TCP/IP Subnet Mask Tutorial Copyright 1995 by Dorothy A. Creswell, CDP, CNE What's the most frightening thing you can think of? The Federal Budget? Doing your taxes? For some network managers it's dealing with TCP/IP subnet masks, that not-too-friendly boulder blocking their on-ramp to the Information Superhighway. With the growing interest in the Internet, and more wide area network support of remote offices, an increasing number of networks are implementing Transmission Control Protocol/Internet Protocol (TCP/IP). Often that includes learning about IP subnet masks. Or, as one network manager summed it up: "I've learned more than I ever wanted to know!" This brief tutorial will take a quick look at IP addresses, why subnet masks are used, and some survival hints. IP addresses are based on a structured, two-part, 4-byte address. The first portion identifies the network, and the second portion identifies the host. If your network will be connected to the Internet, then you must apply to the InterNIC* for an assigned address. If your network won't be connected to the Internet, then you can select any network address. However, if you change your mind later and decide to connect to the Internet, you'll need to apply for a network address at that time, and someone (guess who?) will need to change the network address in every host system to match the new assignment. Once you have your network address, you then assign a host address to each computer that will actively participate in the IP network. Although every IP address today is 4-bytes in length, the length of the network and host portion varies depending on the class of the address. The major classes are A, B and C (D and E also exist). IP addresses are written in "dotted decimal" notation where the 4 bytes are written in a string and separated by decimals. For example, 128.66.12.2 is a valid class B IP address. In this case, the network address is 128.66, and the host address is 12.2. The following tables outline the IP address structure and capacity: Address Address #bytes #bytes Maximum# Maximum# Class Network Host Range Rules Networks Hosts ----- ------- ---- ----- -------------- -------- ----- A 1 3 1-126 bit 1 = 0 126 16 million B 2 2 128-191 bits 1-2 = 10 16,000 65,000 C 3 1 192-223 bits 1-3 = 110 2 million 254 For the host portion, an address of all binary ones is used for broadcast, and all binary zeros is used for the network address. These are reserved and should not be used. All class A addresses have been assigned, and most class B have been assigned. That means that you may need to apply creativity when using your assigned network address. And that's where subnet masking comes into play. As a side note, a greatly expanded addressing scheme will be available with "IP next generation," or "IPng," but implementation is still in the future. Why use subnet masks, and how? If you've received a class B network address, and want to define your internal host addresses, there are several design factors. You may want to divide your local network to reduce congestion, improve management or add security. You may plan use routers for network performance and security reasons when connecting multiple branch offices to your main facility. However, routers connect different networks and different networks need unique network addresses. If you have only one IP network address but need to use multiple network addresses, it's time to roll up your sleeve and dive into subnet masking. Subnetworks are created by using a subnet mask. The mask is a simple 4-byte binary structure used to filter and identify which portion of an IP address is the network, and which portion is the host. The default subnet masks are 255.0.0.0 for class A networks, 255.255.0.0 for class B, and 255.255.255.0 for class C. Each position in the mask which contains a binary 1 will be evaluated as part of the network address, while a binary 0 is used for a position that is not (i.e., part of the host portion). For example, below is the default class B mask, our earlier class B IP address example, and the network address: Dotted Decimal Binary Description ----------- ----------------------------------- ----------- 255.255.0.0 11111111.11111111.00000000.00000000 mask 128.66.12.2 10000000.01000010.00001100.00000010 IP address 128.66.0.0 10000000.01000010.00000000.00000000 network Notice that whenever the mask contains a binary 1, that bit of the example IP address is used to determine the network address. Subnetting allows you to use portions of your host address range to create subnetworks under your control. It's important to remember that the rest of the network community won't be aware of your subnets. Also remember not all network equipment can be configured to work with subnet masks. Suppose that you have 7 branch offices you wish to connect to your IP network. You could define a subnetwork by using the first four bits of your host address portion. In this case, your mask would be 255.255.240.0 11111111.11111111.11110000.00000000 (binary) You would then be able to use the remaining 4 bits of that byte, plus the last full byte to construct host addresses. This would allow you to have over 4,000 unique host addresses at each branch. Remember for each subnet you should not use host addresses of all 1's or all 0's. You should also avoid subnetwork numbers of that type. The potential number of subnetworks will the number two raised to the power of the number of bits to be used and then subtracting two from the result. In this case, for four bits it would be 2 to the 4th power minus 2: ((2**4) -2) = (16 - 2) = 14 subnetworks. Examples of valid subnetwork numbers could include 16, 144, and 224 but 33 and 190 would be wrong. Your host addresses could vary from 1 to 4094, though addresses are still written in dotted decimal notation. Suppose your assigned class B network address is 128.66. Here are some examples: <----network----> <----host---> 255.255.240.0 11111111.11111111.11110000.00000000 subnet mask 128.66.16.254 10000000.01000010.00010000.11111110 subnet 16, host 254 128.66.17.0 10000000.01000010.00010001.00000000 subnet 16, host 256 128.66.225.254 10000000.01000010.11100001.11111110 subnet 224, host 510 128.66.225.0 10000000.01000010.11100001.00000000 subnet 224, host 256 If you work with the binary structures, you should begin to get a better picture about what is happening. The process is very clear once you understand the mechanics involved. There are shareware and commercial utilities available to help the "binarily-challenged" network manager with interpreting, assigning and tracking IP addresses. Now that you have a firm grasp of TCP/IP subnet masking, you can turn your attention to balancing the Federal Budget! ___________________________ *To reach InterNIC registration services information: telephone, 1- 800-444-4365; Registration support: 703-742-4777. By mail: Network Solutions Inc.; ATTN: InterNIC Registration Services; 505 Huntmar Park Dr.; Herndon, VA 22070; or send registration questions by electronic mail to: hostmaster@internic.net. Dorothy A. Creswell, CDP, CNE is president of D C Consulting, Inc. in Ankeny, Iowa. D C Consulting provides computer network planning and support including electronic mail services and sales automation. She may be reached at CompuServe 74774,1152, Internet 74774.1152@compuserve.com, telephone 515-964-9034, or FAX 515-964-5745. ========================== Note: Permission to reprint this copyright article without charge is granted to chapters of DPMA, ICCA and similar not-for-profit associations. Article must be published unedited including author contact information. Please mail a copy of the issue in which the reprint appeared to the author at D C Consulting, Inc.; PO Box 195; Ankeny IA 50021-0195.