IPv4: classes and subnets

IPv4 Limitations

IPv4 has proven to be a fantastic layer 3 protocol.  It is mind boggling how many devices are on the Internet today.  The Internet is a much different and more complex environment than what was around 40 years ago, back when IPv4 was first introduced.  With that being said, IPv4 does have its drawbacks.  One of the problems is addressing space.  NAT and PAT was conceived to help out with this problem.  However, they are only a band aid.  Eventually, we will have to upgrade to IPv6.  Another problem with IPv4 is broadcast traffic.  In layer 2, switches and bridges divides a network into collision domains.  However, routers and gateways can divide a network into broadcast domains.  A broadcast domain is an area of a network that confines broadcasts.  In an earlier post, I discussed ARP and ARP requests.  Every device that shares the same network address can communicate directly with each other.  So, in order to find out an IP address of another device, an ARP request is sent.  At your house with only a few devices, this is not a problem.  However, imagine a bigger office with 500 or more computers.  That is a lot of broadcast traffic.  In fact, this is why adding a device on an Ethernet degrades the network exponentially.  In order to combat this problem, a network can be divided into multiple broadcast domains through subnetting.  Subnet (subnetwork) in IPv4 is an area in a network that shares the same network address.  Every device in a subnet has the same network address, can communicate with each other directly, and are bound in a broadcast domain.

This is where the subnet mask comes into play.  A subnet mask is used by a device to determine what network address (or subnet address) the device is on.  This is done by taking its IP address and subnet mask and pass it through the ‘and’ logic gate.  By doing this, something interesting happens.  A subnet mask can divide an IP address into two: a network number and a host number.  The network number is the first half of an IP address, which is the same in all the IP addresses that share the same network address.  The host address is the second half of an IP address that is unique to all the devices in a subnet so that they can be identified.  Consider a host has an address 192.234.127.3 with a subnet mask 255.255.255.0.  Using the subnet mask, the first numbers 192.234.127 is the network number while 3 is the host number.  Every device on the same network would have an IP address beginning with 192.234.127.  The last number would be different on all the devices.

Subnetting

Subnetting scares off a lot of people because it is necessary to know binary and know how to ‘and.’  Once when you get these two concepts down, you might be able to see how powerful subnetting can be.  Consider the first input of the and gate the subnet mask and the second input the IP address.  If the subnet mask bit is 1, the output will be the same as the IP address bit.  If the subnet mask is 0, the output will be 0 regardless of the IP address.  When deciding a subnet mask, all the 1 bits have to be on the left while all the 0 bits have to be on the right.  So, you cannot have a subnet mask number that is 10100110.  You can have a subnet mask number 11110000.

Let’s look at the IP 192.234.127.3 with a subnet mask of 255.255.255.0.  IP addresses are 32 bit addresses grouped into 8 bits each.  If there are 8 bits that are ’1′, the decimal number would be 255.  So, the subnet mask is 11111111.11111111.11111111.00000000 in binary.  All the 1 bits are on the left while all the 0 bits are on the right.  You cannot have 11111111.11111111.00000000.11111111 as a subnet mask.  What I will do is ‘and’ the 192 and the first 255 together to illustrate what I mean when I wrote in the last paragraph that the output would be the same as the IP address when the subnet mask bits are ’1′.  255/base10 = 11111111/base2 and 192/base10 = 11000000/base2.  In ‘anding,’ the answer is true (1) only when both inputs are true.  Else, the answer is false.  So, working from left to right, the first pair of bits are ’1′ and ’1′.  This makes the output ’1.’  The second pair is ’1′ and ’1′ respectively.  So the output is also ’1′.  The third bit in the subnet mask is ’1′ and the third bit in the IP address is ’0′.  In ‘anding,’ the output would be a ’0′ since both inputs are not ’1.’  The rest of the pairs are ’1′ and ’0,’ so the output of the rest of the bits are going to be ’0′.  The end result of ‘anding’ the subnet:11111111 to IP:11000000 will be 11000000, same as the IP.  This is why when the bits are ’1′ in the subnet mask, the output would be the same as the IP address.

Now, lets ‘and’ the 0 and 2 together (the last digits.)  0 in eight bits is 00000000.  2 in eight bits is 00000010.  Following the rules of ‘anding,’ the first pair ’0′ and ’0′ will have an output of ’0′ since they are both not true.  The next five pairs are ’0′ and ’0′, so their output is going to be ’0′.  The only pair that is different is the seventh.  The subnet mask bit is ’0′ and the IP address bit is ’1.’  However, the answer will still be ’0′ because both answers need to be ’1′ in order for the answer to be ’1′.  This is why having ’0′ bits in the subnet mask will make the answer ’0′ regardless of the IP address.

So, what does this all mean?  If you were to ‘and’ the first three numbers of the IP address and the subnet mask, you will get 192.234.127.  This is the network number.  If you were to ‘and’ any IP address in the range 192.234.127.0 to 192.234.127.255, you will get the same network number.  ‘Anding’ all four numbers of the IP address to all four numbers of the subnet mask will give you 192.234.127.0.  This is the network address.  No host can use this as an IP address.  Say that one host has 192.234.127.16 as the IP address and wants to communicate with 192.234.127.79.  ‘Anding’ its own address with the subnet mask 255.255.255.0 and ‘anding’ the destination’s address with 255.255.255.0 will get the same answer: 192.234.127.0.  Both network addresses are the same.  The host can communicate directly to the destination without going through a gateway.

Reserved Addresses

The network address is reserved in a range of IP addresses which are determined by a subnet mask.  The easiest way to figure this out is by dividing an IP address into two based on subnet mask.  In the example I have been using, 192.234.127 is one number and 2 is the other number (because the first three numbers are ‘anded’ with 255s while the last number is ‘anded’ by 0.)  The last eight bits are the host number.  Making all the bits of the host number ’0′, then writing it with the network number will make 192.234.127.0.  This is the network address.  Another address reserved is called the broadcast address.  The broadcast address is used when a host wants to send a message to all the other devices on the same subnet.  The broadcast address is determined by making all the bits in the host number ’1′.  So, 192.234.127.255 is the broadcast address of the subnet example we have been using.

Advance Subnetting

What is the point of all this work?  I spent five paragraphs explaining how to ‘and’ 192.234.127.2 with 255.255.255.0 when this could have been explained in five sentences.  The reason why I did the long way of explaining this concept is because it will now be much easier to explain if the subnet mask is 255.255.255.192.  IT IS POSSIBLE TO USE A SUBNET MASK THAT HAS ANOTHER NUMBER BESIDES 255 AND 0.  255.255.255.192 is a valid subnet mask because it is 11111111.11111111.11111111.11000000 in binary.  As I explained earlier, all the 1 bits have to be on the left and all the 0 bits have to be on the right.  Lets use the IP address 192.234.127.100 and ‘and’ it with 255.255.255.192.  As in my previous example, 192.234.127 will be the same since the first three numbers of the subnet mask is 255.  We will worry about the last one.  ‘Anding’ 192/base10 = 11000000/base2 and 100/base10 = 01100100/base2 will give you 01000000 as an answer.  So, the network address ill be 192.234.127.64.  The last six bits represent the host number because they are ’0′ in the subnet mask.  In order to find the broadcast address, they all have to be ones.  The first two bits remain as 0 and 1 respectively.  If they change, it would change the network number, thus it would be on a different subnet.  So, 01 with 111111 makes 01111111, or 127.  192.234.127.127 is the broadcast address.

All of this work has a point.  If you are administering a network that begins with 192.234.127 and have 200 computers, using the subnet mask 255.255.255.192 will divide your network into four subnets.  Assuming that the first three numbers will be the same across your network, two bits of the last octet are ‘borrowed’ to make 255.255.255.192.  Two bits make four possibilities: 00, 01, 10 and 11.  The first IP address in the range of your subnet is the network address and the last number is the broadcast address.  192.234.127.0-192.234.127.63 is the first range.  Since 192.234.127.0 and 192.234.127.63 are reserved, IP addresses 192.234.127.1 to 192.234.127.62 are on one subnet.  192.234.127.65 to 192.234.127.126 are on another, 192.234.127.129 to 192.234.127.190 are on another, and 192.234.127.193 to 192.234.127.254 are on another.  That is four subnets, each allowing up to 62 devices.  Borrowing more bits will allow more subnets, but will reduce the amount of devices allowed on each subnet.

VLSM

Traditionally, your subnet mask needs to be the same across your network.  You can’t use 255.255.255.0 in one subnet and 255.255.255.128 in another subnet.  So, your subnet mask would have to be based on the subnet with the most hosts.  This rule can waste a lot of IP addresses.  Imagine a situation where multiple routers are used.  If there was one line connecting two routers together, that one line is a subnet.  However, VLSM gets around this rule.  VLSM (Variable Length Subnet Mask) enables you to use different subnet masks on different subnets.  This is a huge help, especially connecting two routers together.  You can use 255.255.255.252 as a subnet mask.  This will give four addresses: network address, broadcast address, IP address for router A, and IP address for router B.  In order to use VLSM, the routing protocol used has to support it.  However, each device on the same subnet still have to use the same subnet mask.

Classes

Understanding the concept of IP classes are important, especially at the time before NAT and PAT.  Before these were used, the ISP would give you a network address with a subnet mask, and you were stuck using that range of IP addresses.  So, if you were given 192.234.127.0 with 255.255.255.0, every device on your network had to fall in the range of 192.234.127.1 to 192.234.127.254.  You were allowed to ‘borrow’ bits in the last octet of your subnet mask in order to divide your network into multiple subnets.  However, the first three numbers of your IP addresses have to be 192.168.127.  Because of this rule, IP addresses are divided into classes.  Although some IP addresses are reserved for other things, I will discuss the general ranges of the different classes

Class A:  Looking at the first octet only, if the first bit is ’0′, then the IP is a class A (0xxxxxxx, where x does not matter if it is a 1 or 0.)  This will give the range 0 to 127.  10.124.32.4 is a class A address.  the default subnet mask used is 255.0.0.0.  This means that there are not a lot of networks, but they are huge.  So, 10.0.0.1 to 10.255.255.254 is a range of a class A network.  Class A networks are used for the government.

Class B:  Looking at the first octet again, if the first bit is 1 and the second bit is 0, then the IP is a class B (10xxxxxx, where x does not matter if it is a 1 or 0.)  This gives the range 128 to 191.  The default subnet mask used is 255.255.0.0.  This allows much more network numbers than class A, but smaller networks.  Class B is used for medium sized businesses.

Class C: On the first octet, if the first bit and second bit is 1 and the third bit is 0, then the IP is a class C (110xxxxx, where x does not matter if it is a 1 or 0.)  This gives the range 192 to 223.  The default subnet mask used is 255.255.255.0.  There are a lot more Class C networks than Class A or Class B, although they are much smaller.  Class C is used for smaller businesses or at home.

Class D and E:  Class D IPs are used mainly for experimental purposes or for multicast.  Multicast is a way for a device to send data to multiple recipients.  Class E addresses are used for broadcasting.  Class D and class E addresses are reserved addresses and should net be used on a network.

Resources