255.0.0.0 and the subnet mask is 0.255.0.0. The combination of the two creates a mask of 255.255.0.0. Now, a change in the second octet creates a new subnet.
125.1.0.0 with a mask of 255.255.0.0 and 125.2.0.0 with a mask of 255.255.0.0 are different subnets. Consider the following:
255.255.0.0
125.1.0.0
255.255.0.0
125.2.0.0
Both addresses are now using the first two octets as a combined network portion of the address (network and subnetwork). Both addresses still have the last two octets available as host addresses.
You can now create 253 different subnetworks of the major net 125.0.0.0. They range from 125.1.0.0 255.255.0.0 (subnet 1) to 125.254.0.0 255.255.0.0 (subnet 254). Using subnet 125.0.0.0 255.255.0.0 (subnet 0) is discouraged. It is easily confused with the major network 125.0.0.0 255.0.0.0 by routers running routing protocols such as RIP or IGRP, which do not store the subnet masks associated with networks they know about. See the section on subnet 0 in Chapter 3, "Discontiguous Networks, Summarization, and Subnet 0."
Following is an example of subnetting a Class B address to illustrate how subnetting works.
Assume that you were assigned the Class B address 172.16 from the Network Information Center (NIC). The first things you would need to determine would be how many subnets you needed and how many nodes per subnet you needed to define. A typical (and the easiest to use) Class B subnet mask would be 8 bits. Because the third octet is the first "free" octet for Class B, you can start there.
An 8-bit subnet mask would be 255.255.255.0. This would mean that you would have 254 subnets available and 254 addresses for nodes per subnet. In other words, your subnets would range from 172.16.1.0 to 172.16.254.0. Your host addresses on each subnet would range from 172.16.X.1 to 172.16.X.254, where X is the subnet applied. For subnet 1 (172.16.1.0), the host addresses would range from 172.16.1.1 to 172.16.1.254.
There is a mathematical formula for determining the number of subnets and hosts a subnet mask will allow for. In the previous example of 172.16.0.0 255.255.255.0, eight bits in the third octet are available for creating subnets, so 28 = 256. You have to subtract 1 for subnet 0 (172.16.0.0 255.255.255.0) and another for the broadcast address (172.16.255.0—the all 1s subnet). Remember that the all 1s address is always a broadcast address, regardless of whether it is a subnet of all 1s, a host address of all 1s, or both. Therefore, the formula becomes (28) –2 = 254.
The exact same formula is used for determining the quantity of host addresses available. In this example, you again have one octet—the forth octet—available for host addresses. Therefore, (28) –2 = 254 host addresses are available on each subnet of 172.16.0.0.
Determining What Subnet Is Being Used
Sometimes it is not as easy as the previous example may have led you to believe to determine which subnet a host address is part of. Subnets do not have to be created on octet boundaries. Consider the following perfectly valid host address:
172.16.32.1 255.255.240.0
This is not a host on the 32nd subnet of major net 172.16.0.0. As you will discover in a moment, it is the third subnet of 172.16.0.0 when using a mask of 255.255.240.0. However, it is still fairly easy to determine that a host address such as 172.16.32.1 is part of subnet 172.16.32.0. Consider the following host address:
172.16.44.1 255.255.240.0
What subnet is it part of? Unlike the previous example, in which any bit changed in the third octet represented a new subnet, this example has only reserved the first four bits of the third octet. This allows for (24) – 2 = 14 subnets and (212) – 2 = 4094 hosts.
Look at the address and mask in binary:
11111111.11111111.11110000.00000000 (mask)
10101100.00010000.00101100.00000001 (host address)
Notice that in the third octet of the host address, only one bit is set to one in the bits covered by the subnet mask. Remember that the subnet mask reserves bits for creating unique subnets. Because the remaining three bits that are set to 1 in the third octet of the host address are outside of the reserved bits, they must be host bits. Therefore, host address 172.16.44.1 is also in subnet 0.0.32.0 of the major net 172.16.0.0.
A certain logical (Boolean) formula can be used to determine what subnet a host address is part of. It requires a logical AND operation. Performing an AND operation means that any time you AND a 0 value to another 0 or a 1 value, the result is 0. Only a 1 ANDed with another 1 value will result in a 1 value. This is illustrated as follows:
0 0 1
0 1 1
- - -
0 0 1
Start by representing the bits in binary. You can drop the 1 in the last octet of the host address because the mask stops halfway through the third octet. Therefore, any bits set in the fourth octet must be host bits, not subnet bits.
172.16.44.0 = 10101100.00010000.00101100.00000000
255.255.240.0 = 11111111.11111111.11110000.00000000
Results of AND = 10101100.00010000.00100000.00000000
The resulting value is 172.16.32.0. Therefore, this is subnet 0.0.32.0 of the major net address 172.16.0.0.
The Shorthand Subnet Mask Indicator
Many TCP/IP devices have adopted a shorthand method for indicating the subnet mask associated with a network address. The format is 171.68.0.0/16. This is the shorthand version of 171.68.0.0 255.255.0.0. The /16 indicates that 16 bits are reserved for the subnet mask. 171.68.0.0/24 is shorthand for 171.68.0.0 255.255.255.0. As a final example, consider the Class C address 193.65.200.0/30, which is shorthand for 193.65.200.0 255.255.255.252. As you can see, this is a much easier method for representing IP network addresses and their associated masks.
Note
The /16 is also used with the term prefix, as in "the address 171.68.0.0/16 has a 16-bit prefix." Prefix is a shorthand way of referring to the number of bits in the address that are covered by the associated subnet mask. A non-subnetted Class C address has a 24-bit prefix by default. A subnetted Class C address with a mask of 255.255.255.240 has a /28 bit subnet mask and a 28-bit prefix.
Introduction to Supernetting
Supernetting is another term that anyone supporting an IP network should be familiar with. It is almost the opposite of subnetting. Subnetting refers to making additional smaller (sub) networks out of a major network. Supernetting, on the other hand, refers to making one large (super) network out of two or more smaller networks. The smaller networks can be major nets, such as 220.100.100.0/24, or subnets, such as 220.67.87.0/32.
Consider a company (Catco, Inc.) that has been granted the following registered Class C addresses: 220.220.1.0 through 220.220.255.0. Assume that Catco has assigned (used) 220.220.1.0 through 220.220.100.0. Catco does not need to advertise the entire list of 100 individual Class C addresses to the Internet. Instead, Catco can supernet the addresses to a shorter prefix: 220.220.0.0/16. This results in a 99 percent reduction in the number of routes that need to be advertised to the Internet. Full connectivity from the Internet to the 100 assigned Class C addresses is still possible because Catco has control of every possible network with the 16-bit supernet prefix of 220.220.0.0 (220.220.1.0, 220.220.2.0, . . . , 220.220.254.0 and 220.220.255.0).
HINT
You must configure the global command ip classless on a Cisco router in order to implement supernetting.
Supernetting is part of the broader concept of classless interdomain routing (CIDR). See Appendix A for a list of RFCs that provide more information on CIDR and supernetting.
This has been an intentionally brief introduction to the concept of supernetting. If you want to implement supernetting, you should consult the relevant RFCs. The book Internet Routing Architectures by Bassam Halabi, published by Cisco Press (ISBN 1-56205-652-2), is another excellent source of information on this subject.
Calculating Subnet and Host Combinations
Cisco Systems has a tool on CCO that makes subnetting much easier. Log on to CCO with your username and password and then access the following URL: http://www.cisco.com/techtools/ip_addr.html.
The Net3 Group has a Windows tool that can help you perform subnet and hosts calculations. See the URL http://www.net3group.com/ipcalc.html-ssi or search Net3's main home page at http://www.net3group.com.