Solved

Netmask Ordering Clarification

Posted on 2003-11-17
7
852 Views
Last Modified: 2006-11-17
The subnet mask 255.244.0.0 creates the following subnet host ranges on the 10.0.0.0 network:

10.0.0.1 - 10.31.255.254
10.32.0.1 - 10.63.255.254
10.64.0.1 - 10.95.255.254
10.96.0.1 - 10.127.255.254
10.128.0.1 - 10.159.255.254
10.160.0.1 - 10.191.255.254
10.192.0.1 - 10.223.255.254
10.224.0.1 - 10.255.255.254

This was an answer to a question i had earlier attempted. (i had to get it wrong :( )

What i don't understand is how one gets to know that there will be 8 subnets out of the 255.244.0.0 subnet mask.

I do know that the subnet mask 255.244.0.0 can have 2^21 hosts from the binary notation,
but how one can relate that to 8 subnets is not getting into my head.

I did notice that the last subnet (10.224.0.0) starts with 224, what has it got to do with 255.244.0.0?

Could someone please help me understand the above netmask ordering answer?
0
Comment
Question by:fmh002
  • 3
  • 2
  • 2
7 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 9762924
255.244.0.0 is not a valid subnet mask
255.240.0.0 is, but 255.224.0.0 gives you the 6 subnet breakdown that you show..

Since 10.x.x.x is a Class "A" network, the default mask is 255.0.0.0
So, with a mask of 255.240.0.0 you are only using 3 subnet bits which gives you 8 subnets, but strict RFC standards say you can't use subnet zero or the broadcast subnet, takes it down to 6 useable subnets.

Just remember that a subnet mask is simply a binary bit pattern and the numbers don't have to have any relationship with each other. 1's must match, 0's don't care...



0
 
LVL 79

Expert Comment

by:lrmoore
ID: 9762929
0
 

Author Comment

by:fmh002
ID: 9762947
sorry i had made a mistake, it was 255.224.0.0 and not 255.244.0.0... thnx for reply and links
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 31

Expert Comment

by:qwaletee
ID: 9763493
Irmore also made a similar mistake.  224 uses the first three bits of the "B" mask space (d224 = xE0 = b11100000).  240 would use 4 bits of that space (d240 = xF0 = b11110000).
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 9763547
qwaletee,
you are correct in that 224 uses 3 bits and 240 uses 4 bits.
however, I made no mistake.
Only a .224 subnet mask will give you the useable subnets provided in the example.
I only made reference that .240 is a valid subnet mask, where .244 is not.
0
 
LVL 31

Accepted Solution

by:
qwaletee earned 125 total points
ID: 9763982
OK, just pointing out the disparity :) within the comment

To further clarify how the netwmask allows you to break down a subnet. The netmask is always all binary 1's on the left, and binary 0's on thr right.  You never have a zero to the left of a one.  When a device wishes to send a packet to a destination, it uses the mask to see if the address is "local."

It takes its own interface address (basically, its own IP address), and filters it through the mask.
It takes teh destination and filters it through the mask.
If the output of the two operatsions are the same, then it is a local address.  Otherwise, it needs to be forwarded trhough a gateway (which itself has to be a local address).

With a netmask of 255.0.0.0, everything in the first byte must match; the other three don't have to.  That's because a.b.c.d when masked through 255.0.0.0, or 11111111.00000000.00000000.00000000, will keep the first byte (a), but always drop the otehr three, yielding a.0.0.0.

Similarly, with a mask of 255.255.0.0, it will always give a.b.0.0.

It gets trickier (for a human being) to keep track of when you have non-255 masks. 255.240.0.0 means "keep the first byte, and keep the first four bits of the second byte, but drop the other four bits."

Now look at 224 binary and 31 binary.  224 dec = E0 hex = 1110 0000 bin.  31 dec = 0F hex = 0001 1111 bin.  See the pattern? Everything from 0-31 will mask the same through 240, beacuse the first three bits will always be zero.  Similarly, 32-64, which is 0010 0000 through 0011 1111.  the first three bits are always 001, and th other five don't matter when masked.

Routers do the same thing, but a little more complicated.  (It actually isn't really more complicated, it just seems that way.  All TCP/IP stack act as routers internal to the machine, but the simplified eview I gave above suffices to explain it.)

The router has connections to many other routers.  Each router it has a connection to must be a "local" device to it.  So, typically, a router must have at least two addresses -- one for "inbound" and one for "outbound" (inbound and outbound are really relative, of course -- my corporate outbound packet is the backbone's inbound packet).  Typically, except for a workgroup router, it wll have many more addresses than that.  Most often, the "backbone" connection has one address in one range, and the "LAN" connection has many addresses, one for each router "further in" that it can connect to.  Often, those multiple addresses will be in a single subnet.  Sometimes they are not.

The router maintains a list of subnets/masks, and the destination address (gateway) it should use to reach each of them.  So it also takes a similar calculation as the worksataion -- mask "my address" and mask the destination address, and see if they are the same.  But in this case, there is a long list of "my address" possibilities, and a mask to go with each one.  For each interface ("my address") and mask pair, the mask is used against both the interface address and teh destinatino address, until a masked output match is found.  At that opint, the packet is forwarded to the gateway address listed for the subnet; if the gateway is one of the router's own addresses, it sends it out as a local packet.

Does that mean that all the routers on teh internet backbone have a list of all subsets in teh world?  No!  That's the basic reason why masks are always all ones followed by all zeroes.  When you broke your 255.0.0.0-masked subnet into eight 255.224.0.0-masked subnets, you probably added seven or eight routers.  Each of the new routers owns a single "broken up" subnet.  But the next router up the line still thinks you have a 255.0.0.0 subnet, al going to a single router.  That single router doesn't know that the previous calculation invlved a 255.0 mask; it just knows that it has eight 255.224 entries in the routing table.  It is a very nice hierarchical relationship, where "centralized" routers see the world as A-class nets, and the routers "beneath" them see "B-class" nets and so on.  In practice it is messier, as even backbone routers have "shortcuts" to reach nearby routers with other ranges, and as even A and B class nets are broken into parts.  Similarly, in your example, you might only need seven new routers, not eight, because the original router can serve one of the local eight subnets, as well as servicing seven other routers each with one subnet.  Or, with multiple ports installed on a single router, one router can handle, two, three, or mre subnets.  (technically, you don't need multiple ports forthis, you could have "neighbor" subnets all on a single wire segment, but that would be rather pointless, as all devices on subnet A would have subnet B's traffic flowing right past them, and vice versa).
0
 

Author Comment

by:fmh002
ID: 9765400
qwaletee, thnx for the explanation, appreciate it.
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question