There are two tutorials on Subnet masking already and both were pretty good. So why have I decided to try adding another. Well for a couple of reasons: each person explains it in their own way and while to one person it is confusing to another it is enlightening, second there were some minor holes I wanted to see filled.

Before working with a subnet mask you must first determine what the network mask is. The network mask is required by standard and cannot be modified. There are three common network types that are commonly dealt with and these are called Classes. So you have a Class A, Class B, and Class C network. There are also Class D and Class E but these are specially reservered addresses that most of us will never use.

To work with Masks we must work in binary or memorize things. If we look at a standard IP address written in decimal 192.168.4.67 we know that this points to a specific device. But, can we tell what class it is? If you have spent a lot of time with networking you probably can. But if we rewrite this in Binary form 11000000.10101000.00000100.01000011. Now while this is much harder to try to memorize it helps us to analyze the class. If you look at the far left Octet the first three binary positions tell you the class.

CLASS LEFT OCTET DESIGNATOR DECIMAL RANGE OF CLASS
CLASS A = 0 0 - 127
CLASS B = 10 128-191
CLASS C = 110 192-223

From this example we can see that our first octet starts off 110 so we have a Class C network. Each Class of network has it's own network mask.

CLASS A 255.0.0.0 8
CLASS B 255.255.0.0 16
CLASS C 255.255.255.0 24

Remember the network mask is REQUIRED and connot be modified. All subnetting takes place in the "0" or masked portion of the Network Mask. This area is yours to play with. Let us use a Class B network for our Examples. With a Class B we will be given the first two octets and will control the last two octets. So we will choose a Class B, the first octet must be between 129 and 190 decimal. Our network will be 129.64.0.0.

Two special addresses are reserved for broadcast messages and multicast messages. Broadcast = all zero's and multicast = all one's. So whenever we subnet we are going to lose a certain number of networks.

HOW DOES A NETWORK/SUBNET MASK WORK

Again we need to go to binary. A Mask operation is a bitwise AND of two binary numbers, the address and the mask. Lets take two addresses and see if they are on the same subnet or not. We have 129.64.32.2 and 129.64.32.129. Without any subnetting we will put these into binary:

As you can see whereever there is a 1 in the mask the network address just shows right through, but where there is a 0 it is hidden or masked. Now we can see that the two masked numbers are the same, therefore they are on the same network. It didn't matter that the third and fourth octets were different because they were masked. Only the first two were used to determine if they were on the same network. A subnet extends this mask to make subnets.

SUBNETS vs HOSTS

When you subnet you are going to split your address space up into Subnets and Hosts. Subnets are the area of the address that are allowed through, Hosts are the area of the address that are masked. When you subnet you are setting up a number of subnets and a number of hosts. To calculate how many of each you use the same formula with slightly different input. The formula is 2^n-2 where n is the number of 1's in the subnet mask for subnets and n is the number of 0's in a mask for hosts.

For example: Lets say we want to have no more than 128 hosts per subnet. Then we could determine the number of zeros by working backward. 128 <= 2^n-2. The closest we come is 7. 2^8-2 = 254, 2^7-2 = 126, and 2^6 -2 = 62. So we will use 7 zero's. Now the total length of the address that we can subnet is 16 therefore we must have 9 one's. So our Subnet Mask will be 11111111.10000000 or in decimal 255.128, the entire mask would be 255.255.255.128 or in bit notation 25 (the number of 1's in the mask).

Did we lose any addresses? You bet we did. Remember a Class B has 65534 addresses. Now we have 2^9-2 = 510 Subnets with 126 Hosts per subnet or 510*126 = 64260. We lost 1274 addresses due to our subnetting. But we gained a lot of control over our network and made the lookup tables on the routers very small indeed.

Let's see what has happened to our two addresses we used earlier

If you look they are not on the same subnet anymore. The last Octet is different which means that the router will recognize that they are on different subnets and proceed to route them to the proper port or router to deliver their packets as swiftly and efficiently as possible.

We can also approach this same problem from a different viewpoint. Rather than selecting hosts lets determine a number of networks. I think I would rather administer 254 networks and see how many hosts that will give me per network. So using 2^n-2 and some trial and error 2^7-2 = 126, 2^8-2 =254, 2^9-2=510, I can see that 8 bits is dead on. Since I have a Class B with 16 bits and I am using 8 for the subnets that leaves me 8 for the hosts as well. Now I have 254 subnets with 254 Hosts per subnet. I am still losing 1018 addresses but so what, I have good control and my routers will not be overtaxed by bad addressing. So the subnet mask looks like 255.255.255.0. Hold on, that looks like a Class C network mask. Well it is, and this is very common. By subnetting our Class B to look like a Class C we, humans, can compare addresses and determine if they are on the same subnet easily. Now the third octet is the subnet determiner, if it is the same then the addresses are on the same subnet, if it is different then they are not.

129.64.32.2 and 129.64.32.4 are because the first three octets are the same
129.64.32.2 and 129.64.33.2 are not because the 3rd octet is different.

Summary:

1. Determine the type of network you have (A, B, C)
2. Apply the correct network Mask. This cannot be changed.
3. Determine the number of octets you have to control (multiply by 8 to get bits)
4. Decide on the number of Hosts/subnet you want or the number of subnets you want.
5. Use the formula 2^n-2 to determine the number of bits required to achieve your goal (1's for subnets, 0's for hosts)
6. Subract that number from the number of bits you control to find the opposite number.
7. Write out the subnet mask in binary with all 1's to the left and all zero's to the right.
8. Convert to decimal, or count the 1's to get the bit notation
9. Gloat and dance like a madman because you're a real networker now

2. Nice tutorial, SodaMoca--easy to read and understand. A tool I use for quick subnet and masking calculations is the IP Subnet Calculator from WildPackets (http://www.wildpackets.com/products/ipsubnetcalculator). It comes in handy for quick calculations!

...aberration...

Number of hosts supported and Max. number of networks per class
Class A - supports 16 million hosts on each of 127 networks
Class B - supports 65,000 hosts on each of 16,000 networks
Class C - supports 254 hosts on each of 2 million networks

IP Classes
Class A - 1-126
Loopback - 127
* Loopback is used by the host to send messaged to itself.
Class B - 128-191
Class C - 192-223
Class D - 224-231
* Used for multicast (sent to many addresses)
Class E - 232-254
* Experimental