You can find Czech version of the description below in my article TCP/IP - adresy, masky, subnety a vypocty.
A computer network is a connection of two or more computers some form of telecommunication system. The reason for using a computer network is to share sources. We can classify networks by many parameters. Some frequently used technologies are Ethernet, with protocol TCP/IP, for Local Area Network (LAN - cover a small geographical area and provide high bandwidth with low delays) and Frame Relay for Wide Area Network (WAN - interconnecting of LANs).
Because real networks are really large, we can't communicate directly with all computers. So we divide a networks into smaller parts (hierarchically) and these parts are called subnetworks. Another reason is because we need to assigne some addresses to some organizations. LAN is a subnet or group of a subnets. Network devices in an IP subnet have a common IP address prefix. Communication between subnets is done by routers. Dividing a network into smaller parts is also good for performance, because broadcasts (packets sent to everyone) don't cross a subnet border. Virtual LAN (VLANs) are used to have more subnets on one switch.
An IP (Internet Protocol) address is a logical address of a device in a computer network using IP protocol (works on Layer 3 of ISO/OSI model). IP addresses are used on the Internet. IP addresses are stored as 32-bit binary numbers, but they are displayed as four decimal numbers divided with a dot (dot-decimal notation), example
22.214.171.124. An IP address indicates the logical location of a device. An IP address range is from
0.0.0.0 to 126.96.36.199. Public addresses are managed by IANA (Internet Assigned Numbers Authority) and blocks of addresses are allocated to Local Internet Registries. These address blocks correspondent to geological locations.
Note: I'm writing here about older and still-in-use Internet Protocol Version 4 (IPv4), but there is a new Version 6 of this protocol (IPv6) which uses 128 bits for the address and offers many more addresses.
If you want to find the IP address of your computer (often a private address), you can use a command
ipconfig /all on Windows OS or
ifconfig on Linux OS.
Basically an IP address has two parts, a network-identifying prefix followed by a host address within that network. During the evolution of IP subneting there were a lot of changes. It started with classful networking, where a network prefix was firmly done by an IP address (and its class). Across classless networking, where we can take a part of a host number from a class and use this part as a subnet number. So we can divide a class into more than one subnet with a lower count of hosts. Until today's subneting, which uses CIDR, where we use arbitrary network prefixes.
Notice: Although use of CIDR, still is common to divide an IP address into 3 parts, where network numbers are done by class (even if we use a classless network), a subnet number is separated from this class, and the rest is a host part. This is important when we calculate a number of subnets.
classful <network-prefix><-------host-number--------> classless <network-number><subnet-number><host-number> classless <-------network-prefix--------><host-number>
Public IP addresses are a major part of IP addresses. These addresses are used on the internet or other WAN (Wide Area Network) and could be routed in these networks.
Private IP addresses are used on a LAN (Local Area Network) and if you want to communicate to the internet you must translate this address to a public IP address. A common solution for address translation is NAT (Network Address Translation). We use private IP addresses to save the amount of public IP addresses.
|network||network ID||broadcast address||hosts addresses||class|
|10.0.0.0/8||10.0.0.0||10.255.255.255||10.0.0.1 - 10.255.255.254||class A|
|172.16.0.0/12||172.16.0.0||172.31.255.255||172.16.0.1 - 172.31.255.254||class B|
|192.168.0.0/16||192.168.0.0||192.168.255.255||192.168.0.1 - 192.168.255.254||class C|
We also have some IP address ranges with special meanings.
|network||network ID||broadcast address||name|
|0.0.0.0/32||default network ID (zero)|
|127.0.0.0/8||127.0.0.0||127.255.255.255||localhost loopback addresses|
|169.254.0.0/16||169.254.0.0||169.254.255.255||zeroconf addresses (APIPA)|
|192.0.2.0/24||192.0.2.0||192.0.2.255||documentation and examples|
|188.8.131.52/23||184.108.40.206||220.127.116.11||network device benchmark|
|18.104.22.168/24||22.214.171.124||126.96.36.199||IPv6 to IPv4 relay Anycast|
The first IP address of a subnet cannot be assigned to the host. This address identifies the subnetwork, it is called a network ID (or base address or network address). This address has only zeros in the host part.
The last IP address of a subnet cannot be assigned to the host either, but is a subnet broadcast address. This address is used for a subnet directed broadcast, it is a message which is sent to all hosts in this subnet. This address has only ones in the host part. A subnet directed broadcast is routed through the network as a unicast, until it reaches the last hop router, and here it is sent as a full broadcast to this subnet. A full broadcast address has only ones in all octets, it is
Note: We have 3 types of communication (sending data). First is a unicast, when one host sends a message to another host. A broadcast, when one host sends a message either to all hosts (normally works for all hosts in the same subnet) or to all hosts in one specific subnet. And the last method is a multicast, when one host sends a message to a specific group of other hosts.
All other addresses in a subnet are host addresses. These addresses can be assigned to network devices such as computer. Here is an example how addresses look in the subnet
192.168.5.12/30. Mask /30 is binary
|IP address||binary||type of address|
Subnet mask tell us which part of an address is a network part and which is a host part. Network part designates a subnet and is used for routing to this subnet. Host part designates all members of this subnet and is useful only in this subnet. Subnet mask in IPv4 consist of 32 bits and normally is represented using dot-decimal form. Valid mask has ones from left side followed by zeros (after first zero can be only zeros). Example of a subnet mask is
Notice: Subnet mask
255.255.255.254 is not allowed, because it has a 0 of possible hosts (it is possible to use this mask for some special point-to-point links). Mask
255.255.255.255 addresses not a subnet, but one host.
Next table show details about all subnet masks.
|CIDR||decimal||number of addresses||classful||subnets|
A shorter and easier form for representing a subnet mask is a Classless Inter-Domain Routing (CIDR) form. It's an IP address followed by a slash (/) and the number of one bits in the binary notation of the subnet mask (or only /number-of-bits). For example we have an IP address
192.168.100.25 with a subnet mask
255.255.255.240, binary form of this mask is
11111111.11111111.11111111.11110000, so a CIDR representation is
Note: CIDR is not only a representation form, but also brings some mechanisms like VLSM, aggregation and more.
Variable Length Subnet Mask (VLSM) is a technique on which CIDR is based. It allows allocation on arbitrary length prefixes, it uses classless routing.
For some special applications (e.g. Cisco IOS access list) there is an inverse form of subnet mask called wildcard mask. We can do negation functions on a binary representation of a subnet mask, or take every decimal octet and calculate
255 - octet. For example, subnet mask
255.255.255.240 has wildcard mask
Old versions of Internet Protocol divided IP addresses into 5 classes, all of which define a subnet mask. Dividing into classes is done by the first bits of an IP address. A subnet mask isn't sent with an IP address during communication, because it is determined by IP address.
|class||significant bits||address range||mask||CIDR mask||note|
|class A||0xxx||0 - 127.x.x.x||255.0.0.0||/8||general|
|class B||10xx||128 - 191.x.x.x||255.255.0.0||/16||general|
|class C||110x||192 - 223.x.x.x||255.255.255.0||/24||general|
|class D||1110||224 - 239.x.x.x||multicast|
|class E||1111||240 - 255.x.x.x||reserved|
Soon, after greater use of the internet, it became obvious that classful network design is inefficient and not scalable. So new a network design was developed using VLSM and CIDR. It's called classless network. It allowed the division of classes into smaller subnets.
VLSM and CIDR let us use an aggregation of multiple contiguous subnetworks into one supernet. Supernets save space and resources during the routing process. If we have two subnets
192.168.1.0/24, the supernet is
The maximum number of hosts and subnets in a particular subnetwork is designated by a subnet mask. A subnet mask divides an IP address into the network part and the host part by a number of ones and zeros. So we translate a subnet mask into binary form, or we can use a CIDR mask, and count the number of ones and zeros (
number-of-zeros = 32 - number-of-ones). The network part of an address is designated by ones in the subnet mask, it means that we can change bits in this part and every time we'll get a different subnet, so the number of combinations in this part is the number of subnets. But the number of subnets depends on which addressing architecture we use (I mentioned this in the chapter "IP address parts"). If we use a CIDR, we can use the whole network prefix, this is how I understand modern subneting. We can count the number of subnets using the following equation.
2number-of-ones = number-of-subnets
Note: This is a new version of counting the number of a subnet following RFC 1812. In the past we used RFC 950 and we had to subtract 2 from this number (for all ones and all zeros address).
I often meet a situation when people think about a number of subnets in different way. I think, that it is correct for older networks, where we don't use CIDR. Here we have to find an IP address class and count the number of subnets only in this class.
2number-of-ones-in-mask - number-of-ones-in-class = number-of-subnets
Example: We have a address 188.8.131.52/22 because of CIDR we know that a number of ones in the subnet mask is 22 and the number of zeros is 32 - 22 = 10 1) a number of subnets for first situation = 222 = 4 194 304 2) but for the second situation we have to take an IP address and by first bits find that it is a Class B (mask /16) so a number of subnets = 222-16 = 26 = 64
Number of hosts is an easier and similar principle. The host part of an address is designated by zeros in the subnet mask. We had to subtract 1 for the network ID and 1 for the broadcast address.
2number-of-zeros - 2 = number-of-hosts
Example: We have an address 184.108.40.206/22 number of host = 210 - 2 = 1024 - 2 = 1022
We have two IP addresses with a subnet mask and we want to know if they are from the same subnet. First, the mask must be the same. Then we translate an IP address and a subnet mask into binary form. If the part, where in subnet mask are ones, is the same in both IP addresses they belong to the same subnet.
Example: IP address 1: 192.168.5.13/22, IP address 2: 192.168.7.128/22 1) subnet masks are the same 2) IP 1 binary: 11000000.10101000.00000101.00001101 IP 2 binary: 11000000.10101000.00000111.10000000 subnet mask: 11111111.11111111.11111100.00000000 3) the network part of both addresses are the same, so they belong to the same subnet
From a host IP address and a subnet mask, we can calculate a network ID. We need to translate an IP address and a subnet mask into binary form and after that we will do a bitwise AND.
Example: IP address: 10.217.123.7/20 binary IP: 00001010.11011001.01111011.00000111 binary mask: 11111111.11111111.11110000.00000000 bitwise AND: 00001010.11011001.01110000.00000000 decimal: 10.217.112.0
Another way to describe this is, that we take away the network part of an IP address and the host part fills with zeros.
Again from an IP address and a subnet mask we can calculate a broadcast address. We need to translate an IP address and a subnet mask into binary form and after we do a bitwise OR between an IP address and a negation mask,
broadcast-address = IP-address OR NOT(subnet-mask).
Example: IP address: 10.217.123.7/20 binary IP: 00001010.11011001.01111011.00000111 binary mask: 11111111.11111111.11110000.00000000 negation mask: 00000000.00000000.00001111.11111111 bitwise OR: 00001010.11011001.01111111.11111111 decimal: 10.217.127.255
Another way to describe this is, that we take away the network part of an IP address and the host part fills with ones.