Subnetting Shortcuts: Expert Reference Series of White Papers

Download as pdf or txt
Download as pdf or txt
You are on page 1of 17

Expert Reference Series of White Papers

Subnetting Shortcuts

1-800-COURSES www.globalknowledge.com
Subnetting Shortcuts
Al Friebe, CCSI, CCDA, CCDP, CCNA, CCNP, A+

Introduction
One of the most challenging topics for many CCNA candidates is subnet masking. This white paper will de-mys-
tify the math behind subnetting, and provide examples of shortcuts that bypass the need for binary when doing
calculations involving subnet masks.

Subnet Masking Review


Recall that the IPv4 address space is subdivided into five regions, referred to as Class A, B, C, D and E:
• C
 lass A: The first octet is in the range of 1 to 126 (networks 0 and 127 are reserved). By default, the
first octet is network information, and the last 3 octets are host information.
• C
 lass B: The first octet is in the range of 128 to 191. By default, the first 2 octets are network informa-
tion, and the last two octets are host information.
• C
 lass C: The first octet is in the range of 192 to 223. By default, the first 3 octets are network informa-
tion, and the last octet is host information.
• C
 lass D: The first octet is in the range from 224 through 239. These are reserved for Multicast, and
never assigned to hosts (and thus have no subnet masks).
• C
 lass E: The first octet is in the range from 240 through 255. These are reserved for Research (effec-
tively unused).

Also recall the rules for subnet masks:


• Like IPv4 addresses, subnet masks for IPv4 are always 32 bits in length.
• A
 1 in a bit position of a mask indicates that the corresponding address bit is network-type (network or
subnet) information.
• A 0 in a bit position of a mask indicates that the corresponding address bit is host information.
• S ubnet masks must be contiguous, meaning that the 1s must form an unbroken string starting from the
left, with the zeros to the right.

Putting together the A, B and C ranges with the rules for subnet masks:
• C
 lass A: The default subnet mask is 255.0.0.0 (all 1s in the first octet, 0s thereafter). Since there are
eight 1s in the subnet mask, this mask can also be represented as /8.

Copyright ©2009 Global Knowledge Training LLC. All rights reserved. 2


• C
 lass B: The default subnet mask is 255.255.0.0 (all 1s in the first two octets, 0s thereafter). Since
there are sixteen 1s in the subnet mask, this mask can also be represented as /16.
• C
 lass C: The default subnet mask is 255.255.255.0 (all 1s in the first three octets, zeros in the fourth
octet). Since there are twenty-four 1s in the subnet mask, this mask can also be represented as /24.
• T he slash notation (such as /8) is commonly referred to as CIDR (Classless Inter Domain Routing) or bit-
count notation.

Finally, recall that subnet masks allow hosts and routers to calculate the subnets on which particular addresses
reside. For example, if a host has an address of 192.168.1.99 and a mask of 255.255.255.0, the host knows that
its own subnet is 192.168.1.0/24. How does it know? It does a bitwise-AND calculation, using the address and
mask (multiply the bits in each column):

11000000.10101000.00000001.01100011 (address of 192.168.1.99)


11111111.11111111.11111111.00000000 (mask of 255.255.255.0)
———————————————————
11000000.10101000.00000001.00000000 (subnet is 192.168.1.0)

Likewise, if a router’s FastEthernet 0/0 interface has an address of 172.16.100.200 with a mask of /24, the router
places a connected (C) route for 172.16.100.0/24 into its routing table, associated with that interface.

Now that we have reviewed the classful addressing scheme, and the purpose of a subnet mask, let’s look at an
example.

Let’s say that you’ve been given an address space of 192.168.1.0/24, and you’re asked to subnet the network
such that you can have four subnets, each supporting at least 50 hosts. In the IP world, anything that requires
an IP address is commonly referred to as a host, since it can host (provide the hardware on which to execute)
computer programs. We’ll assume that each host requires one IP address, which is by far the most common case.
We want to know if it is possible to solve the problem, and if so
• What subnet mask is required?
• What subnets result from using the required mask?
• What are the ranges of legal host addresses on the subnets?

The first thing I do in a problem like this is a “sanity” check. Multiply the number of hosts per subnet (50) by the
number of subnets (4) to obtain the total number of host addresses required (200), then verify that the available
address space will support at least that many addresses.

If the total number of host addresses required exceeds the available address space, the problem cannot be
solved using standard subnet masking. Since 200 is less than 254 (the number of host addresses available on a
class C network), we can proceed to attempt to solve the problem.

Copyright ©2009 Global Knowledge Training LLC. All rights reserved. 3


The Powers of Two
The key to solving this type of problem is the following Powers of Two chart.

n = 8 7 6 5 4 3 2 1
2n = 256 128 64 32 16 8 4 2

Per the chart, 2 to the third power (that is, 2 x 2 x 2, or 23) is 8. In other words, with 3 bits available, there are 8
possible combinations of 0s and 1s (000, 001, 010, 010, 011, 100, 101, 110, and 111). Likewise, 25 is 32 (00000,
00001 … 11111). As you can see from the chart, each additional bit doubles the number of possible combina-
tions.

How do we use the Powers of Two chart to solve the problem?


First, determine the number of host bits required to support the specified number of hosts per subnet. In
the example above, since there are 50 hosts per subnet, the number of host bits is 6 (this actually allows for 62
hosts per subnet, since 2 addresses per subnet are reserved).

Next, determine the number of subnet bits required. In the example above, since there are 4 subnets,
the number of subnet bits is two. Note that in the case of subnets, you do not have to subtract two from the
total (unlike with addresses, no subnets are reserved).

Since in our example we need 2 subnet bits and 6 host bits in the last octet (with a class C network, you only
have the fourth octet to work with), the subnet mask in that octet is 1100000, which in decimal is 192. There-
fore, the mask is 255.255.255.192, or /26 (since there are twenty-six 1s in the mask). If we set the host bits to 0
and cycle through the 4 possible patterns of subnet bits, we obtain the four subnets:
• 00 000000 = 0 (192.168.1.0/26)
• 01 000000 = 64 (192.168.1.64/26)
• 10 000000 = 128 (192.168.1.128/26)
• 11 000000 = 192 (192.168.1.192/26)

Remember that all 1s in the host portion are reserved for the directed broadcast address for a subnet. Cy-
cling through the possibilities with the host bits set to all 1s gives:
• 00 111111 = 63 (192.168.1.63, directed broadcast for 192.168.1.0/26)
• 01 111111 = 127 (192.168.1.127, directed broadcast for 192.168.1.64/26)
• 10 111111 = 191 (192.168.1.191, directed broadcast for 192.168.1.128/26)
• 11 111111 = 255 (192.168.1.255, directed broadcast for 192.168.1.192/26)

Finally, the range of legal host addresses is all values in between the subnet and directed broadcast ad-
dresses:

Copyright ©2009 Global Knowledge Training LLC. All rights reserved. 4


• 00 000001 – 00 111110 (192.168.1.1 – 192.168.1.62)
• 01 000001 – 01 111110 (192.168.1.65 – 192.168.1.126)
• 10 000001 – 10 111110 (192.168.1.129 – 192.168.1.190)
• 11 000001 – 11 111110 (192.168.1.193 – 192.168.1.254)

Note that each of the 4 subnets allows 62 legal host addresses, which is exactly what we would expect when
using 6 host bits. Why? Because 26 is 64, and 2 addresses per subnet (those with all 0s and all 1s in the host
portion) are reserved. That leaves 62 legal host addresses per subnet.

Binary Subnet Masking Shortcuts


Now that we’ve solved a subnet masking problem using binary, let’s look at some helpful shortcuts that can
make solving such problems faster and easier for most people (and less error-prone, as well).

First, let’s summarize our findings from before. To subnet the 192.168.1.0/24 network into 4 subnets, each al-
lowing at least 50 hosts, we determined that we need a mask of /26, or 255.255.255.192. From this, we ob-
tained the following subnets, ranges and broadcast addresses (these are the values in the last octet):
• Subnet: 0, Range: 1 – 62, Broadcast: 63
• Subnet: 64, Range: 65 – 126, Broadcast: 127
• Subnet: 128, Range: 129 – 190, Broadcast: 191
• Subnet: 192, Range: 193 – 254, Broadcast: 255

The first thing to notice is the correlation between the subnet mask and the increment. In this example, the
octet of interest is the fourth, and the value of the mask in that octet is 192. If you take the value of the mask
(192) and subtract it from 256 (a magic number!), you get 64, the amount by which the subnets increment (0,
64, 128, 192).

The 1s in a subnet mask indicate network-type info, and the 0s indicate host info. Thus, with a subnet mask of
192 (in the fourth octet), which is 1100000 in binary, there are 2 subnet bits, and 6 host bits. Referring to the
Powers of Two chart, we see that the value of the least-significant subnet bit is 64 (26 = 64), so the subnets
increment by 64. Also, since the mask is a /26, there are 6 host bits, and, as we know, 26 = 64. The bottom line is
that whether you look at the mask in decimal, binary or “slash” (bit-count or CIDR) notation, the subnets incre-
ment by 64.

Basically, the subnet increment can be obtained three ways.


1. From 256 minus the mask value (256 – 192 = 64)
2. From the value of the least-significant subnet bit (26 = 64)
3. From the number of host bits (there are 6 host bits, and 26 = 64)

Copyright ©2009 Global Knowledge Training LLC. All rights reserved. 5


Also note that the last subnet is equal to the value of the mask (in this case, 192). This means that once you
have the mask, you can calculate the subnets in decimal, without using binary. Just start with the network
(192.168.1.0), and increment the last octet (you could also start with the last subnet and work your way down,
but most people find it easier to work their way up). Either way, using a mask of /26, the subnets are:
• 192.168.1.0/26
• 192.168.1.64/26
• 192.168.1.128/26
• 192.168.1.192/26.

Broadcast Addresses
Next, let’s examine the broadcast addresses (in a “real-world” design problem, the broadcast addresses are
generally not required, but CCNA exams may inquire about them). Note that in each case, the subnet’s broad-
cast address is equal to the value of the next subnet minus one. For example, on the 192.168.1.0 subnet, the
broadcast address is 192.168.1.63, which is one less than the value of the next subnet (192.168.1.64). The
exception is the last subnet, for which the broadcast address is always 255 (which is 256 minus 1). Thus, subnets
and their broadcast addresses are:
• 192.168.1.0, Broadcast 192.168.1.63 (one less than next subnet)
• 192.168.1.64, Broadcast 192.168.1.127 (one less than next subnet)
• 192.168.1.128, Broadcast 192.168.1.191 (one less than next subnet)
• 192.168.1.192, Broadcast 192.168.1.255 (the last one is always 255)

Ranges
Finally, let’s look at the ranges of legal host addresses. In each case, the range begins with one more than that
of the subnet itself, and ends with two less than the next subnet (which is one less than the subnet’s broadcast
address). The exception is the last subnet, for which the last address is always 254 (256 minus 2). Therefore, the
subnets and their ranges are:
• 192.168.1.0, Range 1 – 62 (one more to two less)
• 192.168.1.64, Range 65 – 126 (one more to two less)
• 192.168.1.128, Range 129 – 190 (one more to two less)
• 192.168.1.192, Range 193 – 254 (last subnet, one more to 254)

Putting it all together, then, the algorithm is:


• Using the Powers of Two chart, determine the required subnet mask
• Using the mask, determine the increment
• Using the increment, determine the subnets
• Using the subnets, determine the broadcast addresses (if needed)
• Using the subnets, determine the ranges

Copyright ©2009 Global Knowledge Training LLC. All rights reserved. 6


Now, we’ll use the shortcuts to solve some additional problems. Here’s the first problem:

 iven an address space of 172.16.1.0/24, divide the network into 5 subnets, each
G
supporting at least 20 hosts.

Here are the steps we’ll use: (Refer to the Powers of Two chart if necessary.)
1. Using the Powers of Two chart, determine the required subnet mask
2. Using the mask, determine the increment
3. Using the increment, determine the subnets
4. Using the subnets, determine the broadcast addresses (if needed)
5. Using the subnets, determine the ranges

Step 1. Determine the Subnet Mask


The first step is to determine the total number of host addresses required. Five (subnets) times 20 (hosts per
subnet) is 100. Since we were given a /24 address space (a Class C sized piece of a Class B network) that
supports up to 254 addresses, we’re good to go. Referring to the chart, we can see that 20 hosts per subnet
requires at least 5 host bits (which would actually support up to 30 hosts per subnet). Also, 5 subnets require at
least 3 subnet bits (which would allow for up to 8 subnets). If we add the number of host bits (5) to the number
of subnet bits (3), we get a total of 8, which is exact`y how many bits we have to work with. Why? Because the
first 24 bits are fixed by the address space, leaving 8 bits to get us to the mask length of 32.

Now we can calculate the subnet mask. We can either subtract the number of host bits (5) from 32 (the total
length of a subnet mask), or add the number of subnet bits (3) to that specified by the address space (24). Either
way, the mask is a /27.

Step 2. Determine the Increment


Next, we determine the increment, which is simply two raised to the number of host bits (from the powers of
two chart). In this case, that is 25 = 32, so the subnets increment by 32. Incidentally, this also tells us the mask
in dotted-decimal. Just subtract the increment (32) from 256 (a magic number), giving 224. Thus, the mask is
255.255.255.224 (the same as /27). If you’d like it in binary, it’s all 1s in the first 3 octets, and 11100000 in the
fourth octet (a total of 27 ones).

Step 3. Determine the Subnets


At this point, we can calculate the subnets. Just start at zero, and increase by the increment, stopping at the last
subnet (which is equal to the mask):
• 172.16.1.0/27
• 172.16.1.32/27
• 172.16.1.64/27

Copyright ©2009 Global Knowledge Training LLC. All rights reserved. 7


• 172.16.1.96/27
• 172.16.1.128/27
• 172.16.1.160/27
• 172.16.1.192/27
• 172.16.1.224/27

Step 4. Determine the Broadcast Addresses


Next, let’s examine the broadcast addresses. Remember that in each case, the subnet’s broadcast address is
equal to the value of the next subnet minus one, with the exception of the last subnet, for which the broadcast
address is always 255. Thus, subnets and their broadcast addresses are:
• 172.16.1.0/27, Broadcast: 172.16.1.31 (one less than 32)
• 172.16.1.32/27, Broadcast: 172.16.1.63 (one less than 64)
• 172.16.1.64/27, Broadcast: 172.16.1.95 (and so on)
• 172.16.1.96/27, Broadcast: 172.16.1.127
• 172.16.1.128/27, Broadcast: 172.16.1.159
• 172.16.1.160/27, Broadcast: 172.16.1.191
• 172.16.1.192/27, Broadcast: 172.16.1.223
• 172.16.1.224/27, Broadcast: 172.16.1.255 (last is always 255)

Step 5. Determining the Ranges


Finally, let’s calculate the ranges of legal host addresses. Remember that the range begins with one more than
that of the subnet itself, and ends with two less than the next subnet (which is one less than the subnet’s broad-
cast address). As for the broadcast addresses, the exception is the last subnet, for which the last host is always
“254” (256 minus 2). Therefore, the subnets and their ranges are:
• 172.16.1.0, Range: 1 – 30 (one more, to two less)
• 172.16.1.32, Range: 33 – 62 (likewise)
• 172.16.1.64, Range: 65 – 94 (etcetera)
• 172.16.1.96, Range: 97 – 126
• 172.16.1.128, Range: 129 – 158
• 172.16.1.160, Range: 161 – 190
• 172.16.1.192, Range: 193 – 222
• 172.16.1.224, Range: 225 – 254 (ends with 254)

Let’s do another example.

Given an address space of 10.100.200.0/24, find the mask that will give 11 sub-
nets of 13 hosts each.

Copyright ©2009 Global Knowledge Training LLC. All rights reserved. 8


Since this is a total of 143 host addresses, it should fit in the specified /24 address space. Referring to the Pow-
ers of Two chart, we see that for 13 hosts per subnet, we need 4 host bits (which actually allows 14 hosts per
subnet), and that 11 subnets requires 4 subnet bits (which allows 16 subnets).

Based on these numbers (4 subnet and 4 host bits), the mask is /28. This can be found either from 24 plus the 4
subnet bits, or 32 minus the 4 host bits. Also, with 4 host bits, the subnets increment by 16 (24). Since the incre-
ment is 16, subnet mask is 255.255.255.240 (256 minus 16 is 240), the last subnet is 10.100.200.240, and the
subnets, their ranges and broadcast addresses are:
• 10.100.200.0/28, 10.100.200.1 – 14, 10.100.200.15
• 10.100.200.16/28, 10.100.200.17 – 30, 10.100.200.31
• 10.100.200.32/28, 10.100.200.33 – 46, 10.100.200.47
• (10 more subnets that increment by 16 go here)
• 10.100.200.208/28, 10.100.200.209 – 222, 10.100.200.223
• 10.100.200.224/28, 10.100.200.225 – 238, 10.100.200.239
• 10.100.200.240/28, 10.100.200.241 – 254, 10.100.200.255

Before we move on, let’s do one more.

Given the same address space of 10.100.200.0/24, find the mask that will give 20
subnets of 10 hosts each.

Since this is a total of 200 host addresses, we think that it should fit into the specified /24 address space. Refer-
ring to the Powers of Two chart, we see that for 10 hosts per subnet, we need 4 host bits (which actually allows
14 hosts per subnet), and that 20 subnets requires 5 subnet bits (which allows 32 subnets). Four bits plus 5 bits
is 9 bits, and that’s a problem, because the address space is specified as a /24, so we have only 8 bits to work
with (we can’t touch any of the first 24 bits). The only solution would be to obtain additional address space.

Finding the Subnet


This time, instead of finding the mask, the challenge is to find the subnet. Ready? Here’s the first problem.

Given a host address of 192.168.1.100 and a subnet mask of /27, determine the
host’s subnet, the legal range of host addresses on that subnet, and the broad-
cast address for the subnet.

The first step is to determine the subnet increment. Since there are 5 host bits (32 total bits in the mask minus
27 network-type bits), the increment is 32 (from the chart, 25 is 32). Thus, the subnets (incrementing by 32 in
the last octet) are:
• 192.168.1.0/27
• 192.168.1.32/27

Copyright ©2009 Global Knowledge Training LLC. All rights reserved. 9


• 192.168.1.64/27
• 192.168.1.96/27
• 192.168.1.128/27
• 192.168.1.160/27
• 192.168.1.192/27
• 192.168.1.224/27

Since 100 lies between 96 and 128, the host is on the 192.168.1.96/27 subnet. Based on the shortcuts we de-
veloped before, we can determine that the range of hosts on that subnet is 192.168.1.97 – 126 (one more than
the current subnet to two less than the next subnet), and that the broadcast address is 192.168.1.127 (one less
than the next subnet).

Let’s do another.

Given a host address of 10.50.100.200 and a mask of 255.255.255.192, find the


host’s subnet, the range and the broadcast address.

Recall that when given a mask in dotted-decimal, the subnet increment can be determined three ways:
• Subtract the value in the octet of interest from 256
• Two to the number of host bits in the octet of interest.
• The value of the least significant subnet bit

In the case of a 255.255.255.192 mask, the first approach gives: 256 – 192 = 64. For the second approach, a
255.255.255.192 mask is a /26 (that is, 6 host bits), and 26 is 64. In the third approach, a decimal 192 is equiva-
lent to 11000000 in binary, and the least significant subnet bit (the rightmost one) is the 64 bit. No matter how
you do it, the increment is 64. Since the increment is 64 (in the last octet), the subnets are:
• 10.50.100.0/26
• 10.50.100.64/26
• 10.50.100.128/26
• 10.50.100.192/26

Since 200 is greater than 192 (the last subnet), the host is on the 10.50.100.192/26 subnet, the range of hosts
on that subnet is 10.50.100.193 – 254, the broadcast address is 10.50.100.255, and we’re done!

Let’s try another.

The address and mask are 172.16.1.203/29.

Copyright ©2009 Global Knowledge Training LLC. All rights reserved. 10


Based on the mask, we can see that the subnets increment by eight (because there are 3 host bits). While it’s
possible to count by eights all the way to 203, for most people that would take a while (and be error-prone).
A quicker approach is to divide 203 by eight, which we can round down to 25. Now just multiply 50 by 8 (the
increment) to get 200, which is the subnet (172.16.1.200/29, to be exact). Since the increment is eight, the next
subnet is 208 (actually 172.16.1.208/29), the range of addresses on the host’s subnet is 172.16.1.201 – 206,
and the broadcast address is 172.16.1.207 for the host’s subnet.

In this example, the address is 10.1.2.153, and the mask is 255.255.255.252 (that is, /30). Based on the mask,
we can see that the subnets increment by four. Just take 256 and subtract 252, or use the fact that there are 2
host bits, or that the rightmost one in 11111100 (252 written in binary) is worth four. While it’s possible to count
by fours all the way to 153, that would be boring, so let’s just divide 153 by 4, giving 38 (if we round down).
Now multiply 38 times 4, which is 152. Thus, the subnet is 152 (10.1.2.152/30), the range is 10.1.2.153 – 154,
and the broadcast is 10.1.2.155 (the next subnet is 10.1.2.156).

Calculating Subnets, Ranges, and Broadcasts


Now, we’ll look at some more complex cases, specifically those in which the subnet/host boundary lies within
the second or third octets. Suppose you are tasked with subnetting the 172.16.0.0/16 network, such that there
are 100 subnets supporting 300 hosts each. Since 30,000 (100 times 300) is less than the 65,534 host capacity
of a /16 address space (a Class B network), we’re ready to proceed.

As before, the algorithm is:


• Using the Powers of Two chart, determine the required subnet mask
• Using the mask, determine the increment
• Using the increment, determine the subnets
• Using the subnets, determine the broadcast addresses (if needed)
• Using the subnets, determine the ranges

Determining the Subnet Mask


Using the number of hosts per subnet to determine the number of host bits required. Consulting the Powers of
Two chart reveals that for 300 hosts is off the chart! However, since we know that each column to the left is
worth twice the column to the right, all we would need to do is add one more column to the left (29 is 512) to
see that we need 9 host bits (which actually allows for 510 hosts per subnet).

Determining the Subnets


Next, using the chart, we determine the number of subnet bits needed. In this case we’re on the chart, since 100
subnets requires 7 subnet bits (which actually allows for 128 subnets). Since 9 (host bits) plus 7 (subnet bits) is
16, and we have 16 bits with which to work (32 minus the 16 already used to specify the address space), we’re
in good shape. Thus, the subnet mask is a /23 (32 minus the 9 host bits, or 16 plus the 7 subnet bits).

Copyright ©2009 Global Knowledge Training LLC. All rights reserved. 11


Determining the increments
Now, since we know that the mask is a /23, we can proceed to calculate the subnets, ranges and broadcasts.
First, though, let’s determine the increment. One way to do this is to note that since the mask is a /23, there
is one host bit in the octet of interest (the third octet). Therefore, the increment is 2`, or two in the third octet.
Incrementing by two in the third octet, the subnets are:
• 172.16.0.0/23
• 172.16.2.0/23
• 172.16.4.0/23
• (123 more subnets that increment by two in the third octet go here)
• 172.16.252.0/23
• 172.16.254.0/23

Note that you can also use the increment to determine the subnet mask in dotted-decimal form. Simply subtract
the increment (2) from 256, and that’s the value in the octet of interest (the third). In other words, the mask is
255.255.254.0 (same as a /23).

Determining the Ranges


As before, the range extends from one more (than the subnet) to two less (than the next subnet); however,
by “one more,” we actually mean “the next address.” For the first subnet (172.16.0.0/23), the first legal host
address is 172.16.0.1 (not 172.16.1.0), and the last address on that subnet is 172.16.1.254 (not 172.16.0.254).
Likewise, on the second subnet (172.16.2.0/23), the first host is 172.16.2.1 (not 172.16.3.0), and the last host is
172.16.3.254 (not 172.16.2.254). Thus, the ranges are:
• 172.16.0.0/23, Range: 172.16.0.1 – 172.16.1.254
• 172.16.2.0/23, Range: 172.16.2.1 – 172.16.3.254
• 172.16.4.0/23, Range: 172.16.4.1 – 172.16.5.254
• (123 more subnets that increment by two in the third octet go here)
• 172.16.252.0/23, Range: 172.16.252.1 – 172.16.253.254
• 172.16.254.0/23, Range: 172.16.254.1 – 172.16.255.254

Determing the Broadcast Addresses


Using the same logic, the broadcast addresses are:
• 172.16.0.0/23, Broadcast: 172.16.1.255
• 172.16.2.0/23, Broadcast: 172.16.3.255
• 172.16.4.0/23, Broadcast: 172.16.5.255
• (123 more subnets that increment by two in the third octet go here)
• 172.16.252.0/23, Broadcast: 172.16.253.255
• 172.16.254.0/23, Broadcast: 172.16.255.255

Copyright ©2009 Global Knowledge Training LLC. All rights reserved. 12


While we’re here, let’s make some observations.

First, the basic idea is the same as what we were doing before, we’re just operating in a different octet.

Second, when subnetting with a /23 mask, an address like 172.16.1.0 is a legal host address (with that mask,
it’s neither a subnet nor a broadcast address). It looks kind of weird, but it’s perfectly legit.

Third, since most workgroups (VLANs) have fewer than 254 hosts (employees, whatever), you don’t see subnet
masks of /23 used very often (nor anything in the range of /9 to /23, for that matter).

Now, let’s do another problem.

Given an address space of 10.0.0.0/8, subnet it such that there are 1000 subnets
supporting 1000 hosts each.

Since a million (1000 times 1000) is less than the approximately sixteen million host capacity of a /8 address
space (a Class A network), we’re ready to go.

As always, we use the number of hosts per subnet to determine the number of host bits required. A thousand
hosts per subnet is off the chart, but it’s easy to see that if 9 host bits allows 510 hosts, then 10 host bits allows
for 1022 hosts (210 is 1024, minus the 2 reserved addresses gives 1022). Likewise, 1000 subnets requires 10
subnet bits (which allows for 1024 subnets). That’s a total of 20 bits.

Since we only need 20 bits, but we have 24 bits to work with (32 minus the 8 specifying the address space), we
have 4 “extra” bits, so at this point we have a decision to make. Since there are 32 bits in a subnet mask, the
number of network bits plus subnet bits plus host bits must equal 32. We could make the extra bits subnet bits,
or host bits, or split them between the two.

To leave room for growth in both the number of subnets and the size of each subnet, let’s split the difference,
using 12 host bits and 12 subnet bits (allowing for up to 4096 subnets, each containing up to 4094 hosts), and
results in a /20 mask. This means that there are 4 host bits in the third octet, so the subnets increment by 16 (24)
in the third octet, and the dotted-decimal mask is 255.255.240.0 (256 minus 16 in the third octet).

Thus, the subnets and their ranges are:


• 10.0.0.0/20, Range: 10.0.0.1 – 10.0.15.254
• 10.0.16.0/20, Range: 10.0.16.1 – 10.0.31.254
• 10.0.32.0/20, Range: 10.0.32.1 – 10.0.47.254
• (12 more subnets that increment by sixteen go here)
• 10.0.240.0/20, Range: 10.0.240.1 – 10.0.255.254

Copyright ©2009 Global Knowledge Training LLC. All rights reserved. 13


• 10.1.0.0/20, Range: 10.1.0.1 – 10.1.15.254
• 10.1.16.0/20, Range: 10.1.16.1 – 10.1.31.254
• 10.1.32.0/20, Range: 10.1.32.1 – 10.1.47.254
• (4074 more subnets that increment by sixteen go here)
• 10.255.208.0/20, Range: 10.255.208.1 – 10.255.223.254
• 10.255.224.0/20, Range: 10.255.224.1 – 10.255.239.254
• 10.255.240.0/20, Range: 10.255.240.1 – 10.255.255.254

Using the same logic, in case we’re interested the broadcast addresses are:
• 10.0.0.0/20, Broadcast: 10.0.15.255
• 10.0.16.0/20, Broadcast: 10.0.31.255
• 10.0.32.0/20, Broadcast: 10.0.47.255
• (12 more subnets that increment by sixteen go here)
• 10.0.240.0/20, Broadcast: 10.0.255.255
• 10.1.0.0/20, Broadcast: 10.1.15.255
• 10.1.16.0/20, Broadcast: 10.1.31.255
• 10.1.32.0/20, Broadcast: 10.1.47.255
• (4074 more subnets that increment by sixteen go here)
• 10.255.208.0/20, Broadcast: 10.255.223.255
• 10.255.224.0/20, Broadcast: 10.255.239.255
• 10.255.240.0/20, Broadcast: 10.255.255.255

To reinforce the methods, let’s do one more.

Given an address space of 10.5.64.0/18, find the mask that gives 50 subnets, with
the maximum number of hosts per subnet.

For 50 subnets, we need 6 subnet bits (allowing a maximum of 64 subnets). Since 6 (subnets bits) plus 18
(specified with the address space) is 24, we need a /24 mask (255.255.255.0), and the subnets increment by one
in the third octet. Also, because we’re left with 8 host bits (32 minus 24), we can have up to 254 hosts per sub-
net. In other words, it’s as if we have 64 Class C networks starting with 10.5.64.0 at our disposal. The subnets,
their ranges and broadcasts are:
• 10.5.64.0/24, range: 10.5.64.1 – 10.5.64.254, BC: 10.5.64.255
• 10.5.65.0/24, range: 10.5.65.1 – 10.5.65.254, BC: 10.5.65.255
• (60 more subnets that increment by one in the third octet go here)
• 10.5.126.0/24, range: 10.5.126.1 – 10.5.126.254, BC: 10.5.126.255
• 10.5.127.0/24, range: 10.5.127.1 – 10.5.127.254, BC: 10.5.127.255

Copyright ©2009 Global Knowledge Training LLC. All rights reserved. 14


Finding the Subnet in the Second & Third Octet
Suppose that we’re given an address of 10.20.30.40/20, and told to find the subnet. Since 20 lies between 16
and 24, we can see from the mask that we’re operating in the third octet. Further, since the mask is a /20, there
are 4 subnet bits in that octet, as well as 4 host bits. Per the chart, 24 (the number of host bits) is 16, so the
subnets increment by 16 in the third octet. Thus, the subnets are:
• 10.20.0.0/20
• 10.20.16.0.0/20
• 10.20.32.0.0/20
• (12 more subnets incrementing by 16 in the third octet go here)
• 10.20.240.0.0/20

Remember that we’re interested in the third octet. Since 30 lies between 16 and 32, the host is on the
10.20.16.0/20 subnet, the range is 10.20.16.1 – 10.20.31.254, and the broadcast address is 10.20.31.255 for
that subnet.

Let’s do another.

Given the host address 172.31.100.200, and a subnet mask of 255.255.224.0 (a


/19), determine the usual items.

We can see from the mask that we’re interested in the third octet. Further, since 256 minus 224 is 32, the sub-
nets increment by 32 in that octet. Thus, the subnets are 172.16.0.0/19 (and counting by 32 in the third octet),
32, 64, 96, 128, etc. Since 100 lies between 96 and 128, the host is on the 172.16.96.0/19 subnet, the range is
172.16.96.1 – 172.16.127.254, and the broadcast address is 172.16.96.255 for that subnet.

Ready for the next one?

Given the host address 10.20.30.40 and a subnet mask of 255.192.0.0, find the
usual items.

We can see from the mask (which could also be written as a “/10″) that we are interested in the second octet.
Furthermore, since 256 minus 192 is 64, the subnets increment by 64 in the second octet. Thus, the subnets are
10.0.0.0/10, 10.64.0.0/20, 10.128.0.0/10, and 10.192.0.0/10 (since there are only 2 subnet bits, there are only
4 subnets). It’s the second octet that we’re interested in, and since 20 lies between 0 and 64, the host is on the
10.0.0.0/10 subnet, the range is 10.0.0.1 – 10.63.255.254, and the broadcast is 10.63.255.255 for that subnet.

Let’s try one more.

Copyright ©2009 Global Knowledge Training LLC. All rights reserved. 15


Given a host with an address and mask of 10.200.100.200/14, determine the sub-
net, range and broadcast.

First, since 14 lies between 8 and 16, we’re interested in the second octet. Next, since we’re dealing with a Class
A (8 network bits), a /14 mask means that there are 6 subnet bits and 2 host bits in the second octet. Because
22 is 4, the subnets increment by four in the second octet, thus: 10.0.0.0/14, 10.4.0.0/14, 10.8.0.0/14, etc.

While we could count all the way to 200 in the second octet, we can just use some math to shortcut it. Since
200 is an even multiple of four (4 times 50 is 200), 200 is a subnet (and 204 is the next subnet). Thus, the host is
on the 10.200.0.0/14 subnet, the range of legal host addresses on that subnet is 10.200.0.1 – 10.203.255.254,
and the broadcast is 10.203.255.255 for that subnet.

Note that when using a /14 mask with a Class A network, there are 6 subnet bits, allowing for up to 64 subnets,
and 18 host bits, allowing for 262,142 hosts per subnet (218 minus 2). That’s way off the powers of two chart,
and not likely to be used in the real world as a subnet mask.

One last thing … since the default mask for a Class A is /8, you’ll never see a subnet mask of less than /8. Thus,
you don’t have to worry about doing calculations in the first octet (although it would work exactly the same,
with the subnet increment based on the number of host bits in that octet).

Learn More
Learn more about how you can improve productivity, enhance efficiency, and sharpen your competitive edge.
Check out the following Global Knowledge courses:
ICND1 – Interconnecting Cisco Network Devices 1
ICND2 – Interconnecting Cisco Network Devices 2
CCNA Boot Camp

For more information or to register, visit www.globalknowledge.com or call 1-800-COURSES to speak with a
sales representative.

Our courses and enhanced, hands-on labs offer practical skills and tips that you can immediately put to use. Our
expert instructors draw upon their experiences to help you understand key concepts and how to apply them to
your specific work situation. Choose from our more than 700 courses, delivered through Classrooms, e-Learning,
and On-site sessions, to meet your IT and management training needs.

About the Author


Al Friebe is a Cisco Certified Systems Instructor (CCSI) who has been teaching networking classes since 1995.
In the past, he has served as GK’s Course Director for BGP and BSCI, and he is the author of GK’s current ICND2
labs. His previous experience includes instructor duty in the U.S. Navy’s Nuclear Power School, radiochemistry,

Copyright ©2009 Global Knowledge Training LLC. All rights reserved. 16


software engineering, and network management. His certifications include CCDA, CCDP, CCNA, CCNP, A+ and
others.

Copyright ©2009 Global Knowledge Training LLC. All rights reserved. 17

You might also like