Tutorial: Subnet Masks
Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: Tutorial: Subnet Masks

  1. #1
    Old-Fogey:Addicts founder Terr's Avatar
    Join Date
    Aug 2001
    Location
    Seattle, WA
    Posts
    2,007

    Cool Tutorial: Subnet Masks

    Damn. I wrote almost all of this out, then I must have hit refresh or backspace while outside of the text box or something, because then Opera caused me to lose all my text. Bleh.

    Anyway, this is about Subnet masks, as I understood them when clicking 'reply', anyway.
    Now I've made it it's own thread.

    I will assume people know about BINARY NOTATION, because I don't want to have to write that part all out again.

    A subnet mask often looks curiosly akin to an IP address, but they are different things. A subnet mask lets your computer figure out which addresses are local, or near you, in your office, for instance, and which ones are outside.
    Code:
    Common masks are:
    255.255.0.0
    and 
    255.255.255.0
    
    Which, in binary, are:
    11111111.11111111.00000000.00000000
    and
    11111111.11111111.11111111.00000000
    respectively.
    The computer compares the mask to the destination IP addresses, such as:

    207.220.12.23 = 11001111.11011100.00001100.00010111
    or
    199.217.30.90 = 11000111.11011001.00011110.01011010


    and your own IP, such as:
    199.217.30.84 = 11000111.11011001.00011110.01010100


    Code:
    IP 1    11001111.11011100.00001100.00010111   (207.220.12.23)
    IP 2    11000111.11011001.00011110.01011010   (199.217.30.90)
    YOUR IP 11000111.11011001.00011110.01010100   (199.217.30.84)
    Mask    11111111.11111111.11111111.00000000   (255.255.255.0)
    So it takes your IP, and takes away all the digits in your IP which correspond to digits that are 0's in the mask, and then does the same thing with the destination IP, leaving:
    Code:
    Yours:
    11000111.11011001.00011110.-------
    Destination 1:
    11001111.11011100.00001100.-------
    Destination 2:
    11000111.11011001.00011110.-------
    It then compares yours and the desination. If they match, then it knows you are sending to a computer that is on your LAN, and if they don't, it knows that the destination could be halfway across the world. In the above example, IP #1 Is not local, and IP #2 is local.

    The tricky part comes when you have a subnet mask that is NOT just 255s and zeros, such as
    Code:
    MASK = 255.255.252.0 = 11111111.11111111.11111100.00000000
    Can you see the difference?

    Lets whip up a new set of IP addresses.
    Code:
    IP 1    11000111.11011001.10101110.00000011   (199.217.174.3)
    IP 2    11000111.11011001.00011011.01001010   (199.217.27.74)
    IP 3    11000111.11011001.00011111.01001010   (199.217.31.74)
    YOUR IP 11000111.11011001.00011110.01010100   (199.217.30.84)
    MASK    11111111.11111111.11111100.00000000   (255.255.252.0)
    So, running all of these through the mask, we get:

    Code:
    IP 1    11000111.11011001.101011--.--------   (199.217.174.3)
    IP 2    11000111.11011001.000110--.--------   (199.217.27.74)
    IP 3    11000111.11011001.000111--.--------   (199.217.31.74)
    YOUR IP 11000111.11011001.000111--.--------   (199.217.30.84)
    As you can clearly see, only IP #3 is the same as your own IP, IP's #1 and #2 are *SLIGHTLY* different, but different enough to be non-local. As I hint, I'd say the most important thing to know about subnet masks is that 255.255.252.0 is ONLY short-hand for:
    11111111.11111111.11111100.00000000 !

    Just because the number has 252, doesn't mean you get ((255 - 0) * (255 - 252))=765 addresses that are local, you get 11111111.11111111.11111100.00000000 ten binary digits, or 1024 local addresses!


    Some people may also have heard of or use CIDR, which shows addresses and their masks like this: (Using previous example)

    199.217.30.84 / 22
    which means that the FIRST 22 DIGITS of the mask are 1s, and the last 10 are zeros. So it is like saying:
    Address 199.217.30.84, subnet mask 11111111.11111111.11111100.00000000
    (The first 22 digits are ones.)

    Anyway, I hope that helps, and correct me if I made a mistake, I don't deal with this stuff for a living or anything. Shout outs to UltraEdit, for letting me actually write this thing out again without worrying about losing it on the web

    EDIT: Changed [pre] and [/pre] to [(/)code] tags.
    EDIT: Changed the way I phrased that last edit message so that it didn't look weird onscreen because of the way it was parsed by the board.
    [HvC]Terr: L33T Technical Proficiency

  2. #2
    Senior Member
    Join Date
    Jul 2001
    Posts
    196

    Talking

    Great post!!

    Very educational stuff on the message board today

    Thought I would bump this one to the top with the other.

  3. #3
    Junior Member
    Join Date
    Aug 2001
    Posts
    17
    Thats a great post on subnetting, heres a little snippit on supernetting:

    Officially, supernetting is the term used when multiple network addresses of the same Class are combined into blocks. If the IP networks are contiguous, you may be able to use a supernet. If the IP networks are not contiguous, you would need to use sub-interfaces. These are not currently supported on Compatible Systems routers but are supported on routers from Cisco Systems.

    A prerequisite for supernetting is that the network addresses be consecutive and that they fall on the correct boundaries. To combine two Class C networks, the first address' third octet must be evenly divisible by 2. If you would like to supernet 8 networks, the mask would be 255.255.248.0 and the first address' third octet needs to be evenly divisible by 8. For example, 198.41.15.0 and 198.41.16.0 could NOT be combined into a supernet, but you would be able to combine 198.41.18.0 and 198.41.19.0 into a supernet.

    An IP address is a 32-bit number (4 bytes, called "octets", separated by periods, commonly called "dots.") Supernetting is most often used to combine Class C addresses (the first octet has values from 192 through 223). A single Class C IP network has 24 bits for the network portion of the IP address, and 8 bits for the host portion of the IP address. This gives a possibility of 256 hosts within a Class C IP network (2^8=256).

    The subnet mask for a Class C IP network is normally 255.255.255.0. To use a supernet, the number of bits used for the subnet mask is REDUCED. For example, by using a 23 bit mask (255.255.254.0 -- 23 bits for the network portion of the IP network, and 9 bits for the host portion), you effectively create a single IP network with 512 addresses. Supernetting, or combining blocks of IP networks, is the basis for most routing protocols currently used on the Internet.

  4. #4
    Junior Member
    Join Date
    Sep 2001
    Posts
    1

    Thumbs up Thank you!

    Thank you for that post, it was very helpful! I was recently going over subnet masks in school and trying to understand the concept of binary ANDing. Thinking of it like a literal mask and comparing the portion of the IP "covered" by 1's is much easier to understand! Thanks!

  5. #5
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,429
    Just because I happen to like 'binary ANDing', here's one of Terrs examples explained using logical operators...

    1. Logical Operator AND

    The logical expression X AND Y (X && Y) only is true (1) when X is true (1) AND Y is true (1).
    --> X Y X AND Y

    0 0 0
    1 0 0
    0 1 0
    1 1 1

    2. Logical Operator OR

    The logical expression X OR Y (X || Y) is true if X is true OR Y is true.
    --> X Y X OR Y

    0 0 0
    1 0 1
    0 1 1
    1 1 1

    3. Logical Operator NOT (!)
    --> X NOT X
    0 1
    1 0

    Pretty easy, no?

    And now, exclusively for AntiOnline! An exercise!

    Is this true?
    --> NOT ((8 > 6 AND 4 > 3) AND (2 < 4 OR 6 < 5))

    Nope, it's not, because:

    1. 2 < 4 OR 6 < 5: this one is true
    1 0 1

    2. 8 > 6 AND 4 > 3: this one is true
    1 1 1

    3. 1 (from 1.) AND 1 (from 2.): true

    4. NOT 1 (from 4.): 0, or false.

    Now, using this in Terr's examples, we'd get something like this:
    (Sorry for editing, Terr )

    Let's take this one:

    IP 1 11000111.11011001.10101110.00000011 (199.217.174.3)

    MASK 11111111.11111111.11111100.00000000 (255.255.252.0)

    -->
    Code:
            11000111.11011001.10101110.00000011  (IP 1)
    AND     11111111.11111111.11111100.00000000  (MASK)
    =       11000111.11011001.10101100.00000000  (masked IP)
    Not as easy to understand as Terr's method, but this is how it actually is calculated...

  6. #6
    Banned
    Join Date
    Aug 2001
    Posts
    89

    Thumbs up

    Nice info. Terr

    Keep it up


  7. #7
    Junior Member
    Join Date
    Aug 2001
    Posts
    18

    Smile

    Mmmmmm. . . subnetting. . verynice.

    I liked the way you handled the binary explanation Terr, very good.
    Any time someone asks me about subnetting I like to tell them its much easier to understand in binary form (which it is), you get the best confused/scared looks from that :] But it is true, if you try to understand subnetting without the binary part, you will get lost.

    Heh, on a side note, one day my boss was explaining to some people how a spread spectrum radio scrambles the data. he was explaining it in binary, how it uses XOR.
    He of course stated that there are 8 bits in a byte for those that didn't know
    and then he mentioned that 4 bits is a nibble.

    everyone thought he was joking

  8. #8
    Old-Fogey:Addicts founder Terr's Avatar
    Join Date
    Aug 2001
    Location
    Seattle, WA
    Posts
    2,007
    Thx.

    I thought it was a 'nybble' though. With a 'y'.
    [HvC]Terr: L33T Technical Proficiency

  9. #9
    Banned
    Join Date
    Sep 2001
    Posts
    522

    good info

    good info terr, i never really payed attention to subnet masks, i always listed them as 255.255.255.0, well thats because ive allways worked w. small networks that only need that.

    anyway, thanks for that important info

  10. #10
    Junior Member
    Join Date
    Aug 2001
    Posts
    18

    Post

    actually Terr you are half right.
    both spellings are valid, just depends on personal preference. nybble is more of a tech slang spelling of it, but they are both commonly used.

    bite-->byte, nibble-->nybble

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides