Once again about IP-addresses, subnet masks and more


IP-address (v4) is consisted of 32 bits. Any self-respecting administrator or IT specialist should answer correctly the question: "How many bits are in an IP-address?" Of course, It is desirable to know about IPv6: 128 bits.
Here is a first case. Theoretically IPv4-addresses can be:
232 =210*210*210*22 = 1024*1024*1024*4 ≈ 1000*1000*1000*4 = 4 billion
Below we could see that a lot of them are "eaten up" by any garbage.

I think everyone knows how IPv4-address is written. The four octets (it is the same as byte) in decimal with no leading zeros, separated by dots: “192.168.11.10”.

In the header of IP-packet are fields (source IP and destination IP): source address is a sender and destination (to whom) like the mail envelope has. Inside the packages of the IP-addresses are no masks. Also there are no any separators between octets either. Simply, there are 32-bit destination address and another 32-bit for the source address.

However, when the IP-address is assigned to the interface (network adapter or whatever it is called) of the computer or router, then except for the address of the device it is assigned the subnet mask to it. Once again: the mask is not passed in the IP-packet headers.

Computers need the subnet mask to determine the subnet boundaries. So everyone can determine who is in the network, and who is beyond its borders. The fact is that inside a single network the computers exchange packages "directly", and when it is needed to send a packet to another network they send to their default gateway (it is the third adjustable parameter in the network properties, if you remember). Let us see how this happens.

The subnet Mask is also a 32-bit. But unlike the IP-address the zeros and ones cannot rotate within it. Always, at first go a certain number of ones, then a certain number of zeros. The mask cannot be like that:

120.22.123.12=01111000.00010110.01111011.00001100.

But it may be like this:

255.255.248.0=11111111.11111111.11111000.00000000.

At first goes N ones, then 32-N zeros. It is easy to guess that this form of writing is redundant. It is enough number N, called the length of the mask. So it is written: 192.168.11.10/21 instead of 192.168.11.10 255.255.248.0. Both forms have the same meaning, but the first one is much more convenient.

In order to determine the subnet boundaries the computer does a bitwise multiplication (logical AND) between the IP-address and mask, receiving the output address with zeroed bits at the positions of the zero mask. Let us consider the example 192.168.11.10/21:

11000000.10101000.00001011.00001010
11111111.11111111.11111000.00000000
----------------------------------------------
11000000.10101000.00001000.00000000 = 192.168.8.0
Here is a second case. Any self-respecting administrator must be able to transfer IP-addresses from decimal to binary and back, as well as to have good knowledge of binary arithmetic.

Address 192.168.8.0 with all zeroed bits at the positions corresponding to the zeros in the mask is called the subnet address. It usually cannot be used as the address for the interface of a host. If these bits on the contrary set to ones, we will get the address 192.168.15.255.This address is called as directed Broadcast for the network. Its meaning in these times is very small: it was once believed that all the hosts in the subnet should respond to it, but it was long ago and not true. However, this address also cannot be used as a host address. All other addresses in the range from 192.168.8.1 to 192.168.15.254 inclusively are full addresses of hosts within the subnet 192.168.8.0/21, and they can be used for assignment to the computers.

Thus, the part of the address, which corresponds to one in the mask, is an address (ID) of subnet. It is often called a prefix. It is a part, which corresponds to the zeros in the mask; it is the host ID within a subnet. The subnet address as 192.168.8.0/21 or 255.255.248.0 192.168.8.0 can be seen quite often. Namely, the routers operate prefixes, building the traffic routes within the network. Only, the default gateway of the subnet knows about the location of the hosts within a subnet, but not the transit routers. The host address in isolation from the subnet is not used at all.
Here is a third case. The number of hosts in subnet is defined as 232-N-2, where N is the length of the mask. The longer is a mask, the fewer hosts it has.

The maximum length of the mask for the subnet with the hosts is N = 30. It is a network / 30 most often is used for addressing point-to-point-links between the routers.
Although most modern routers work well with the masks / 31, using the subnet address (zero in one-bit host part) and
Broadcast (one) as the address of the interfaces, and the administrators and network engineers often simply afraid of such an approach, preferring to be guided by the principle "anything may happen".

But the mask / 32 is used quite often. Firstly, it is used for any office necessities in addressing, so-called loopback-interfaces, and secondly, / 32 is a subnet, consisting of one host, namely, it is not any network. The more often the network administrator operates with individual machines, but not with groups of hosts, the less scalable is the network, the more it has errors and mess. An exception is when the firewall rules are written for servers, where the specificity is a good thing.


The interface on which is set up IP-address sometimes is called as the IP-interface or the L3-interface (see OSI model).

Before the IP-packet is sent the computer determines whether the address of destination gets in its subnet. If it gets in the subnet, it sends a packet "directly", but if it does not get, it sends it to the default gateway (router). As a rule, a default gateway is assigned a first address of the host in the subnet: in this case 192.168.8.1.
Here is a fourth case. From this follows that a router (the gateway and router is the same thing) with the interface address 192.168.8.1 does not know anything about the traffic that is being passed between the hosts 192.168.8.5 and 192.168.8.7. A very common mistake of beginning administrators is the desire to block or to control with help of gateway the traffic between hosts within the same subnet. The addressee and the sender must be in different subnets in order that the traffic will go through the router.

Thus, the network should usually have a few IP-subnets (2 +), and the router (or rather the firewall) that is routing and controlling the traffic between subnets.

The next step is splitting subnets into the smaller subnets. This network 192.168.8.0/21 can be divided into two subnets / 22, four subnets / 23, eight / 24, etc. The general rule is not difficult to guess, it is: K=2X-Y, where K is a number of subnets with a length of mask Y that can fit in the subnet with the length of mask X.
Here is a fifth case. Any decent network administrator should know by heart the power of two from 0 to 16, unless he receives a salary for his beautiful eyes.

The process of combining smaller prefixes (with the long mask that has few hosts) to large (with the short mask that has many hosts) is called aggregation or summarization. This is a very important process that allows you to minimize the amount of information that is necessary for the router to locate a transfer rout in the network. So, the providers give customers thousands of small blocks such as / 29, but the entire Internet does not even know about their existence. Instead, every major provider is assigned fixed big prefixes such as / 19 and larger. This allows reducing the number of logging in the global Internet routing table.
Here is a sixth case. The greater is the length of the mask, the less hosts can be in the subnet, and the greater share is taken by "eating up" of addresses, directed by Broadcast and default gateway to the subnet addresses. Particularly, in the subnet with the mask / 29 (232-29 = 8 combinations) will remain only 5 addresses that are available for actual use (62.5%). Now imagine that you are the provider that gives to the corporate clients thousands of blocks / 29. Therefore, the competent division of the IP-space into the subnets (working out the address plan) - this is a whole little science, including the search for compromise between the various complex factors.

If there is a large range of addresses from blocks for a private use such as 10.0.0.0 / 8, 172.16.0.0/12, and 192.168.0.0/16, of course, it is convenient to use masks that coincide with the length of octets boundaries: / 8, /16, / 24 or, respectively, 255.0.0.0, 255.255.0.0 and 255.255.255.0. Their use can make the work of the brain and a calculator easier, eliminating the need to work with the binary system and the bits. This is the right approach, but do not forget that abuse of this approach rarely brings to the good.
Finally is the last case. They are the notorious address classes. Dear friends, let us forget that word at all! For almost 20 years (!) there are no any classes. Since, it became clear that the length of prefix can be any.

Sometimes, good experts like to show off the words "a certain class of some network" to the subnet with some length of the mask. For example, you can often hear the word " class network C” in terms of 10.1.2.0/24. Class network (when it was) had no relation to the length of the mask, and it was determined by other factors like (combinations of bits in the address). The class addressing obliged to have the masks only with assigned length for the class. Therefore, this subnet 10.1.2.0/24 never belonged, and it will not belong to the class C.

Let us forget all that. The only thing we need to know that there are several global conventions, gathered under one roof in RFC3330 about the special values of certain blocks of addresses. So, for example, mentioned blocks 10/8, 172.16/12, and 192.168/16 are defined as ranges for the private use that are forbidden for routing in the Internet. Any people can use them for private purposes at their discretion. A block 224.0.0.0 / 4 is reserved for multicast, etc. But these are just conventions that are designed to ease the administrative interaction. I highly do not recommend you to break them (except for securely isolated laboratory tests). Technically, no one prohibits using any addresses for any purposes, so use them wisely.
ZimerMan 19 march 2012, 13:20
Vote for this post
Bring it to the Main Page
 

Comments

Leave a Reply

B
I
U
S
Help
Avaible tags
  • <b>...</b>highlighting important text on the page in bold
  • <i>..</i>highlighting important text on the page in italic
  • <u>...</u>allocated with tag <u> text shownas underlined
  • <s>...</s>allocated with tag <s> text shown as strikethrough
  • <sup>...</sup>, <sub>...</sub>text in the tag <sup> appears as a superscript, <sub> - subscript
  • <blockquote>...</blockquote>For  highlight citation, use the tag <blockquote>
  • <code lang="lang">...</code>highlighting the program code (supported by bash, cpp, cs, css, xml, html, java, javascript, lisp, lua, php, perl, python, ruby, sql, scala, text)
  • <a href="http://...">...</a>link, specify the desired Internet address in the href attribute
  • <img src="http://..." alt="text" />specify the full path of image in the src attribute