+ All Categories
Home > Documents > Subneting Workbook

Subneting Workbook

Date post: 24-Oct-2014
Category:
Upload: andreas-shiatis
View: 149 times
Download: 5 times
Share this document with a friend
Popular Tags:
52
Introduction You may wonder what subnetting is and its purpose. A loose understanding is the following. Subnetting is a process of partitioning a network into smaller (sub) independent network. The smaller network is called subnet. Subnetting relates to a good network design. One aspect of a good network design is to optimize the IP addresses that you have. Don't let IP addresses unused or go wasted. This is true especially when you have to pay to have those IP addresses, or you have limited IP address range to work with. The example of pay IP addresses is Public IP addresses that you retrieved from your ISP. You have to pay certain amount to have static IP addresses dedicated to you from your ISP. When you ask more IP from them, you have to pay more. This FAQ of subnetting discussion will be only in a perspective of IP network version 4. Further, the discussion is trying to build a basis of understanding on how subnetting functionality plays fundamental part in IP network, especially in relation and/or application to IP routing and switching as part of communication ways in IP network, and to best-practice network design in general. Hopefully after reading this FAQ, readers can have better understanding and better appreciation of subnetting beyond a mere mathematics or beyond a certification test passing. As with any learning process of new knowledge, there is no "cheating", meaning you need to understand the basics. There is some mention about binary number system (which you will find out soon) in regards of subnetting learning process. However unlike any other source, this FAQ tries to minimize the use of binary number system and tries to maximize the use of decimal number system which is more common among humans. The objective of this FAQ is to try to introduce you subnetting knowledge with less math to avoid dry reading and more on the "soul" of subnetting itself to embrace the essence. Binary Number System (2-based Number System) The most difficult part of understanding subnetting is probably the math (the calculation). As you can see from the links above, subnetting involves binary numbers. Yes, you are required to understand at least the basic of binary number system in order to understand subnetting process. Binary number system is used by any computers based on their nature of "on" and "off" state. Unfortunately we humans are used to decimal
Transcript
Page 1: Subneting Workbook

Introduction

You may wonder what subnetting is and its purpose. A loose understanding is the following. Subnetting is a process of partitioning a network into smaller (sub) independent network. The smaller network is called subnet.

Subnetting relates to a good network design. One aspect of a good network design is to optimize the IP addresses that you have. Don't let IP addresses unused or go wasted. This is true especially when you have to pay to have those IP addresses, or you have limited IP address range to work with.

The example of pay IP addresses is Public IP addresses that you retrieved from your ISP. You have to pay certain amount to have static IP addresses dedicated to you from your ISP. When you ask more IP from them, you have to pay more.

This FAQ of subnetting discussion will be only in a perspective of IP network version 4. Further, the discussion is trying to build a basis of understanding on how subnetting functionality plays fundamental part in IP network, especially in relation and/or application to IP routing and switching as part of communication ways in IP network, and to best-practice network design in general. Hopefully after reading this FAQ, readers can have better understanding and better appreciation of subnetting beyond a mere mathematics or beyond a certification test passing.

As with any learning process of new knowledge, there is no "cheating", meaning you need to understand the basics. There is some mention about binary number system (which you will find out soon) in regards of subnetting learning process. However unlike any other source, this FAQ tries to minimize the use of binary number system and tries to maximize the use of decimal number system which is more common among humans. The objective of this FAQ is to try to introduce you subnetting knowledge with less math to avoid dry reading and more on the "soul" of subnetting itself to embrace the essence.

Binary Number System (2-based Number System)

The most difficult part of understanding subnetting is probably the math (the calculation). As you can see from the links above, subnetting involves binary numbers. Yes, you are required to understand at least the basic of binary number system in order to understand subnetting process.

Binary number system is used by any computers based on their nature of "on" and "off" state. Unfortunately we humans are used to decimal number system, hence create a gap. This gap leads to some kind of confusion to those who are just learning networking and subnetting.

But no worries! There is an easier way to understand subnetting with less theory and more practical approach. The key is to keep using decimal number system with binary number system in mind.

Before we begin, you need to refresh your math on power. Following is an illustration.

2^0 = 12^1 = 22^2 = 2 x 2 = 42^3 = 2 x 2 x 2 = 82^4 = 2 x 2 x 2 x 2 = 16

Page 2: Subneting Workbook

2^5 = 322^6 = 642^7 = 1282^8 = 256

Binary system number is based on power of two (2^n). This number system shows that you can only double the current number to have the next bigger number. This number system also shows that you can only halve the current number to have the previous number. The Binary system number hence introduces the concept of half-and-double size.

To explore further, check out the following table. On the table, note that the next bigger number is always double the size of the current number. From different approach, the previous number is always half size of the current number.

As you may see, there is no other way to have the next bigger number of the current number but to double size of current number. Similarly, there is no other way to have one smaller number of the current number but to halve size the current number. The interval between one number and the next or between one number and the previous is always based on the power of two. Keep in mind that this half-and-double size concept is the very basic of subnetting as you will later find out.

1   x 2 = 2                  |               half the size2   x 2 = 4                  |                     A4   x 2 = 8                  |                     |8   x 2 = 16                 |                     |16  x 2 = 32                 |                     |32  x 2 = 64                 |                     |64  x 2 = 128                V                     |128 x 2 = 256         double the size              |

In terms of subnetting,

1   = /32 = 255.255.255.2552   = /31 = 255.255.255.2544   = /30 = 255.255.255.2528   = /29 = 255.255.255.24816  = /28 = 255.255.255.24032  = /27 = 255.255.255.22464  = /26 = 255.255.255.192128 = /25 = 255.255.255.128256 = /24 = 255.255.255.0

In terms of IP address quantity

/32: 2^0 = 1                        =   1 IP address within the subnet/31: 2^1 = 2 of /32 = 2 x   1 =   2 =   2 IP addresses within the subnet/30: 2^2 = 2 of /31 = 2 x   2 =   4 =   4 IP addresses within the subnet/29: 2^3 = 2 of /30 = 2 x   4 =   8 =   8 IP addresses within the subnet/28: 2^4 = 2 of /29 = 2 x   8 =  16 =  16 IP addresses within the subnet/27: 2^5 = 2 of /28 = 2 x  16 =  32 =  32 IP addresses within the subnet/26: 2^6 = 2 of /27 = 2 x  32 =  64 =  64 IP addresses within the subnet/25: 2^7 = 2 of /26 = 2 x  64 = 128 = 128 IP addresses within the subnet/24: 2^8 = 2 of /25 = 2 x 128 = 256 = 256 IP addresses within the subnet

Page 3: Subneting Workbook

Side Note:

Some people refer the xxx.xxx.xxx.xxx notation as octet (8-based number system). There are four octets in the notation. To separate the octets, there are dots between them. I call them 4-tuple octet.

For /24 to /32 subnets, the 1st three octets remain the same. The only octet that changes is the 4th octet (the last octet).

Subnet Mask

Subnetting always relates to something called Subnet Mask. Subnet Mask is the way an IP address represent which subnet it is under.

To show you how a subnet mask looks like, let's review the previous table.

1   = /32 = 255.255.255.2552   = /31 = 255.255.255.2544   = /30 = 255.255.255.2528   = /29 = 255.255.255.24816  = /28 = 255.255.255.24032  = /27 = 255.255.255.22464  = /26 = 255.255.255.192128 = /25 = 255.255.255.128256 = /24 = 255.255.255.0

As mentioned, there are octets separated by dots that I called 4-tuple octet. This 4-tuple octet is commonly known as Subnet Mask.

Another format of displaying subnet mask is by using CIDR (Classless Inter-Domain Routing) format. Where the 4-tuple octet format is shown on the above table rightmost column, the CIDR format is shown on the above table leftmost column. To clarify, check out following table.

IP Address Quantity    CIDR format subnet mask      4-tuple octet format subnet mask  Within Subnet             (Prefix)         1                      /32                         255.255.255.255       2                      /31                         255.255.255.254       4                      /30                         255.255.255.252       8                      /29                         255.255.255.248      16                      /28                         255.255.255.240      32                      /27                         255.255.255.224      64                      /26                         255.255.255.192     128                      /25                         255.255.255.128     256                      /24                         255.255.255.0

Later you will find out that CIDR format is based on the subnet mask binary format where the number behind the / represents how many bits are set to 1 (one) contiguously from the left. You will also learn this relationship between subnet mask and IP address quantity within the subnet from the subnet mask binary format.

As a note, the CIDR format subnet mask as shown is known as prefix. The higher the number, the prefix is called longer prefix. The lower the number, the prefix is called shorter prefix. As an illustration, a /26 is a shorter prefix than /28 but is a

Page 4: Subneting Workbook

longer prefix than /24.

Now let's see how a subnet mask determine the fitting in of an IP address into a subnet.

Example #1

IP Address: 192.168.0.4Subnet Mask: /31 (255.255.255.254)

From the table above, /31 informs that there is a network that consists of two IP addresses; 192.168.0.4 and 192.168.0.5. The 192.168.0.4/31 is the 1st IP address of the network.

Example #2

IP Address: 192.168.0.4Subnet Mask: /30 (255.255.255.252)

Refer to the table, /30 shows that there is a network that consists of four IP addresses; 192.168.0.4 to 192.168.0.7. The 192.168.0.4/30 is the 1st IP address of the network.

Example #3

IP Address: 192.168.0.4Subnet Mask: /29 (255.255.255.248)

Using the above table, /29 reflects that there is a network that consists of eight IP addresses; 192.168.0.0 to 192.168.0.7. The 192.168.0.4/29 is the 5th IP address of the network.

Example #4

IP Address: 192.168.0.4Subnet Mask: /32 (255.255.255.255)

Based on the above table, /32 points that there is a network that consists of a single IP address; 192.168.0.4. The 192.168.0.4/32 is the 1st and the last (the only) IP address of the network.

What IP Address Represents in IP Network

In general, an IP address represents a machine within certain IP network. This machine can be any machine that understand IP address such as PC, printer, server, router, firewall, X-Box, and Playstation. In networking term, such machine is sometimes called a host.

When a host (let's say Host A) in IP network needs to communicate with other host of some IP network (let's say Host B), then Host A uses its IP address to communicate with Host B. This communication is a two-way communication, meaning there should be a reply communication from Host B to A. Host B in this communication back to A also uses its IP address.

Page 5: Subneting Workbook

What Subnet Mask Represents in IP Network

In general, a Subnet Mask represents how large an IP network is. From subnet mask of specific IP address, you can tell the following

* Number of IP address within the subnet* Number of IP address available for host* IP Address range of the subnet

Later on, you can also tell the following from subnet mask of specific IP address

* The first IP address within the subnet (called Network ID IP address)* The last IP address within the subnet (called Broadcast IP address)

In terms of IP network communication between two hosts say Hosts A and B, A can tell if itself is within the same network as B or not just by checking itself IP address and subnet mask. On later discussion, you will see how this ability plays important part in IP network communication.

Number of IP Address Within A Subnet

By referring to the previous table, let's say you have the following* 192.168.0.0/32

Based on the above, you should be able to tell the followingIP Address: 192.168.0.0Subnet Mask: /32 (255.255.255.255)Number of IP address within the subnet: 1Number of IP address available for host: 1IP Address range: 192.168.0.0

When you have the following* 192.168.0.0/31

then you should be able to tell the followingIP Address: 192.168.0.0Subnet Mask: /31 (255.255.255.254)Number of IP address within the subnet: 2Number of IP address available for host: 2IP Address range: 192.168.0.0, 192.168.0.1

Similar result with the following* 192.168.0.0/29

IP Address: 192.168.0.0Subnet Mask: /29 (255.255.255.248)Number of IP address within the subnet: 8Number of IP address available for host: 8IP Address range: 192.168.0.0, 192.168.0.1, ..., 192.168.0.6, 192.168.0.7

As a note that when the available IP address is implemented into machine or host, then there are the following understanding. The first example shows that the 192.168.0.0/32 network can hold single host with IP address of 192.168.0.0. The second example shows that 192.168.0.0/31 network can hold two hosts with IP address of either 192.168.0.0 or 192.168.0.1. The third example shows that

Page 6: Subneting Workbook

192.168.0.0/29 network can hold eight hosts with IP address of either 192.168.0.0, 192.168.0.1, ..., 192.168.0.6, or 192.168.0.7.

For a list of host number certain network can hold, refer to the following

/32:   1 IP address within the subnet   =   1 host can exist within the subnet/31:   2 IP addresses within the subnet =   2 hosts can exist within the subnet/30:   4 IP addresses within the subnet =   4 hosts can exist within the subnet/29:   8 IP addresses within the subnet =   8 hosts can exist within the subnet/28:  16 IP addresses within the subnet =  16 hosts can exist within the subnet/27:  32 IP addresses within the subnet =  32 hosts can exist within the subnet/26:  64 IP addresses within the subnet =  64 hosts can exist within the subnet/25: 128 IP addresses within the subnet = 128 hosts can exist within the subnet/24: 256 IP addresses within the subnet = 256 hosts can exist within the subnet

The Size Doubling and Subnetting

Referring to the previous examples, you may wonder how to create such table that shows specific IP address belongs to specific order number of a network or to determine the IP address range available for host by just looking at the subnet mask. Following is the break down.

To describe, let's start with 192.168.0.0/24 network. Referring to the above host IP address availability table, note that 192.168.0.0/24 network consists of 256 IP addresses; from 192.168.0.0, 192.168.0.1, 192.168.0.2, ...., 192.168.0.254, to 192.168.0.255.

In this following illustration, you can see the 192.168.0.0/24 as a long piece of wood where each end represents the 1st and the last IP addresses; 192.168.0.0/24 and 192.168.0.255/24 respectively.

                                                /24+----------------------------------------------------------------------------------  ------- ------------+|                                                                                                        |+----------------------------------------------------------------------------------  ------- ------------+

A                                                                                                        A|                                                                                                        |1st IP address (192.168.0.0/24)                                         Last IP address ( 192.168.0.255/24)

When you break up a /24 network into two equal sub-networks, note that you have two /25 networks. In other words, a /24 network is double the size of /25 network.

Using the long piece of wood illustration, the long piece of wood of a /24 breaks into two pieces of equal size. Let's call the pieces as the 1st half and the 2nd half.

Since the /24 network is 192.168.0.0/24, then the two /25 networks off the /24 network are 192.168.0.0/25 (1st half) and 192.168.0.128/25 (2nd half). The 1st half, 192.168.0.0/25 network, consists of 128 IP addresses; from 192.168.0.0, 192.168.0.1, ...., to 192.168.0.127. The 2nd half, 192.168.0.128/28, consists of also 128 IP addresses; from 192.168.0.128, 192.168.0.129, ...., to 192.168.0.255.

Following is the illustration.

Page 7: Subneting Workbook

                                                  /24+---------------------------------------------------+ +----------------------------------- --------------+|                                                   | |                                                  |+---------------------------------------------------+ +----------------------------------- --------------+             1st half (1st /25)                                    2nd half (2nd /25)A                                                   A A                                                  A|                                                   | |                                                  |1st IP address (192.168.0.0/25)                     | |                 Last IP address ( 192.168.0.255/24)                                                  | |                Last IP address (192.168.0.127/25)   1st IP address (192.168.0.128/25)

Similarly, breaks up a /25 network into two equal-size networks gives you two /26 networks. In other words, a /25 network is double the size of /26 network.

Using the long piece of wood illustration, each piece of wood of a /25 breaks into two pieces of equal size. Therefore the original long piece of wood of a /24 now becomes four pieces of equal size. Let's call these four pieces as 1st, 2nd, 3rd, and 4th quarter respectively.

You now have four /26 networks when you break up a /24 network into four equal-size networks. Each of the four /26 networks consists of 64 IP addresses. Since the /24 network is 192.168.0.0/24, then the four /26 networks off the /24 network are 192.168.0.0/26 (1st quarter), 192.168.0.64/25 (2nd quarter), 192.168.0.128/26 (3rd quarter), and 192.168.0.192/26 (last quarter).

Following is the illustration.

                                                  /24+-----------------------+ +--------------------------+ +----------------------+ +--------- ---------------+|                       | |                          | |                      | |                         |+-----------------------+ +--------------------------+ +----------------------+ +--------- ---------------+       1st /26                    2nd /26                    3rd /26                  4  th /26A                       A A                          A A                      A A                         A|                       | |                          | |                      | |                         |1st IP address          | |            Last IP address |        Last IP address |           Last IP address(192.168.0.0/26)        | |         (192.168.0.127/26) |     (192.168.0.191/26) |       ( 192.168.0.255/26)                      | |                            |                        |       Last IP address  1st IP address               1st IP address           1st IP add ress      (192.168.0.63/26) (192.168.0.64/26)            (192.168.0.128/26) (192.168.0 .192/26)

The same logic continues where /26 network is double the size of /27 network (or /27 network is half size of /26 network) and /31 network is double the size of /32 network (or /32 network is half size of /31 network).

To sum up the understanding, following shows how larger subnet size correlates to smaller subnet size.

/24 = 2 x /25 = 4 x /26 = 8 x /27 = 16 x /28 = 32 x /29 = 64 x /30 = 128 x /31 = 256 x /32

Page 8: Subneting Workbook

How did this half-and-double size concept come form? Let's review the previous table to find the answer.

/32: 2^0 = 1                        =   1 IP address within the subnet/31: 2^1 = 2 of /32 = 2 x   1 =   2 =   2 IP addresses within the subnet/30: 2^2 = 2 of /31 = 2 x   2 =   4 =   4 IP addresses within the subnet/29: 2^3 = 2 of /30 = 2 x   4 =   8 =   8 IP addresses within the subnet/28: 2^4 = 2 of /29 = 2 x   8 =  16 =  16 IP addresses within the subnet/27: 2^5 = 2 of /28 = 2 x  16 =  32 =  32 IP addresses within the subnet/26: 2^6 = 2 of /27 = 2 x  32 =  64 =  64 IP addresses within the subnet/25: 2^7 = 2 of /26 = 2 x  64 = 128 = 128 IP addresses within the subnet/24: 2^8 = 2 of /25 = 2 x 128 = 256 = 256 IP addresses within the subnet

Note that the concept of half-and-double size is based on the binary system where you can only double the network size or break up the subnet into two equal size of smaller networks as shown on previous table. As mentioned earlier, the interval between one number and the next or between one number and the previous is always based on the power of two; which introduces the very basic of subnetting logic.

Using the same logic as presented, let's recap. Subnetting /24 network into

* 2 equal network size makes 2 of /25 networks* 4 equal network size makes 4 of /26 networks* 8 equal network size makes 8 of /27 networks* 256 equal network size makes 256 of /32 networks

When the /24 network is 192.168.0.0/24, then following are how the smaller subnets look like.

The 4 /26 networks:

1. 192.168.0.0/26

IP Address: 192.168.0.0Subnet Mask: /26 (255.255.255.192)Number of IP address within the subnet: 64Number of IP address available for host: 64IP Address range: 192.168.0.0, 192.168.0.1, ...., to 192.168.0.63

2. 192.168.0.64/26

IP Address: 192.168.0.64Subnet Mask: /26 (255.255.255.192)Number of IP address within the subnet: 64Number of IP address available for host: 64IP Address range: 192.168.0.64, 192.168.0.65, ...., to 192.168.0.127

3. 192.168.0.128/26

IP Address: 192.168.0.128Subnet Mask: /26 (255.255.255.192)Number of IP address within the subnet: 64Number of IP address available for host: 64

Page 9: Subneting Workbook

IP Address range: 192.168.0.128, 192.168.0.129, ...., to 192.168.0.191

4. 192.168.0.192/26

IP Address: 192.168.0.192Subnet Mask: /26 (255.255.255.192)Number of IP address within the subnet: 64Number of IP address available for host: 64IP Address range: 192.168.0.192, 192.168.0.193, ...., to 192.168.0.255

The 32 /29 networks

192.168.0.0  /29 = 192.168.0.0 - 192.168.0.7192.168.0.8  /29 = 192.168.0.8 - 192.168.0.15192.168.0.16 /29 = 192.168.0.16 - 192.168.0.23   .   .   .192.168.0.240/29 = 192.168.0.240 - 192.168.0.247192.168.0.248/29 = 192.168.0.248 - 192.168.0.255

If let's say you only need nine subnets off 192.168.0.0/24, then following are the considerations.

* All subnets are in equal size* Subnet quantity are only in two-power form which are 2 (as of 2 x /25), 4 (as of 4 x /26), 8 (as of 8 x /27), 16 (as of 16 x /28), and so on* Nine is higher than 8 and is lower than 16* To accommodate the nine subnets, then you can consider the 16 of the /28 subnet size* You could then take the 1st nine subnet out of the 16 subnets available* The nine subnets you take are 192.168.0.0/28, 192.168.0.16/28, 192.168.0.32/28, 192.168.0.48/28, 192.168.0.64/28, 192.168.0.80/28, 192.168.0.96/28, 192.168.0.112/28, and 192.168.0.128/28

Octet and Subnet Calculating

As you may notice, IP address and subnet mask are presented in form of octet (the xxx.xxx.xxx.xxx). There are four octets on both IP address and subnet mask representation, where dots are used to separate one octet from another.

In math, octet can be seen as "summary" of binary numbers. This is one of key in easy subnet calculation using decimal number system with binary number system in mind.

Another key to such easy subnet calculation is utilizing the octet. Start working from the last octet and work up the one previous octet when necessary. In calculating IP address within /24 subnet or smaller for example, note that only the last octet is changing as mentioned previously. When you calculate subnet larger than /24, you will then consider the 3rd octet (and the rest) as necessary.

Specifically with /25 or smaller subnet, you need to calculate starting from /24. In other words, you should see the /25 or smaller subnet as part of larger /24 network. Any /25 or smaller subnet calculation must refer to the larger /24 network, or in other word, must refer to the last octet.

Page 10: Subneting Workbook

Here is illustration. Let's say you are given 192.168.0.67/28 network. You need to determine the following

* range of IP addresses within the subnet* order number of 192.168.0.67 IP address within the subnet

You start by seeing 192.168.0.67/28 as part of larger 192.168.0.0/24 network. In other words, you have to start calculating from 192.168.0.0 IP address (the 1st IP address) to create a list of smaller /28 networks off a larger /24 network.

Referring to the previous table, /28 = 2^4 = 16 IP addresses. Therefore the 1st /28 should be the following

192.168.0.0   - 192.168.0.15

The remaining /28 network should be the following

192.168.0.16  - 192.168.0.31192.168.0.32  - 192.168.0.47192.168.0.48  - 192.168.0.63192.168.0.64  - 192.168.0.79192.168.0.80  - 192.168.0.95192.168.0.96  - 192.168.0.111192.168.0.112 - 192.168.0.127192.168.0.128 - 192.168.0.143192.168.0.144 - 192.168.0.159192.168.0.160 - 192.168.0.175192.168.0.176 - 192.168.0.191192.168.0.192 - 192.168.0.207192.168.0.208 - 192.168.0.223192.168.0.224 - 192.168.0.239192.168.0.240 - 192.168.0.255

which makes up the entire 192.168.0.0/24 network.

By referring to the 1st IP address of each /28 subnet, you present those subnets as follow

192.168.0.0   - 192.168.0.15  = 192.168.0.0/28192.168.0.16  - 192.168.0.31  = 192.168.0.16/28192.168.0.32  - 192.168.0.47  = 192.168.0.32/28192.168.0.48  - 192.168.0.63  = 192.168.0.48/28192.168.0.64  - 192.168.0.79  = 192.168.0.64/28192.168.0.80  - 192.168.0.95  = 192.168.0.80/28192.168.0.96  - 192.168.0.111 = 192.168.0.96/28192.168.0.112 - 192.168.0.127 = 192.168.0.112/28192.168.0.128 - 192.168.0.143 = 192.168.0.128/28192.168.0.144 - 192.168.0.159 = 192.168.0.144/28192.168.0.160 - 192.168.0.175 = 192.168.0.160/28192.168.0.176 - 192.168.0.191 = 192.168.0.176/28192.168.0.192 - 192.168.0.207 = 192.168.0.192/28192.168.0.208 - 192.168.0.223 = 192.168.0.208/28192.168.0.224 - 192.168.0.239 = 192.168.0.224/28192.168.0.240 - 192.168.0.255 = 192.168.0.240/28

Page 11: Subneting Workbook

Later on, you will learn that the 1st IP address as the reference is called Network ID.

Recall the question of finding the IP address range of 192.168.0.67/28. Referring to the above table, you see that 192.168.0.67 is between 192.168.0.64 and 192.168.0.79 or within 192.168.0.64/28. Therefore the IP address range is 192.168.0.64 - 192.168.0.79, where the 192.168.0.67 is the 4th IP address.

Note:Since there are 16 IP addresses within one subnet, you can add 16 to the 4th octet of 1st IP address of the subnet to find out the next 1st IP address of the next subnet; while the 1st three octets are constant. Illustration as follows.

1st Subnet: 192.168.0.0/28

   Octet1st.2nd.3rd.4th192.168. 0 . 0          16       + ----          16

Next Subnet: 192.168.0.16/28

2nd Subnet: 192.168.0.16/28

   Octet1st.2nd.3rd.4th192.168. 0 .16          16       + ----          32

Next Subnet: 192.168.0.32/28

Later you will learn how to find such specific subnet quickly using some tips and tricks.

Group of Multiple Single IP addresses or subnets

Let's review the previous 192.168.0.0/28 network illustration. As noted, you can create a list of /28 networks to make up a larger 192.168.0.0/24 network.

When you see such from the other way around, you have a concept of seeing a Class C network (full /24) as either groups of single IP addresses (256 of /32 subnets) or groups of smaller subnets. In the previous 192.168.0.0/28 network illustration, the 192.168.0.0/24 can be seen as groups of smaller /28 subnets (16 of /28 subnets).

Following is a list of smaller subnet groups to make up the entire Class C network

/24 = 2 x /25 = 4 x /26 = 8 x /27 = 16 x /28 = 32 x /29 = 64 x /30 = 128 x /31 = 256 x /32/25 = 2 x /26 = 4 x /27 = 8 x /28 = 16 x /29 = 32 x /30 = 64 x /31 = 128 x /32/26 = 2 x /27 = 4 x /28 = 8 x /29 = 16 x /30 = 32 x /31 = 64 x /32

Page 12: Subneting Workbook

/27 = 2 x /28 = 4 x /29 = 8 x /30 = 16 x /31 = 32 x /32/28 = 2 x /29 = 4 x /30 = 8 x /31 = 16 x /32/29 = 2 x /30 = 4 x /31 = 8 x /32/30 = 2 x /31 = 4 x /32/31 = 2 x /32

Supernetting

As noted on previous discussion, you can create a list of /28 networks to make up a larger 192.168.0.0/24 network. When you combine the entire /28 networks, the result is the basically the same as the 192.168.0.0/24 network.

Now let's say you have 32 of 192.168.0.x/29 networks. Note that 192.168.0.0/24 covers the same IP addresses as the 32 of 192.168.0.x/29 networks. When you present the 32 of 192.168.0.x/29 to the same device or audience, you have a choice to present them in the form of 192.168.0.0/24.

When you present the 32 of 192.168.0.x/29 networks in the form of 192.168.0.0/24, you combine the whole 32 of 192.168.0.x/29 to become larger 192.168.0.0/24 network. This combining process is called supernetting. The result network is called supernet.

Let's review another illustration. This time you have four /30 networks; 192.168.0.0/30, 192.168.0.4/30, 192.168.0.16/30, and 192.168.0.20/30. You then have the following IP address ranges

192.168.0.0/30 = 192.168.0.0 - 192.168.0.3192.168.0.4/30 = 192.168.0.4 - 192.168.0.7192.168.0.16/30 = 192.168.0.16 - 192.168.0.19192.168.0.20/30 = 192.168.0.20 - 192.168.0.23

In simpler form, you have the following IP address ranges

192.168.0.0 - 192.168.0.7 = 192.168.0.0/29192.168.0.16 - 192.168.0.23 = 192.168.0.16/29

You then have a choice to supernet the four /30 networks to become two larger /29 networks.

Note that you cannot supernet the four /30 networks to become a single larger /27 network of 192.168.0.0/27. Following is the reason.

192.168.0.0/27 = 192.168.0.0 - 192.168.0.31

You don't have the following range

192.168.0.8 - 192.168.0.15 (= 192.168.0.8/29)192.168.0.24 - 192.168.0.31 (= 192.168.0.24/29)

Therefore to supernet the four /30 networks, you only have a choice to have two larger /29 networks.

A good thing of supernetting is summary without losing details. In network device perspective, dealing with supernetting means conserving resources such memory

Page 13: Subneting Workbook

and CPU utilization.

Some discussions»[HELP] Why use the no auto-summary command for EIGRP

Broadcast Network

A loose understanding of broadcast network is a network that consists of multiple IP addresses (multiple machines). Example of broadcast network are Ethernet and Token Ring network. Following is illustration.

Ethernet

Host A         Host C          Host E|              |                |+------+-------+-------+--------+       |               |    Host B          Host D

Token Ring

      Host A         Host C        |              |        +--------------+        |              |Host B ---+              +--- Host D        |              |        +------+-------+               |             Host E

Since there are multiple IP addresses within the network, there must be a mechanism to properly select communication partner IP address when one IP address need to communicate with other IP address within the network.

The mechanism is called broadcast. This broadcast mechanism requires the communication partner IP address (the Layer 3 info) or the communication partner MAC address (the Layer 2 info) before starting the mechanism.

To find its communication partner within a broadcast network, one IP address broadcasts its communication partner IP address and expect to receive a reply from the partner with its MAC address. Once the IP address receives its communication partner MAC address, it starts to communicate with its partner using MAC address.

Network ID and Network Broadcast IP Addresses

In broadcast network, there is a need to send broadcast to find either IP address of specific MAC address, or to find MAC address of specific IP address. This process is called ARP (Address Resolution Protocol) or RARP (Reverse ARP).

To broadcast, the network utilizes an IP address. This IP address is called broadcast IP address. In a subnet, usually the broadcast IP address is the last IP address.

Page 14: Subneting Workbook

As example, the broadcast IP address of 192.168.0.0/29 subnet is the 192.168.0.7/29.

In broadcast network, there is also a term called Network ID. Network ID is an IP address that is used to identify specific subnet. In a subnet, usually the network ID is the 1st IP address.

As example, the network ID IP address of 192.168.0.8/29 subnet is the 192.168.0.8/29.

Normally Network ID and Network Broadcast IP addresses are not allowed to be used by hosts in broadcast network since such IP addresses are reserved for ARP/RARP processes. When there is a special situation as you find out later on, the Network ID and Network Broadcast IP addresses could be usable by hosts.

Subnet Zero; Network ID and Network Broadcast Subnets

Let's review the previous 192.168.0.0/28 subnet table

192.168.0.0   - 192.168.0.15  = 192.168.0.0/28192.168.0.16  - 192.168.0.31  = 192.168.0.16/28192.168.0.32  - 192.168.0.47  = 192.168.0.32/28192.168.0.48  - 192.168.0.63  = 192.168.0.48/28192.168.0.64  - 192.168.0.79  = 192.168.0.64/28192.168.0.80  - 192.168.0.95  = 192.168.0.80/28192.168.0.96  - 192.168.0.111 = 192.168.0.96/28192.168.0.112 - 192.168.0.127 = 192.168.0.112/28192.168.0.128 - 192.168.0.143 = 192.168.0.128/28192.168.0.144 - 192.168.0.159 = 192.168.0.144/28192.168.0.160 - 192.168.0.175 = 192.168.0.160/28192.168.0.176 - 192.168.0.191 = 192.168.0.176/28192.168.0.192 - 192.168.0.207 = 192.168.0.192/28192.168.0.208 - 192.168.0.223 = 192.168.0.208/28192.168.0.224 - 192.168.0.239 = 192.168.0.224/28192.168.0.240 - 192.168.0.255 = 192.168.0.240/28

Similar to the concept of Network ID and Network Broadcast IP addresses, Network ID subnet is the 1st subnet and Network Broadcast subnet is the last subnet. On the previous table,

Network ID Subnet       : 192.168.0.0/28      (also called Subnet Zero)Network Broadcast Subnet: 192.168.0.240/28

As a note, Subnet Zero itself refers to the subnet of all 0 and/or subnet of all 1 in binary system perspective. In other words, Subnet Zero refers to the Network ID (the all 0) and Network Broadcast (the all 1) subnets.

In the beginning of subnetting technology, using Network ID (or Subnet Zero) and Network Broadcast subnets are not allowed with similar reason of not allowing Network ID and Network Broadcast IP address usages. With newer technology, it is now permitable to use the Network ID and Network Broadcast subnets for host IP address assignments.

On today's network, most network are Subnet Zero applicable. When you have to assign IP addresses and/or subnet on today's network, most of the time Subnet Zero usage is assumed. However it is always a good idea to confirm if Subnet

Page 15: Subneting Workbook

Zero is permitable to use or not on specific network.

Broadcast and Point-to-Point Networks

Network ID and broadcast IP addresses usually exist in broadcast network. As mentioned earlier, network ID and broadcast IP addresses are used to find IP address within the broadcast network to be able to have one IP address to communicate to the IP address in question.

Beside a broadcast network, there is also a point-to-point network. Unlike broadcast network where there are multiple IP addresses, point-to-point network only consists of two IP addresses.

Here is an illustration

Broadcast Network

Host A         Host C          Host E|              |                |+------+-------+-------+--------+       |               |    Host B          Host D

Point-to-Point Network

Host A ------- Host B

In a point-to-point network, there should be no need to use network ID and broadcast IP addresses. When one IP address needs to communicate with other IP address, the one IP address no need to select its communication partner. Since there are only two IP addresses in the network, the other IP address must be the one that needs to be communicated with.

Note that when someone says broadcast network, the person usually means that the network consists of more than two IP addresses. It is possible however to have broadcast network consisting of only two IP addresses. If a broadcast network only consists of two IP addresses, it is basically point-to-point network.

When you have a broadcast network that consists only two IP addresses, you then have a choice to keep it as broadcast network or convert it to a point-to-point network.

Following is an illustration. Let's say we have 192.168.0.0/30 network. The network is a broadcast network. The network ID is 192.168.0.0/30 and network broadcast is 192.168.0.3/30.

In a broadcast network, the actual IP addresses that can be the host's IP addresses are the remaining after IP addresses reserved for network ID and network broadcast. In 192.168.0.0/30 network, the available IP addresses that can be the host's IP addresses are 192.168.0.1 and 192.168.0.2.

Here is the breakdown

192.168.0.0/30

Page 16: Subneting Workbook

IP Address                             : 192.168.0.0Subnet Mask                            : /30 (255.255.255.252)Number of IP address within the subnet : 4Number of IP address available for host: 2IP Address range                       : 192.168.0.0 - 192.168.0.3Network ID                             : 192.168.0.0Network Broadcast                      : 192.168.0.3IP Address range for host              : 192.168.0.1, 192.168.0.2

As you can see, there are only two actual IP addresses within 192.168.0.0/30; the 192.168.0.1 and 192.168.0.2. Therefore this broadcast network is somewhat point-to-point network. You then have an option to convert the network to be point-to-point network.

Should you decide to convert, then you can subnet 192.168.0.0/30 into two /31 networks; one is 192.168.0.0/31 and another is 192.168.0.2/31. You can use 192.168.0.0/31 for these two hosts to communicate with each other. You can then keep the 192.168.0.2/31 for future use should you have more point-to-point network.

Here is the breakdown

* Subnet 192.168.0.0/30 into 2 equal network size makes 2 of /31 networks1. 192.168.0.0/31 = 192.168.0.0, 192.168.0.12. 192.168.0.2/31 = 192.168.0.2, 192.168.0.3

* Use 192.168.0.0/31 and keep 192.168.0.2/31 for future use

* Convert hosts' interface to be point-to-point network member from broadcast network member

* Assign 192.168.0.0 with /31 subnet mask to one host and assign 192.168.0.1 with /31 subnet mask to another host

Subnetting from Binary-Number System Perspective

* Wildcard

Let's review the following tables

Subnet mask in their octet and binary form

                    O C T E T      1st.2nd.3rd.4th      1st  .  2nd   .  3rd   .  4th

/24: 255.255.255.0   = 11111111.11111111.11111111.00000000/25: 255.255.255.128 = 11111111.11111111.11111111.10000000/26: 255.255.255.192 = 11111111.11111111.11111111.11000000/27: 255.255.255.224 = 11111111.11111111.11111111.11100000/28: 255.255.255.240 = 11111111.11111111.11111111.11110000/29: 255.255.255.248 = 11111111.11111111.11111111.11111000/30: 255.255.255.252 = 11111111.11111111.11111111.11111100/31: 255.255.255.254 = 11111111.11111111.11111111.11111110/32: 255.255.255.255 = 11111111.11111111.11111111.11111111

Page 17: Subneting Workbook

Host quantity available within specific subnet

/32:   1 IP address within the subnet   =   1 host can exist within the subnet/31:   2 IP addresses within the subnet =   2 hosts can exist within the subnet/30:   4 IP addresses within the subnet =   4 hosts can exist within the subnet/29:   8 IP addresses within the subnet =   8 hosts can exist within the subnet/28:  16 IP addresses within the subnet =  16 hosts can exist within the subnet/27:  32 IP addresses within the subnet =  32 hosts can exist within the subnet/26:  64 IP addresses within the subnet =  64 hosts can exist within the subnet/25: 128 IP addresses within the subnet = 128 hosts can exist within the subnet/24: 256 IP addresses within the subnet = 256 hosts can exist within the subnet

As illustration, let's review 192.168.0.0 subnetting process and host quantity availability within as follows

  Subnet      IP Address available within the subnet192.168.0.0/32: 192.168.0.0192.168.0.0/31: 192.168.0.0, 192.168.0.1192.168.0.0/30: 192.168.0.0, 192.168.0.1, ..., 192.168.0.3192.168.0.0/29: 192.168.0.0, 192.168.0.1, ..., 192.168.0.7192.168.0.0/28: 192.168.0.0, 192.168.0.1, ..., 192.168.0.15192.168.0.0/27: 192.168.0.0, 192.168.0.1, ..., 192.168.0.31192.168.0.0/26: 192.168.0.0, 192.168.0.1, ..., 192.168.0.63192.168.0.0/25: 192.168.0.0, 192.168.0.1, ..., 192.168.0.127192.168.0.0/24: 192.168.0.0, 192.168.0.1, ..., 192.168.0.254

You may notice that the IP Address available within the subnet are within the range of its 0 (zero) bit of the binary form. In other words, the 0 (zero) bit of the binary form (or the last octect of the 4-tuple octet format) represents a set of possible number of the last octet of the subnet. Following is the illustration.

192.168.0.0 subnetting process

                    O C T E T                                IP Address available within  the subnet   1st.2nd.3rd.4th      1st  .  2nd   .  3rd   .  4th

/24: 255.255.255.0   = 11111111.11111111.11111111.00000000 = 192.168.0.0, 192.168.0.1, ... , 192.168.0.254/25: 255.255.255.128 = 11111111.11111111.11111111.10000000 = 192.168.0.0, 192.168.0.1, ... , 192.168.0.127/26: 255.255.255.192 = 11111111.11111111.11111111.11000000 = 192.168.0.0, 192.168.0.1, ... , 192.168.0.63/27: 255.255.255.224 = 11111111.11111111.11111111.11100000 = 192.168.0.0, 192.168.0.1, ... , 192.168.0.31/28: 255.255.255.240 = 11111111.11111111.11111111.11110000 = 192.168.0.0, 192.168.0.1, ... , 192.168.0.15/29: 255.255.255.248 = 11111111.11111111.11111111.11111000 = 192.168.0.0, 192.168.0.1, ... , 192.168.0.7/30: 255.255.255.252 = 11111111.11111111.11111111.11111100 = 192.168.0.0, 192.168.0.1, ... , 192.168.0.3/31: 255.255.255.254 = 11111111.11111111.11111111.11111110 = 192.168.0.0, 192.168.0.1/32: 255.255.255.255 = 11111111.11111111.11111111.11111111 = 192.168.0.0

With similar understanding, the 1 (one) bit of the binary form represents a set of "fixed" number while the 0 (zero) bit represents a set of "changing" number. From the 4-tuple octet format perspective, the first three octets are "fixed" while the

Page 18: Subneting Workbook

last octet "changes". This "changing" number as mentioned can be any number, depending on how large the subnet is. As illustration, the changing number can be ranging from 0 to 127 when the subnet is /25 size; and the changing number can be ranging from 0 to 31 when the subnet is /27 size.

Since this "changing" number varies (could be any number), often the changing number is called wildcard. Note that this understanding of wildcard is essential when you delve into Wildcard Subnet Mask as discussed in the following FAQ.

»Cisco Forum FAQ »Quick and Easy Wildcard (Inverse) Subnet Mask

Some Tips and Tricks

1. Quickly Convert CIDR Format To Dotted 4-Tuple Octet Format

Let's review the following CIDR and dotted 4-tuple octet format comparison

/32 = 255.255.255.255/31 = 255.255.255.254/30 = 255.255.255.252/29 = 255.255.255.248/28 = 255.255.255.240/27 = 255.255.255.224/26 = 255.255.255.192/25 = 255.255.255.128/24 = 255.255.255.0

As mentioned, the 1st three octet in the dotted 4-tuple always stays the same in /24 and longer prefix. In other word, only the last octet changes.

Also mentioned, there is only one IP address within /32 CIDR. The next bigger subnet size is always double of the current subnet size. In other words, there are two IP addresses within /31 CIDR (double of 1 in /32 CIDR). Following is the table

1   IP address   =   1     = /32 = 255.255.255.2552   IP addresses =   1 x 2 = /31 = 255.255.255.2544   IP addresses =   2 x 2 = /30 = 255.255.255.2528   IP addresses =   4 x 2 = /29 = 255.255.255.24816  IP addresses =   8 x 2 = /28 = 255.255.255.24032  IP addresses =  16 x 2 = /27 = 255.255.255.22464  IP addresses =  32 x 2 = /26 = 255.255.255.192128 IP addresses =  64 x 2 = /25 = 255.255.255.128256 IP addresses = 128 x 2 = /24 = 255.255.255.0

Now let's only consider the last octet on the dotted 4-tuple format. Also keep in mind the IP address amount availability within each subnet. Note the change on the last octet in the following table

/32: 255 - 0   = 255/31: 255 - 1   = 254/30: 254 - 2   = 252/29: 252 - 4   = 248/28: 248 - 8   = 240/27: 240 - 16  = 224/26: 224 - 32  = 192/25: 192 - 64  = 128

Page 19: Subneting Workbook

/24: 128 - 128 = 0

The subtraction result is always the last octet next number. You can apply this to convert CIDR format to dotted 4-tuple format quickly.

Let's say you have /26 CIDR subnet mask and you need to know how the subnet mask looks like in the dotted 4-tuple format.

Start with the longest prefix, which /32 CIDR. Here are the key points.

* The /32 always match with 255 of the last octet on the dotted 4-tuple * To convert /24 CIDR or longer prefix to the dotted 4-tuple, only consider the last octet * In /24 CIDR or longer prefix (within Class C), the 1st three are octet always the same; which is 255* /32 only has one IP address * The next bigger subnet has always double size of current subnet

Using these knowledge, you can start creating your own build-up table as follows.

/32 CIDR: 255 (the current last octet) - previous number of IP address (=  0 IP  address)   = 255 (the new current last octet)/31 CIDR: 255 (the current last octet) - previous number of IP address (=  1 IP  address)   = 254 (the new current last octet)/30 CIDR: 254 (the current last octet) - previous number of IP address (=  2 =  (1 x 2) IP  addresses) = 252 (the new current last octet)/29 CIDR: 252 (the current last octet) - previous number of IP address (=  4 =  (2 x 2) IP  addresses) = 248 (the new current last octet)/28 CIDR: 248 (the current last octet) - previous number of IP address (=  8 =  (4 x 2) IP  addresses) = 240 (the new current last octet)/27 CIDR: 240 (the current last octet) - previous number of IP address (= 16 =  (8 x 2) IP  addresses) = 224 (the new current last octet)/26 CIDR: 224 (the current last octet) - previous number of IP address (= 32 = (16 x 2) IP  addresses) = 192 (the new current last octet)

Referring to the build-up table, you know now that /26 CIDR is equal xxx.xxx.xxx.192Since the 1st three octet are always 255; then the dotted 4-tuple format equivalent to /26 CIDR is 255.255.255.192

2. Quickly Find How Many IP Address Within Specific Subnet

For the next tip, let's review the following. Say you have 255.255.255.224 subnet mask and you need to know how many IP addresses within the subnet.

You may notice that in dotted 4-tuple format, the 255 is the last number within 256 range; where 0 (zero) is the 1st number. As a note, the 256 range is based on 8-bit system; hence it is called octet (the 8-bit numbering system).

Let's review the following table

CIDR   The range       Last octet on     Number of IP address    within octet      the 4-tuple        within the subnet/32:      256        -      255        =           1/31:      256        -      254        =           2

Page 20: Subneting Workbook

/30:      256        -      252        =           4/29:      256        -      248        =           8/28:      256        -      240        =          16/27:      256        -      224        =          32/26:      256        -      192        =          64/25:      256        -      128        =         128/24:      256        -      0          =         256

Referring to the table, you know now that there are 32 IP addresses within the 255.255.255.224 subnet mask.

3. Reverse Bit Correlation Between Subnet Mask and Number of IP Address

Let's review the previous table. Note that the sum between the octet and number of IP address is always equal to 256, which is the range within octet. In the binary format, this is seen as a reverse correlation between subnet mask and IP address number. In other words, the subnet mask is always the reverse bit of the IP address number from binary format perspective.

Following is an illustration. Say you have a full Class C network. You like to subnet the network into /29 CIDR network. You like to know how many /29 subnet will be and how many IP addresses within each /29 subnet.

The full Class C network is /24 CIDR (255.255.255.0). To subnet the /24 into /29, the last octet will change while the 1st three octets are constant.

Let's focus on the last octet. Keep in mind that octet is an 8-bit binary. In binary format, this is how subnet mask looks like

                    O C T E T      1st.2nd.3rd.4th      1st  .  2nd   .  3rd   .  4th

/24: 255.255.255.0   = 11111111.11111111.11111111.00000000/25: 255.255.255.128 = 11111111.11111111.11111111.10000000/26: 255.255.255.192 = 11111111.11111111.11111111.11000000/27: 255.255.255.224 = 11111111.11111111.11111111.11100000/28: 255.255.255.240 = 11111111.11111111.11111111.11110000/29: 255.255.255.248 = 11111111.11111111.11111111.11111000/30: 255.255.255.252 = 11111111.11111111.11111111.11111100/31: 255.255.255.254 = 11111111.11111111.11111111.11111110/32: 255.255.255.255 = 11111111.11111111.11111111.11111111

From the table, you can see that the 1st 24 bit are set to 1 (one) and the remaining bit are set to 0 (zero) on /24 CIDR. On the /29, the 1st 29 bit are set to 1 and the remaining bit are set to 0. As you may realize, the set-to-one bits are the basis of CIDR format since the number behind the / shows how many contiguous bits are set to 1 (one) from the left.

Let's take the last octet (the last 8-bit) of the /29 CIDR

11111000

The reverse bit is

00000111

Page 21: Subneting Workbook

As you may notice,

11111000 = 1 x 2^7 + 1 x 2^6 + 1 x 2^5 + 1 x 2^4 + 1 x 2^3 + 0 x 2^2 + 0 x 2^1 + 0 x 2^0       = 128     + 64      + 32      + 16      + 8       + 0       + 0       + 0       = 248

00000111 = 0 x 2^7 + 0 x 2^6 + 0 x 2^5 + 0 x 2^4 + 0 x 2^3 + 1 x 2^2 + 1 x 2^1 + 1 x 2^0       = 8

The 248 represents the last octet of the /29 subnet mask and the 8 represents the number of IP addresses within the /29 subnet.

Since you are subnetting /24 into /29, then you only consider the last octet. From the last octet perspective, the 1st five bits are set to 1. As mentioned, the set-to-one bits represents the subnet mask and the set-to-zero bits represents the IP address number within the subnet.

To find out the subnet mask quantity from the last octet perspective,

* take the number of bits that are set to 1; which is five * take this five as the power of 2 as 2^5* 2^5 = 32

This 32 represents the quantity of /29 subnet that you will have when you subnet /24 network into /29 network.

To find out the IP address quantity within each /29 subnet from the last octet perspective,

* take the number of bits that are set to 0; which is three* take this three as the power of 2 as 2^3* 2^3 = 8

This 8 represents the quantity of IP address that you will have within each /29 subnet.

Note:This subnet mask reverse bit is the foundation of wildcard (inverse subnet mask) understanding. Check out following FAQ for further info.

»Cisco Forum FAQ »Quick and Easy Wildcard (Inverse) Subnet Mask

When you deal with broadcast network, then you must reserve one IP address (the 1st one, the all zero) for Network ID and reserve another IP address (the last one, the all one) for Network Broadcast. With the /29 subnet, then there are 6 usable IP addresses (8 - 1 for Network ID - 1 for Network Broadcast) for hosts.

There is a similar situation with the subnet quantity. Note that so far the assumption is that you can use Subnet Zero, which are the 1st (the all zero, Network ID) and last (the all one, Network Broadcast) subnets. When you cannot use Subnet Zero, then there are only 30 usable subnets (32 - 1 for Network ID - 1

Page 22: Subneting Workbook

for Network Broadcast) for hosts when you subnet /24 into /29 network.

4. Quickly Determine Specific Subnet Range

Let's review the previous illustration of subnetting /24 into /29 network. This time you like to see what the 23rd subnet looks like or what the 23rd subnet range is when the /24 network is 192.168.100.0 network.

Since this is subnetting /24 into longer prefix, you only need to focus on the last octet; where the 1st three octet are constant.

To quickly determine the subnet range is, you can use the following formula to determine the last octet of the Network ID number (the 1st number within the last octet).

Last Octet Network ID number of the n-th subnet = (n - 1) x Number of IP addresses within the subnet

Once you have the Network ID number, you can add that number by (Number of IP addresses within the subnet - 1) to have the Broadcast ID number (the last number within the last octet).

At this point, you should have the 1st and the last number within the last octet. In other words, you now have the subnet range which shows you the 1st and the last IP addresses.

Following is the illustration with the 192.168.100.0/24 subnetting into /29 networks.

As mentioned, there are 8 IP addresses within /29 network. Since you like to know what the 23rd subnet range is, then the n = 23.

To find out the last octet Network ID number,

(23 - 1) x 8 = 176

To find out the last octet Network Broadcast number,

176 + (8 - 1) = 183

Therefore the 23rd /29 subnet range is

192.168.100.176 - 192.168.100.183 = 192.168.100.176/29

where

Network ID IP address        = 192.168.100.176Network Broadcast IP address = 192.168.100.183Usable IP addresses          = 192.168.100.177, 192.168.100.178, 192.168.100.179,                             192.168.100.180, 192.168.100.181, 192.168.100.182

As you may notice, the (n - 1) part shows that the formula assumes you use

Page 23: Subneting Workbook

Subnet Zero. The formula is therefore alterable easily when Subnet Zero is not in use.

5. Convert Dotted 4-Tuple Subnet Mask Format Into CIDR Format

Let's say you have 255.255.255.192 subnet mask. You like to know how the subnet mask looks in CIDR format.

As mentioned, CIDR format is based on the binary format. Therefore you need to use binary to convert. Don't worry! As usual, there is always use of minimal binary calculation :)

Following are the steps when deals with /24 subnetting:

* Determine IP address quantity within the subnet* Find out n where 2^n = IP address quantity within the subnet* Subtract 8 by n* Take the subtraction result as additional set-to-one bits to the 1st 24 bits set to one* Add the total number of bits set to one* This total number represents the CIDR format

Let's use an illustration to convert the 255.255.255.192 into CIDR format. When you build up your own table (or memorize it), you know there are 64 IP addresses within 255.255.255.192 subnet mask.

Find out n where 2^n = 64

By simple calculation (and probably some trial and error), you find that n = 6

Recall the previous discussion that the n = 6 represents the six set-to-zero bits within the last octet. Since there are only 8 bits within a single octet, the set-to-one bit quantity within the last octet are two. In other word, subtract 8 by 6 to have 2.

From the same discussion, recall that 255.255.255.0 network has the 1st 24 bits set to one where the remaining 8 bits are set to zero. In 255.255.255.192, there are additional 2 set-to-one bits within the last octet as you earlier find out. Therefore 255.255.255.192 network has the 1st 26 bits set to one (24 + additional 2) where the remaining 6 bits are set to zero.

Since CIDR format bases on the 1st set-to-one bits, the 255.255.255.192 subnet mask is equal to /26 CIDR.

Subnetting and Network Design

The simpler approach on how to be more familiar with subnetting is probably by doing a network design. There will be three network design processes presented here to illustrate subnetting concept and implementation further.

In representing the network design, there are terms and definitions used as follow.

* Internet

Page 24: Subneting Workbook

Internet is loosely definied as network outside of local and/or private network.

* IP NetworkIP Network is a network that is based on IP addresses and subnets.

* Same NetworkSame Network is a network that is shared between multiple hosts. These hosts reside within the same range of network. In other words, all host share the same Network ID and Broadcast IP addresses. As example, a network of 192.168.0.0/25 that hosts multiple machines with the same Network ID IP address of 192.168.0.0 and Broadcast IP address of 192.168.0.127

* Different NetworkDifferent Network is a network that has a different Network ID and different Broadcast IP addresses than other IP network. As example, there are two networks of 192.168.0.0/25 and 192.168.0.128/30 where the first network has Network ID IP address of 192.168.0.0 and Broadcast IP address of 192.168.0.127 and the second network has Network ID IP address of 192.168.0.128 and Broadcast IP address of 192.168.0.131

* RouterRouter is pretty much a host with special functionality. This special functionality is to provide interconnection between hosts of multiple subnets. Therefore a router is a network device that interconnect multiple subnets for communication purposes between hosts in different subnets. Since router deals with subnet interconnection, it is seen as Layer-3 network device.

In later illustration, you will see that IP network interconnection is needed when hosts in different network need to communicate between each other. Router provides this IP network interconnection mechanism.

* (Router) InterfaceRouter Interfaces or simply Interface is a router port that serve as entry and/or exit point to interconnect multiple subnets. When this Interface has IP address, the IP address is seen as an IP address of a host within specific subnet. From multiple subnet interconnection perspective, you will see that this IP address serves as next hop to reach destination subnet or subnet outside local subnet. Since the IP address serves as next hop to reach subnet outside local subnet, it can be used as default gateway to reach those outside subnets.

* SwitchSwitch is a network device that connect hosts within the same network. Since switch deals only with host connection of the same network, it is seen as Layer-2 network device and does not by default deals with Layer-3 info such as IP address and subnet mask.

In later illustration, you will see that IP network interconnection is not needed when hosts in the same network need to communicate between each other. Instead, the hosts just use Layer-2 communication mechanism which is the MAC address as described briefly in Network ID and Network Broadcast IP Addresses previous discussion.

Confused about those terms and definitions? Don't worry. Keep reading and slowly but surely those terms and definitions come in to your understanding naturally. :)

Page 25: Subneting Workbook

Network Design #1

Let's say you have the following situation. There are three different departments that need access within each other and the Internet. Each department has currently 10 hosts total in form of 7 PC, 2 servers, and 1 printer.

To setup the network, you are supplied with one router with 4 interfaces and three switches. Following is the network setup.

                                Internet                                   |                                   |                                 Router                                 | | |      +--------------------------+ | +-------------------------+      |                            |                           |  Switch #1                    Switch #2                    Switch #3  |   |   |                    |   |   |                    |   |   | PC   |  Printer              PC   |  Printer              PC   |  Printer   Server                        Server                       Server

where each switch is dedicated for each department.

Let's say you are given a Class C subnet of 192.168.0.0/24 to support the entire network.

Since there are multiple hosts within the entire organization, the network type choice is a broadcast network. It is also decided that each department would have independent subnet. To interconnect departments and to allow Internet access, there will be IP routing mechanism for subnet inter-communication.

Referring to the host IP address availability table, the closest subnets for 10 hosts are /29 and /28. /29 subnet size is 8, which won't fit 10 hosts. For 10 hosts, the smallest subnet size that fit would then be the /28.

In /28, there are 16 IP addresses. Assuming two IP addresses are already reserved as the network ID and broadcast addresses, then there are 14 remaining IP addresses for host.

Since there are 10 hosts for each department, then there would be dedicated /28 subnet for one of each.

You can then assign the following subnet for each department

1st Department: 192.168.0.0/28 (192.168.0.1 - 192.168.0.14)2nd Department: 192.168.0.16/28 (192.168.0.17 - 192.168.0.30)3rd Department: 192.168.0.32/28 (192.168.0.33 - 192.168.0.46)

Note that this process of determining subnet mask of certain network to fit specific need of certain number of host within the network is called Variable-Length Subnet Masking (VLSM). By subnetting a larger network into smaller networks with certain host size the network can hold, there should be minimal to no waste of IP address use.

As in any network, there is no point of creating VLSM to reserve IP address use

Page 26: Subneting Workbook

without some kind of mechanism to provide communication between these smaller-size networks. In other words, there must be some (IP) routing in place for inter-communication between networks or between device in different network such as inter-communication between devices in 1st, 2nd, and 3rd departments.

In routing technology, there is a network device that act as a gateway to reach outside network. In other words, this gateway device should be able to handle traffic routing between networks. The perfect device to handle the routing is the router. Therefore the router should handle the gateway IP address.

Since each subnet has its own gateway IP address, then each subnet requires dedicated router interface to handle gateway business. Note that there are four networks that need to intercommunicate. The 1st three networks are the 1st, 2nd, and 3rd Departments (192.168.0.0/28, 192.168.0.16/28, and 192.168.0.32/28 respectively). The last network is the Internet. Each of these networks requires dedicated router interface to act as the gateway to handle gateway business of reaching outside network.

This gateway in IP network shows as just another host within certain network. Therefore there would be one IP address from each above subnet reserved for the gateway.

Let's say then1st Department gateway IP address: 192.168.0.14/282nd Department gateway IP address: 192.168.0.17/283rd Department gateway IP address: 192.168.0.37/28

Now each subnet has 13 IP addresses available remaining. These should be available for all hosts within each department.

1st Department host IP addresses: 192.168.0.1 - 192.168.0.132nd Department host IP addresses: 192.168.0.18 - 192.168.0.303rd Department host IP addresses: 192.168.0.33 - 192.168.0.36, 192.168.0.38 - 192.168.0.46

As mentioned, there is only one router for the entire organization network. Fortunately, this router has 4 different interfaces with routing capabilities. You can then have each router interface to handle gateway IP address of each department and to reach the Internet.

Let's say Switch #1 is dedicated for 1st Department, Switch #2 is dedicated for 2nd Department, and Switch #3 is dedicated for 3rd Department. Therefore the following applies to all hosts that connect to the respective switch.

Switch #1:IP address range: 192.168.0.1 - 192.168.0.14Subnet Mask: /28 (or 255.255.255.240)Gateway: 192.168.0.14

Switch #2:IP address range: 192.168.0.17 - 192.168.0.30Subnet Mask: /28 (or 255.255.255.240)Gateway: 192.168.0.17

Switch #3:IP address range: 192.168.0.33 - 192.168.0.46

Page 27: Subneting Workbook

Subnet Mask: /28 (or 255.255.255.240)Gateway: 192.168.0.37

Let's take closer look to 1st Department's hosts. One host will have the following.

192.168.0.2/28

Here is the detail subnet info

IP Address                             : 192.168.0.2Subnet Mask                            : /28 (255.255.255.240)Number of IP address within the subnet : 16Number of IP address available for host: 14IP Address range                       : 192.168.0.0 - 192.168.0.15Network ID                             : 192.168.0.0Network Broadcast                      : 192.168.0.15IP Address range for host              : 192.168.0.1 - 192.168.0.14Gateway IP Address of the subnet       : 192.168.0.14IP Address range available             : 192.168.0.1 - 192.168.0.13

The table leads to these understanding

* 192.168.0.0 is reserved for Network ID

* 192.168.0.15 is reserved for Network Broadcast

* 192.168.0.14 is reserved for gateway (the router, or to be precise; the router interface that acts as gateway dedicated for hosts within 192.168.0.0/28 to reach outside network such as the other 192.168.0.x hosts and the Internet)

* 192.168.0.1 - 192.168.0.13 range is available for the PCs, servers, printers, and any network device within the 1st Department that need network connectivity

* When you set network info on (let's say) a server, the server network info would be the following

IP Address: 192.168.0.2 (or any IP address within 192.168.0.1 - 192.168.0.13 range)Subnet Mask: /28 (255.255.255.240)Gateway: 192.168.0.14 (pointing to the router)

Similar situation applies to other hosts within 2nd and 3rd Departments.

2nd Department

192.168.0.28/28

IP Address                             : 192.168.0.28Subnet Mask                            : /28 (255.255.255.240)Number of IP address within the subnet : 16Number of IP address available for host: 14IP Address range                       : 192.168.0.16 - 192.168.0.31Network ID                             : 192.168.0.16Network Broadcast                      : 192.168.0.31

Page 28: Subneting Workbook

IP Address range for host              : 192.168.0.17 - 192.168.0.30Gateway IP Address of the subnet       : 192.168.0.17IP Address range available             : 192.168.0.18 - 192.168.0.30

3rd Department

192.168.0.41/28

IP Address                             : 192.168.0.41Subnet Mask                            : /28 (255.255.255.240)Number of IP address within the subnet : 16Number of IP address available for host: 14IP Address range                       : 192.168.0.32 - 192.168.0.47Network ID                             : 192.168.0.32Network Broadcast                      : 192.168.0.47IP Address range for host              : 192.168.0.33 - 192.168.0.46Gateway IP Address of the subnet       : 192.168.0.37IP Address range available             : 192.168.0.33 - 192.168.0.36,                                       192.168.0.38 - 192.168.0.46

The router will have the following IP address assignment.

1st interfaceIP Address: 192.168.0.14Subnet Mask: 255.255.255.240

2nd interfaceIP Address: 192.168.0.17Subnet Mask: 255.255.255.240

3rd interfaceIP Address: 192.168.0.37Subnet Mask: 255.255.255.240

where the router's 1st interface will act as the gateway of the 1st Department's hosts, 2nd interface will act as the gateway of the 2nd Department's hosts, and 3rd interface will act as the gateway of the 3rd Department's hosts respectively.

As mentioned, hosts within all department need to reach other hosts that reside at outside world (i.e. the Internet). These outside world hosts do not reside within 192.168.0.0/28, 192.168.0.16/28, and 192.168.0.32/28. To connect to the outside world, the router must have ability to reach subnets that are not within 192.168.0.0/28, 192.168.0.16/28, and 192.168.0.32/28.

To set the router to have such ability, there are multiple ways. One way is to define each and every subnet available within the outside world. When the router is running BGP peering with ISP and receive full BGP table, the router then has all of these outside world subnets defined.

Another way to set the router is to define the gateway. As mentioned, the gateway should be device that has ability to do routing. In addition, this device must have knowledge on how to reach those outside subnets.

The perfect choice is the ISP device that the router connects to. For this connection, the router is utilizing the 4th interface. You should assign the router's

Page 29: Subneting Workbook

4th interface IP address and subnet based on the network info your ISP provides. The router's 4th interface then will serve the entire organization network connectivity to the outside world.

Should you choose to set gateway to reach outside world, you then use the ISP device IP address. On the ISP network info, this device IP address is usually mentioned as gateway or default gateway.

In Cisco router, the command to set gateway is the following

ip route 0.0.0.0 0.0.0.0 [ISP DEVICE IP ADDRESS]

The command basically informs the router that to reach subnets that are unknown or undefined, use the ISP device as the next hop.

FYI, gateway or default gateway term is sometime referred as "the gateway of last resort" since it will be used only to reach unknown or undefined subnets.

Some discussions

»Break /25 into small and large subnet?»Subnetting question

Network Design #2

After some assessment, it is predicted that 1st Department host number would be triple within 2 years. 2nd Department host number is predicted would be double also within 2 years. 3rd Department host number remains the same after 2 years.

In addition, there are additional two departments. Let's say these two departments are called 4th and 5th Departments. The 4th Department host number will be five. The 5th Department host number will be three.

There will be plan to host three new servers that are accessible from the Internet. To simplify administration, the existing servers and printers will be moved and kept under the same area as the new servers. Let's call this area "server farm".

To provide network security (i.e. to protect the Internet-accessible servers), there will be dedicated firewall box facing the Internet. Since you are using Private IP Address (192.168.0.0/24), there will be plan to use this firewall box also as NAT/PAT device.

Side Note

Check out the following FAQ for more info on NAT/PAT»Cisco Forum FAQ »NAT, PAT, Port Forward, Internet and Server Access: Introduction and Practices

To support this new setup, you are provided with the following new equipments

* One 2-interface firewall box* Two 4-interface router* One 2-interface router* Four switches

Page 30: Subneting Workbook

The following is the new network setup.

                                Internet                                   |                                   |                                Firewall                                   |                                   |                                Router 4                                   |                                   |                                 Switch                                |  |  |               +----------------+  |  +-------------------+               |                   |                      |            Router 1            Router 2               Router 3            |  |  |                |                    |   |           1st |  3rd              |                   4th 5th              2nd               Switch                                 | | |  +---+---+--------------------+-+-+-+-+--------------------+---+---+  |   |   |                    |   |   |                    |   |   |Server | Server              Server |  Server            Printer |  Printer    Server                      Server                       Printer

  Existing                Internet-accessible

Note that there are multiple network types with this new network design. Network of Router 1, 1st Dept., 2nd Dept., and 3rd Dept. is a broadcast network. Broadcast network type also applies to Router 2 and Server Farm network; Router 3, 4th Dept., and 5th Dept. network; and lastly the Router 1, Router 2, Router 3, and Router 4 network.

However network type of Firewall and Router 4 network is point-to-point network. In this case, we had hardware and/or media type restriction that is unable to function as point-to-point network. Therefore the network type used would be still broadcast network, only that it consists of two useable IP addresses (somewhat point-to-point network).

Based on this, we can keep using the existing router (that serves 1st, 2nd, and 3rd Dept.) as Router 1. The two new 4-interface routers will be Router 2 and Router 3 respectively. The 2-interface router will then be Router 4.

To start, let's recalculate the assigned subnets for each department.

1st Dept.  : /27 subnet to cover 30 hosts2nd Dept.  : /27 subnet to cover 20 hosts3rd Dept.  : /28 subnet to cover the same 10 hosts4th Dept.  : /29 subnet to cover 5 hosts5th Dept.  : /29 subnet to cover 3 hostsServer Farm: /28 subnet to cover 12 hosts

We will be minimizing on readdressing all the hosts. Therefore there will be IP address reusing and reassigning.

Page 31: Subneting Workbook

1st Dept.  : 192.168.0.0/27 (192.168.0.1 - 192.168.0.30)2nd Dept.  : 192.168.0.32/27 (192.168.0.33 - 192.168.0.62)3rd Dept.  : 192.168.0.64/28 (192.168.0.65 - 192.168.0.78)4th Dept.  : 192.168.0.80/29 (192.168.0.81 - 192.168.0.86)5th Dept.  : 192.168.0.88/29 (192.168.0.89 - 192.168.0.94)Server Farm: 192.168.0.96/28 (192.168.0.97 - 192.168.0.110)

Network Info

1st Dept.IP address range: 192.168.0.1 - 192.168.0.30Subnet Mask: /27 (or 255.255.255.224)Gateway: 192.168.0.14

2nd Dept.IP address range: 192.168.0.33 - 192.168.0.62Subnet Mask: /27 (or 255.255.255.224)Gateway: 192.168.0.33

3rd Dept.IP address range: 192.168.0.65 - 192.168.0.78Subnet Mask: /28 (or 255.255.255.240)Gateway: 192.168.0.78

4th Dept.IP address range: 192.168.0.81 - 192.168.0.86Subnet Mask: /29 (or 255.255.255.248)Gateway: 192.168.0.81

5th Dept.IP address range: 192.168.0.89 - 192.168.0.94Subnet Mask: /29 (or 255.255.255.248)Gateway: 192.168.0.94

Server FarmIP address range: 192.168.0.97 - 192.168.0.110Subnet Mask: /28 (or 255.255.255.240)Gateway: 192.168.0.110

Since there will be routing between four routers, Firewall, and the Internet; there will be a need to assign specific subnet for specific connection.

Between Router 4 and Firewall

Host #           : 2Smallest Subnet  : /30Subnet Assignment: 192.168.0.240/30

Between Routers

Host #           : 4Smallest Subnet  : /29Subnet Assignment: 192.168.0.248/29

Router 1

Page 32: Subneting Workbook

1st interfaceIP Address: 192.168.0.14Subnet Mask: 255.255.255.224

2nd interfaceIP Address: 192.168.0.33Subnet Mask: 255.255.255.224

3rd interfaceIP Address: 192.168.0.78Subnet Mask: 255.255.255.240

Router 2

1st interfaceIP Address: 192.168.0.110Subnet Mask: 255.255.255.240

Router 3

1st interfaceIP Address: 192.168.0.81Subnet Mask: 255.255.255.248

2nd interfaceIP Address: 192.168.0.94Subnet Mask: 255.255.255.248

To route between routers, there must be routes of reaching specific subnets using specific next hop IP address. To support these routes, there will be a need to assign specific IP address to specific router interface.

Router 1

4th interfaceIP address: 192.168.0.250Subnet Mask: 255.255.255.248

Router 2

4th interfaceIP address: 192.168.0.251Subnet Mask: 255.255.255.248

Router 3

4th interfaceIP address: 192.168.0.252Subnet Mask: 255.255.255.248

Router 4

1st interface

Page 33: Subneting Workbook

IP address: 192.168.0.249Subnet Mask: 255.255.255.248

Notice that 192.168.0.0/26 (192.168.0.1 - 192.168.0.62) and 192.168.0.64/28 subnets are under Router 1. Similarly, 192.168.0.80/28 (192.168.0.81 - 192.168.0.94) subnet is under Router 3. Lastly 192.168.0.96/28 is under Router 2.

Let's take close look on the 192.168.0.0/26. From other routers' perspective, Router 1 is presenting two consecutive /27 networks; the 192.168.0.0/27 and 192.168.0.32/27. You then have a choice to combine these two /27 networks to become a single larger /26 network of 192.168.0.0/26. In other words, you can supernet both /27 networks to be a /26 network.

Similarly, 4th and 5th Depts subnets (that the Router 3 presenting to other routers) are also candidates for supernetting of 192.168.0.80/28. To conserve router's resources, we then supernet the networks.

From Router 1 perspective, followings are the route reachability

* Use 192.168.0.251 as the next hop to reach 192.168.0.96/28* Use 192.168.0.252 as the next hop to reach 192.168.0.80/28 * Use 192.168.0.249 as the gateway

From Router 2 perspective, followings are the route reachability

* Use 192.168.0.250 as the next hop to reach 192.168.0.0/26* Use 192.168.0.250 as the next hop to reach 192.168.0.64/28 * Use 192.168.0.252 as the next hop to reach 192.168.0.80/28 * Use 192.168.0.249 as the gateway

From Router 3 perspective, followings are the route reachability

* Use 192.168.0.250 as the next hop to reach 192.168.0.0/26* Use 192.168.0.250 as the next hop to reach 192.168.0.64/28 * Use 192.168.0.251 as the next hop to reach 192.168.0.96/28* Use 192.168.0.249 as the gateway

To route between Firewall and Routers, there must be routes of reaching specific subnets using specific next hop IP address. To support these routes, there will be a need to assign specific IP address to specific device interface.

Router 4

2nd interfaceIP address: 192.168.0.242Subnet Mask: 255.255.255.252

Firewall

1st interfaceIP address: 192.168.0.241Subnet Mask: 255.255.255.252

2nd interface

Page 34: Subneting Workbook

IP address: refer to the ISP network infoSubnet Mask: refer to the ISP network info

From Router 4 perspective, followings are the route reachability

* Use 192.168.0.250 as the next hop to reach 192.168.0.0/26* Use 192.168.0.250 as the next hop to reach 192.168.0.64/28 * Use 192.168.0.252 as the next hop to reach 192.168.0.80/28* Use 192.168.0.251 as the next hop to reach 192.168.0.96/28* Use 192.168.0.241 as the gateway

From Firewall perspective, followings are the route reachability

* Use 192.168.0.242 as the next hop to reach 192.168.0.0/24 (another supernet)* Use ISP Device IP Address as the gateway

With this new network design, similar route statements are in place as follow.

Router 1

ip route 192.168.0.96 255.255.255.240 192.168.0.251 ip route 192.168.0.80 255.255.255.240 192.168.0.252ip route 0.0.0.0 0.0.0.0 192.168.0.249

Router 2

ip route 192.168.0.0 255.255.255.224 192.168.0.250ip route 192.168.0.64 255.255.255.248 192.168.0.250ip route 192.168.0.80 255.255.255.240 192.168.0.252ip route 0.0.0.0 0.0.0.0 192.168.0.249

Router 3

ip route 192.168.0.0 255.255.255.224 192.168.0.250ip route 192.168.0.64 255.255.255.248 192.168.0.250ip route 192.168.0.96 255.255.255.240 192.168.0.251ip route 0.0.0.0 0.0.0.0 192.168.0.249

Router 4

ip route 192.168.0.0 255.255.255.224 192.168.0.250ip route 192.168.0.64 255.255.255.248 192.168.0.250ip route 192.168.0.80 255.255.255.240 192.168.0.252ip route 192.168.0.96 255.255.255.240 192.168.0.251ip route 0.0.0.0 0.0.0.0 192.168.0.241

Firewall

ip route 192.168.0.0 255.255.255.0 192.168.0.242ip route 0.0.0.0 0.0.0.0 [ISP DEVICE IP ADDRESS]

As a note, the ip-route statement is a command in Cisco routers to setup static route in IP network, creating specific route statements as defined above.

Page 35: Subneting Workbook

Suggestion

Since only the new servers are Internet accessible, it is a good idea to separate them from the existing servers by group. One group will be the Internet accessible server group and another group will be the non-Internet accessible server group. This separation objective is to provide more secured network and broadcast traffic control.

The separation involves assigning dedicated subnet to each server group. You should be able to do the work by either subnet the existing 192.168.0.96/28 network or reassign/renumber network devices with minimal changes on the existing network design.

Network Design #3

You may notice that above network design is pretty much what small business have as their network. Let's have another look of network design. This time you need to setup private network that consist of three sites as follows.

                                          INTERNET                                              |                                              |                                       Internet Router                                              |                                              |                                          Router 1 ------- Switch 1 --- LAN 1                                           |    |                                           |    |          +--------------------------------+    +-----------------------------------+          |                                                                         |          |                                                                         |       Router 2 ---- Switch 2                                       Switch 3 ---- Router  3                        |                                              |                        |                                              |                      LAN 2                                          LAN 3

As previous illustration, you are assigned 192.168.0.0/24 to use for private network.

Following is one way of design the network.* Three /30 subnets for point-to-point network: Router 1-2, Router 1-3, Router 1-Internet Router* One /25 subnet for LAN 1* Two /27 subnets for other LAN: LAN 2 and LAN 3

Side Note:

In real-live network, this network design could be a hub-and-spoke private network where the Router 1 and LAN 1 is the Main Office where others are Branch Offices. In addition, Main Office tends to house more hosts to serve all offices. Therefore you may need to assign larger subnet for Main Office and to assign smaller subnet for Branch Office.

This network design could also be a local network within one office where the Router 1 and LAN 1 is the Main router with its network and each of other routers represent departement router. For more sample network design, check out the

Page 36: Subneting Workbook

following FAQ.»Cisco Forum FAQ »Should I use Layer-3 switch or router?

Subnet Assignment

Three /30 subnets: 192.168.0.192/30, 192.168.0.196/30, 192.168.0.200/30One /25 subnet   : 192.168.0.0/25Two /26 subnets  : 192.168.0.128/27, 192.168.0.160/27

Site 1Router 1 - Internet Router: 192.168.0.192/30, where .193 is for Router 1 and .194 is for Internet RouterLAN 1: 192.168.0.0/25, where .1 is for Router 1 (also LAN 1 default gateway) and .2 - .126 are for hosts

Site 2Router 1 - Router 2: 192.168.0.196/30, where .197 is for Router 1 and .198 is for Router 2LAN 2: 192.168.0.128/27, where .129 is for Router 2 (also LAN 2 default gateway) and .130 - .158 are for hosts

Site 3Router 1 - Router 3: 192.168.0.200/30, where .201 is for Router 1 and .202 is for Router 3LAN 3: 192.168.0.160/27, where .161 is for Router 3 (also LAN 3 default gateway) and .162 - .191 are for hosts

Following are the network setup with their associated subnet assignment

                                          INTERNET                                              |                                              |                                       Internet Router                                         .193 |                       192.168.0.192/30       |                                              |                                         .194 |                                              |     192.168.0.0/25                                          Router 1 ---------------- Switch 1 --- LAN 1                                           |    |  .1                          .2 to   . 126                                           |    |                                      .197 |    | .201                    192.168.0.196/30       |    |       192.168.0.200/30                                           |    |          +--------------------------------+    +-----------------------------------+          |                                                                         |     .198 |      192.168.0.128/27                              192.168.0.160/27     |    .202       Router 2 ------------------ Switch 2          Switch 3 ------------------ Router  3                .129                   |                 |                     .161                                       |                 |                                     LAN 2             LAN 3                                  .130 - .158       .162 - .191

IP Routing Reachability

Page 37: Subneting Workbook

Router 1To reach the Internet (0.0.0.0/0): through 192.168.0.193To reach LAN 2 (192.168.0.128/27): through 192.168.0.198To reach LAN 3 (192.168.0.160/27): through 192.168.0.202

Router 2To reach anyplace (other LAN and the Internet which is in other words 0.0.0.0/0): through 192.168.0.197

Router 3To reach anyplace (other LAN and the Internet which is in other words 0.0.0.0/0): through 192.168.0.201

Internet RouterTo reach the Internet (0.0.0.0/0): through ISP router IP address (or the Internet Router default gateway)To reach any private sites (192.168.0.0/24): through 192.168.0.194

Routing Statement

Router 1:ip route 0.0.0.0 0.0.0.0 192.168.0.193 name Internet Accessip route 192.168.0.128 255.255.255.224 192.168.0.198 name LAN 2ip route 192.168.0.160 255.255.255.224 192.168.0.202 name LAN 3

Router 2:ip route 0.0.0.0 0.0.0.0 192.168.0.197 name Outside Access

Router 3:ip route 0.0.0.0 0.0.0.0 192.168.0.201 name Outside Access

Internet Router:ip route 0.0.0.0 0.0.0.0 [ISP DEFAULT GATEWAY IP ADDRESS]ip route 192.168.0.0 255.255.255.0 192.168.0.194 name Private Networks

Classless, Classful, CIDR Longer and Shorter Prefixes in Routing

As shown on previous network design, there is a default gateway route and there are routes to reach specific subnets. You may notice that these routes to reach specific subnets are preferable to reach the intended subnets or IP addresses. When there are no available routes to reach specific subnets, then the default gateway route is chosen as the last resort.

1. First Illustration

Let's review the following routes

ip route 0.0.0.0 0.0.0.0 192.168.0.193ip route 192.168.0.0 255.255.255.0 192.168.0.1ip route 192.168.0.128 255.255.255.224 192.168.0.198ip route 192.168.0.160 255.255.255.224 192.168.0.202

Let's say there is a traffic that need to reach a host with IP address of 192.168.0.165. This IP address falls within the 192.168.0.160/27 route. Therefore the traffic will be forwarded via the 192.168.0.202 host. As a note, this

Page 38: Subneting Workbook

192.168.0.202 IP address host is called the next hop IP address to reach the 192.168.0.160/27 subnet.

For the next example, let's say there is a traffic that need to reach a host with IP address of 192.168.0.16. This IP address does not fall within the 192.168.0.128/27 nor the 192.168.0.160/27 routes. There is however a route to reach any IP address that falls within 192.168.0.0/24 range. Therefore the traffic will be forwarded via the 192.168.0.1 host.

As a next example, let's say there is a traffic that need to reach a host with IP address of 192.168.2.16. This IP address does not fall within the 192.168.0.128/27 nor the 192.168.0.160/27 routes. This IP address does not fall within the 192.168.0.0/24 range either. There is however a route to reach any IP address that can be used as last resort when there is no match to any of the specific route available. Therefore the traffic will be forwarded via the 192.168.0.193 host.

2. Second Illustration

Now let's say there are following routes

ip route 0.0.0.0 0.0.0.0 192.168.0.193ip route 192.168.0.0 255.255.255.0 192.168.0.1ip route 192.168.0.128 255.255.255.224 192.168.0.198ip route 192.168.0.160 255.255.255.224 192.168.0.202ip route 192.168.0.164 255.255.255.252 192.168.0.230

Let's review the previous illustration that say there is a traffic that need to reach a host with IP address of 192.168.0.165. This IP address falls within the 192.168.0.160/27 route. There is however more specific route to reach a host with IP address that falls within the 192.168.0.164/30 route.

Note that in IP routing, route with more specific info or in other words longer prefix is preferable to the less specific info or in other words shorter prefix. Therefore the traffic that need to reach a host with IP address of 192.168.0.165 will be forwarded via the 192.168.0.230 host instead of 192.168.0.202 host.

3. Third Illustration

As a next illustration, let's review the following routes

ip route 0.0.0.0 0.0.0.0 192.168.0.193ip route 192.168.0.0 255.255.255.0 192.168.0.1ip route 192.168.0.128 255.255.255.224 192.168.0.198ip route 192.168.0.160 255.255.255.224 192.168.0.202!no ip classless

Let's say there is a traffic that need to reach a host with IP address of 192.168.0.165. This IP address falls within the 192.168.0.160/27 route. There is however a statement of no ip classless is being used. This statement means that any CIDR routes with more specific than their classful route are ignored. This statement also means that a classful routing is used and will ignore any subnetted network.

On early discussion, there are terms called Class A, B, and C network. As example,

Page 39: Subneting Workbook

following is a list of some Class A, B, and C network available in IP (IP version 4) network.

Class A network: 10.0.0.0/8Class B network: 172.16.0.0/16, 172.17.0.0/16Class C network: 192.168.0.0/24, 192.168.1.0/24, 192.168.43.0/24

Let's say there is a route that fall under 10.0.0.0/8. When the no ip classless is being used, any specific routes than 10.0.0.0/8 to reach IP address that fall under 10.0.0.0/8 will be ignored. Similarly, any specific routes than 192.168.0.0/24 to reach IP address that fall under 192.168.0.0/24 will be ignored when the no ip classless is being used.

When more specific routes that have longer prefix are being ignored, traffic will take either the full class network route or will take the default gateway route as the last resort if available. In the case of reaching IP address that fall under 192.168.0.0/24, any routes that are more specific or have longer prefix than the 192.168.0.0/24 will be ignored and instead the traffic will take the route to reach the entire 192.168.0.0/24 or will take the default gateway route as the last resort when available.

With the need of reaching a host with IP address of 192.168.0.165, the other two routes with more specific routes or have longer prefix than 192.168.0.0/24 are ignored. Instead the traffic will consider the 192.168.0.0/24 route. Therefore the traffic that need to reach a host with IP address of 192.168.0.165 will be forwarded via the 192.168.0.1 host instead of 192.168.0.202 host.

In the case of following routes

ip route 0.0.0.0 0.0.0.0 192.168.0.193ip route 192.168.0.128 255.255.255.224 192.168.0.198ip route 192.168.0.160 255.255.255.224 192.168.0.202!no ip classless

then a traffic that need to reach a host with IP address of 192.168.0.165 will be forwarded via the 192.168.0.193 since there is no specific route to reach the 192.168.0.0/24 route.

As you may note in this illustration, a Classful routing system is used instead of a Classless routing system. In Classful routing system (as indicated by the no-ip-classless statement), any routes that have longer prefix than their associated Class A, B, or C network as result of subnetting are ignored. With Classful routing system, more specific routes or routes with longer prefix are preferred.

You can check out the following for more info on Classful and Classless routing system

Wikipedia - Classful networkTCP/IP Guide - Class A, B and C Network and Host Capacities

Some discussion»[CCNA] Undertanding Next hop routing answer

IP Route, Subnet Mask, and Broadcast Domain

Page 40: Subneting Workbook

As mentioned earlier, the traffic flow is determined based on IP route availability. This IP route availability is called IP Routing Table or Routing Table in short. The Routing Table holds the IP route availability in form of Network ID with its associated Subnet Mask. There is also an IP address of the host used as gateway to reach the intended host IP address. This IP address is called the next hop IP address.

Let's review the following illustration. There are three hosts A, B, and C with IP address of 192.168.0.10/25, 192.168.0.56/25, and 192.168.0.130/25 respectively. From the subnet mask, you can see that both A and B are within the same network (192.168.0.0/25) where C is within different network (192.168.0.128/25).

When there are hosts within the same network, the hosts are called within the same network or within the same broadcast domain. Let's discuss this broadcast domain further.

There was a mention of a Layer-2 mechanism called Broadcast used for communication between hosts within the same network. The network is sometime called Broadcast Domain, since the broadcast traffic only exists within the network (within the domain) and does not by default leave outside the network.

You may note that this Broadcast Domain relates closely to Subnet Mask. By checking IP addresses and Subnet Masks of itself and the other host's, a host can tell if the other host in communicating partnership is within the same network or is outside network.

As example, the host A has IP address of 192.168.0.10 with /25 subnet mask. Host A needs to communicate with Host B of 192.168.0.56 with /25 subnet mask. By checking its own IP address and subnet mask, and B's IP address and subnet mask, Host A can tell that A is within the same network (the same Broadcast Domain) as host B. Similarly by checking IP addresses and subnet mask, Host B can tell that B is within the same Broadcast Domain as A.

Since both hosts A and B know that they are in the same Broadcast Domain, both hosts know that there will be no route necessary to communicate between each other. Both hosts A and B simply do their Layer-2 mechanism without the necessity of routing the traffic flow.

When A needs to communicate with C of 192.168.0.130/25 let's say, the same mechanism of checking IP address and subnet mask takes place. Using the mechanism, A knows that C is at outside network (outside the Broadcast Domain) of A. Similarly by using the mechanism, C knows that A is at outside the Broadcast Domain of C. Since both hosts A and C know that they are at different network, both hosts know a Layer-3 IP routing mechanism is needed. The same consequences take place when B needs to communicate with C.

Now let's say there is a host D of 192.168.0.6/24 IP address. From the IP address, hosts A and B think that the host D is within the same network as them. However host C also thinks that host D is within the same network as C itself since /24 subnet mask includes the 192.168.0.128/25. From host D perspective, D sees A, B, and C as hosts that stay within the same subnet as D itself due to the host D's subnet mask identity. The existance of such host D as you may note create confusion. In real network, this confusion create routing and traffic flow ambiguity which lead to inability to communicate between host D and the rest of the network (say A, B, and C).

Page 41: Subneting Workbook

Recommended