Subneting Workbook
Subneting Workbook
Subneting Workbook
Subnetting is a process of partitioning a network into smaller (sub) independent network. The smaller network is called subnet. Subnetting relates to a good network design. One aspect of a good network design is to optimize the IP addresses that you have. Don't let IP addresses unused or go wasted. This is true especially when you have to pay to have those IP addresses, or you have limited IP address range to work with. The example of pay IP addresses is Public IP addresses that you retrieved from your ISP. You have to pay certain amount to have static IP addresses dedicated to you from your ISP. When you ask more IP from them, you have to pay more. This FAQ of subnetting discussion will be only in a perspective of IP network version 4. Further, the discussion is trying to build a basis of understanding on how subnetting functionality plays fundamental part in IP network, especially in relation and/or application to IP routing and switching as part of communication ways in IP network, and to best-practice network design in general. Hopefully after reading this FAQ, readers can have better understanding and better appreciation of subnetting beyond a mere mathematics or beyond a certification test passing. As with any learning process of new knowledge, there is no "cheating", meaning you need to understand the basics. There is some mention about binary number system (which you will find out soon) in regards of subnetting learning process. However unlike any other source, this FAQ tries to minimize the use of binary number system and tries to maximize the use of decimal number system which is more common among humans. The objective of this FAQ is to try to introduce you subnetting knowledge with less math to avoid dry reading and more on the "soul" of subnetting itself to embrace the essence. Binary Number System (2-based Number System) The most difficult part of understanding subnetting is probably the math (the calculation). As you can see from the links above, subnetting involves binary numbers. Yes, you are required to understand at least the basic of binary number system in order to understand subnetting process. Binary number system is used by any computers based on their nature of "on" and "off" state. Unfortunately we humans are used to decimal number system, hence create a gap. This gap leads to some kind of confusion to those who are just learning networking and subnetting. But no worries! There is an easier way to understand subnetting with less theory and more practical approach. The key is to keep using decimal number system with binary number system in mind. Before we begin, you need to refresh your math on power. Following is an illustration. 2^0 = 1 2^1 = 2
= = = = = = =
Binary system number is based on power of two (2^n). This number system shows that you can only double the current number to have the next bigger number. This number system also shows that you can only halve the current number to have the previous number. The Binary system number hence introduces the concept of half-and-double size. To explore further, check out the following table. On the table, note that the next bigger number is always double the size of the current number. From different approach, the previous number is always half size of the current number. As you may see, there is no other way to have the next bigger number of the current number but to double size of current number. Similarly, there is no other way to have one smaller number of the current number but to halve size the current number. The interval between one number and the next or between one number and the previous is always based on the power of two. Keep in mind that this half-and-double size concept is the very basic of subnetting as you will later find out. 1 x2=2 2 x2=4 4 x2=8 8 x 2 = 16 16 x 2 = 32 32 x 2 = 64 64 x 2 = 128 128 x 2 = 256 | half the size | A | | | | | | | | V | double the size |
In terms of subnetting, 1 = /32 = 255.255.255.255 2 = /31 = 255.255.255.254 4 = /30 = 255.255.255.252 8 = /29 = 255.255.255.248 16 = /28 = 255.255.255.240 32 = /27 = 255.255.255.224 64 = /26 = 255.255.255.192 128 = /25 = 255.255.255.128 256 = /24 = 255.255.255.0 In terms of IP address quantity /32: /31: /30: /29: /28: /27: 2^0 2^1 2^2 2^3 2^4 2^5 = = = = = = 1 2 2 2 2 2 = x 1= x 2= x 4= x 8= x 16 = 1 IP address within the subnet 2 = 2 IP addresses within the subnet 4 = 4 IP addresses within the subnet 8 = 8 IP addresses within the subnet 16 = 16 IP addresses within the subnet 32 = 32 IP addresses within the subnet
of of of of of
= = = = =
2 2 2 2 2
/26: 2^6 = 2 of /27 = 2 x 32 = 64 = 64 IP addresses within the subnet /25: 2^7 = 2 of /26 = 2 x 64 = 128 = 128 IP addresses within the subnet /24: 2^8 = 2 of /25 = 2 x 128 = 256 = 256 IP addresses within the subnet Side Note: Some people refer the xxx.xxx.xxx.xxx notation as octet (8-based number system). There are four octets in the notation. To separate the octets, there are dots between them. I call them 4-tuple octet. For /24 to /32 subnets, the 1st three octets remain the same. The only octet that changes is the 4th octet (the last octet). Subnet Mask Subnetting always relates to something called Subnet Mask. Subnet Mask is the way an IP address represent which subnet it is under. To show you how a subnet mask looks like, let's review the previous table. 1 = /32 = 255.255.255.255 2 = /31 = 255.255.255.254 4 = /30 = 255.255.255.252 8 = /29 = 255.255.255.248 16 = /28 = 255.255.255.240 32 = /27 = 255.255.255.224 64 = /26 = 255.255.255.192 128 = /25 = 255.255.255.128 256 = /24 = 255.255.255.0 As mentioned, there are octets separated by dots that I called 4-tuple octet. This 4-tuple octet is commonly known as Subnet Mask. Another format of displaying subnet mask is by using CIDR (Classless InterDomain Routing) format. Where the 4-tuple octet format is shown on the above table rightmost column, the CIDR format is shown on the above table leftmost column. To clarify, check out following table. IP Address Quantity mask Within Subnet 1 2 4 8 16 32 64 128 256 CIDR format subnet mask (Prefix) /32 /31 /30 /29 /28 /27 /26 /25 /24 4-tuple octet format subnet
Later you will find out that CIDR format is based on the subnet mask binary format where the number behind the / represents how many bits are set to 1 (one) contiguously from the left. You will also learn this relationship between
subnet mask and IP address quantity within the subnet from the subnet mask binary format. As a note, the CIDR format subnet mask as shown is known as prefix. The higher the number, the prefix is called longer prefix. The lower the number, the prefix is called shorter prefix. As an illustration, a /26 is a shorter prefix than /28 but is a longer prefix than /24. Now let's see how a subnet mask determine the fitting in of an IP address into a subnet. Example #1 IP Address: 192.168.0.4 Subnet Mask: /31 (255.255.255.254) From the table above, /31 informs that there is a network that consists of two IP addresses; 192.168.0.4 and 192.168.0.5. The 192.168.0.4/31 is the 1st IP address of the network. Example #2 IP Address: 192.168.0.4 Subnet Mask: /30 (255.255.255.252) Refer to the table, /30 shows that there is a network that consists of four IP addresses; 192.168.0.4 to 192.168.0.7. The 192.168.0.4/30 is the 1st IP address of the network. Example #3 IP Address: 192.168.0.4 Subnet Mask: /29 (255.255.255.248) Using the above table, /29 reflects that there is a network that consists of eight IP addresses; 192.168.0.0 to 192.168.0.7. The 192.168.0.4/29 is the 5th IP address of the network. Example #4 IP Address: 192.168.0.4 Subnet Mask: /32 (255.255.255.255) Based on the above table, /32 points that there is a network that consists of a single IP address; 192.168.0.4. The 192.168.0.4/32 is the 1st and the last (the only) IP address of the network. What IP Address Represents in IP Network In general, an IP address represents a machine within certain IP network. This machine can be any machine that understand IP address such as PC, printer, server, router, firewall, X-Box, and Playstation. In networking term, such
machine is sometimes called a host. When a host (let's say Host A) in IP network needs to communicate with other host of some IP network (let's say Host B), then Host A uses its IP address to communicate with Host B. This communication is a two-way communication, meaning there should be a reply communication from Host B to A. Host B in this communication back to A also uses its IP address. What Subnet Mask Represents in IP Network In general, a Subnet Mask represents how large an IP network is. From subnet mask of specific IP address, you can tell the following * Number of IP address within the subnet * Number of IP address available for host * IP Address range of the subnet Later on, you can also tell the following from subnet mask of specific IP address * The first IP address within the subnet (called Network ID IP address) * The last IP address within the subnet (called Broadcast IP address) In terms of IP network communication between two hosts say Hosts A and B, A can tell if itself is within the same network as B or not just by checking itself IP address and subnet mask. On later discussion, you will see how this ability plays important part in IP network communication. Number of IP Address Within A Subnet By referring to the previous table, let's say you have the following * 192.168.0.0/32 Based on the above, you should be able to tell the following IP Address: 192.168.0.0 Subnet Mask: /32 (255.255.255.255) Number of IP address within the subnet: 1 Number of IP address available for host: 1 IP Address range: 192.168.0.0 When you have the following * 192.168.0.0/31 then you should be able to tell the following IP Address: 192.168.0.0 Subnet Mask: /31 (255.255.255.254) Number of IP address within the subnet: 2 Number of IP address available for host: 2 IP Address range: 192.168.0.0, 192.168.0.1 Similar result with the following * 192.168.0.0/29 IP Address: 192.168.0.0
Subnet Mask: /29 (255.255.255.248) Number of IP address within the subnet: 8 Number of IP address available for host: 8 IP Address range: 192.168.0.0, 192.168.0.1, ..., 192.168.0.6, 192.168.0.7 As a note that when the available IP address is implemented into machine or host, then there are the following understanding. The first example shows that the 192.168.0.0/32 network can hold single host with IP address of 192.168.0.0. The second example shows that 192.168.0.0/31 network can hold two hosts with IP address of either 192.168.0.0 or 192.168.0.1. The third example shows that 192.168.0.0/29 network can hold eight hosts with IP address of either 192.168.0.0, 192.168.0.1, ..., 192.168.0.6, or 192.168.0.7. For a list of host number certain network can hold, refer to the following /32: /31: /30: /29: /28: /27: /26: /25: /24: 1 IP address within the subnet = 1 host can exist within the subnet 2 IP addresses within the subnet = 2 hosts can exist within the subnet 4 IP addresses within the subnet = 4 hosts can exist within the subnet 8 IP addresses within the subnet = 8 hosts can exist within the subnet 16 IP addresses within the subnet = 16 hosts can exist within the subnet 32 IP addresses within the subnet = 32 hosts can exist within the subnet 64 IP addresses within the subnet = 64 hosts can exist within the subnet 128 IP addresses within the subnet = 128 hosts can exist within the subnet 256 IP addresses within the subnet = 256 hosts can exist within the subnet
The Size Doubling and Subnetting Referring to the previous examples, you may wonder how to create such table that shows specific IP address belongs to specific order number of a network or to determine the IP address range available for host by just looking at the subnet mask. Following is the break down. To describe, let's start with 192.168.0.0/24 network. Referring to the above host IP address availability table, note that 192.168.0.0/24 network consists of 256 IP addresses; from 192.168.0.0, 192.168.0.1, 192.168.0.2, ...., 192.168.0.254, to 192.168.0.255. In this following illustration, you can see the 192.168.0.0/24 as a long piece of wood where each end represents the 1st and the last IP addresses; 192.168.0.0/24 and 192.168.0.255/24 respectively. /24 +---------------------------------------------------------------------------------- ------ ------------+ | | +---------------------------------------------------------------------------------- ------ ------------+ A | 1st IP address (192.168.0.0/24) ( 192.168.0.255/24) A | Last IP address
When you break up a /24 network into two equal sub-networks, note that you
have two /25 networks. In other words, a /24 network is double the size of /25 network. Using the long piece of wood illustration, the long piece of wood of a /24 breaks into two pieces of equal size. Let's call the pieces as the 1st half and the 2nd half. Since the /24 network is 192.168.0.0/24, then the two /25 networks off the /24 network are 192.168.0.0/25 (1st half) and 192.168.0.128/25 (2nd half). The 1st half, 192.168.0.0/25 network, consists of 128 IP addresses; from 192.168.0.0, 192.168.0.1, ...., to 192.168.0.127. The 2nd half, 192.168.0.128/28, consists of also 128 IP addresses; from 192.168.0.128, 192.168.0.129, ...., to 192.168.0.255. Following is the illustration. /24 +---------------------------------------------------+ +---------------------------------- --------------+ | || | +---------------------------------------------------+ +---------------------------------- --------------+ 1st half (1st /25) 2nd half (2nd /25) A AA A | || | 1st IP address (192.168.0.0/25) || Last IP address ( 192.168.0.255/24) || Last IP address (192.168.0.127/25) 1st IP address (192.168.0.128/25) Similarly, breaks up a /25 network into two equal-size networks gives you two /26 networks. In other words, a /25 network is double the size of /26 network. Using the long piece of wood illustration, each piece of wood of a /25 breaks into two pieces of equal size. Therefore the original long piece of wood of a /24 now becomes four pieces of equal size. Let's call these four pieces as 1st, 2nd, 3rd, and 4th quarter respectively. You now have four /26 networks when you break up a /24 network into four equal-size networks. Each of the four /26 networks consists of 64 IP addresses. Since the /24 network is 192.168.0.0/24, then the four /26 networks off the /24 network are 192.168.0.0/26 (1st quarter), 192.168.0.64/25 (2nd quarter), 192.168.0.128/26 (3rd quarter), and 192.168.0.192/26 (last quarter). Following is the illustration. /24 +-----------------------+ +--------------------------+ +----------------------+ +-------- ---------------+ | || || || | +-----------------------+ +--------------------------+ +----------------------+ +-------- ---------------+ 1st /26 2nd /26 3rd /26 4 th /26 A AA AA AA A
| || || || | 1st IP address || Last IP address | Last IP address | Last IP address (192.168.0.0/26) || (192.168.0.127/26) | (192.168.0.191/26) | ( 192.168.0.255/26) || | | Last IP address 1st IP address 1st IP address 1st IP add ress (192.168.0.63/26) (192.168.0.64/26) (192.168.0.128/26) (192.168.0 .192/26) The same logic continues where /26 network is double the size of /27 network (or /27 network is half size of /26 network) and /31 network is double the size of /32 network (or /32 network is half size of /31 network). To sum up the understanding, following shows how larger subnet size correlates to smaller subnet size. /24 = 2 x /25 = 4 x /26 = 8 x /27 = 16 x /28 = 32 x /29 = 64 x /30 = 128 x /31 = 256 x /32 How did this half-and-double size concept come form? Let's review the previous table to find the answer. /32: /31: /30: /29: /28: /27: /26: /25: /24: 2^0 2^1 2^2 2^3 2^4 2^5 2^6 2^7 2^8 = = = = = = = = = 1 2 2 2 2 2 2 2 2 = 1 IP address within the subnet 1 = 2 = 2 IP addresses within the subnet 2 = 4 = 4 IP addresses within the subnet 4 = 8 = 8 IP addresses within the subnet 8 = 16 = 16 IP addresses within the subnet 16 = 32 = 32 IP addresses within the subnet 32 = 64 = 64 IP addresses within the subnet 64 = 128 = 128 IP addresses within the subnet 128 = 256 = 256 IP addresses within the subnet
of of of of of of of of
= = = = = = = =
2 2 2 2 2 2 2 2
x x x x x x x x
Note that the concept of half-and-double size is based on the binary system where you can only double the network size or break up the subnet into two equal size of smaller networks as shown on previous table. As mentioned earlier, the interval between one number and the next or between one number and the previous is always based on the power of two; which introduces the very basic of subnetting logic. Using the same logic as presented, let's recap. Subnetting /24 network into * * * * 2 equal network size makes 2 of /25 networks 4 equal network size makes 4 of /26 networks 8 equal network size makes 8 of /27 networks 256 equal network size makes 256 of /32 networks
When the /24 network is 192.168.0.0/24, then following are how the smaller subnets look like. The 4 /26 networks: 1. 192.168.0.0/26
IP Address: 192.168.0.0 Subnet Mask: /26 (255.255.255.192) Number of IP address within the subnet: 64 Number of IP address available for host: 64 IP Address range: 192.168.0.0, 192.168.0.1, ...., to 192.168.0.63 2. 192.168.0.64/26 IP Address: 192.168.0.64 Subnet Mask: /26 (255.255.255.192) Number of IP address within the subnet: 64 Number of IP address available for host: 64 IP Address range: 192.168.0.64, 192.168.0.65, ...., to 192.168.0.127 3. 192.168.0.128/26 IP Address: 192.168.0.128 Subnet Mask: /26 (255.255.255.192) Number of IP address within the subnet: 64 Number of IP address available for host: 64 IP Address range: 192.168.0.128, 192.168.0.129, ...., to 192.168.0.191 4. 192.168.0.192/26 IP Address: 192.168.0.192 Subnet Mask: /26 (255.255.255.192) Number of IP address within the subnet: 64 Number of IP address available for host: 64 IP Address range: 192.168.0.192, 192.168.0.193, ...., to 192.168.0.255 The 32 /29 networks 192.168.0.0 /29 = 192.168.0.0 - 192.168.0.7 192.168.0.8 /29 = 192.168.0.8 - 192.168.0.15 192.168.0.16 /29 = 192.168.0.16 - 192.168.0.23 . . . 192.168.0.240/29 = 192.168.0.240 - 192.168.0.247 192.168.0.248/29 = 192.168.0.248 - 192.168.0.255 If let's say you only need nine subnets off 192.168.0.0/24, then following are the considerations. * All subnets are in equal size * Subnet quantity are only in two-power form which are 2 (as of 2 x /25), 4 (as of 4 x /26), 8 (as of 8 x /27), 16 (as of 16 x /28), and so on * Nine is higher than 8 and is lower than 16 * To accommodate the nine subnets, then you can consider the 16 of the /28 subnet size * You could then take the 1st nine subnet out of the 16 subnets available * The nine subnets you take are 192.168.0.0/28, 192.168.0.16/28, 192.168.0.32/28, 192.168.0.48/28, 192.168.0.64/28, 192.168.0.80/28,
192.168.0.96/28, 192.168.0.112/28, and 192.168.0.128/28 Octet and Subnet Calculating As you may notice, IP address and subnet mask are presented in form of octet (the xxx.xxx.xxx.xxx). There are four octets on both IP address and subnet mask representation, where dots are used to separate one octet from another. In math, octet can be seen as "summary" of binary numbers. This is one of key in easy subnet calculation using decimal number system with binary number system in mind. Another key to such easy subnet calculation is utilizing the octet. Start working from the last octet and work up the one previous octet when necessary. In calculating IP address within /24 subnet or smaller for example, note that only the last octet is changing as mentioned previously. When you calculate subnet larger than /24, you will then consider the 3rd octet (and the rest) as necessary. Specifically with /25 or smaller subnet, you need to calculate starting from /24. In other words, you should see the /25 or smaller subnet as part of larger /24 network. Any /25 or smaller subnet calculation must refer to the larger /24 network, or in other word, must refer to the last octet. Here is illustration. Let's say you are given 192.168.0.67/28 network. You need to determine the following * range of IP addresses within the subnet * order number of 192.168.0.67 IP address within the subnet You start by seeing 192.168.0.67/28 as part of larger 192.168.0.0/24 network. In other words, you have to start calculating from 192.168.0.0 IP address (the 1st IP address) to create a list of smaller /28 networks off a larger /24 network. Referring to the previous table, /28 = 2^4 = 16 IP addresses. Therefore the 1st /28 should be the following 192.168.0.0 - 192.168.0.15
The remaining /28 network should be the following 192.168.0.16 - 192.168.0.31 192.168.0.32 - 192.168.0.47 192.168.0.48 - 192.168.0.63 192.168.0.64 - 192.168.0.79 192.168.0.80 - 192.168.0.95 192.168.0.96 - 192.168.0.111 192.168.0.112 - 192.168.0.127 192.168.0.128 - 192.168.0.143 192.168.0.144 - 192.168.0.159 192.168.0.160 - 192.168.0.175 192.168.0.176 - 192.168.0.191 192.168.0.192 - 192.168.0.207 192.168.0.208 - 192.168.0.223 192.168.0.224 - 192.168.0.239
192.168.0.240 - 192.168.0.255 which makes up the entire 192.168.0.0/24 network. By referring to the 1st IP address of each /28 subnet, you present those subnets as follow 192.168.0.0 - 192.168.0.15 = 192.168.0.0/28 192.168.0.16 - 192.168.0.31 = 192.168.0.16/28 192.168.0.32 - 192.168.0.47 = 192.168.0.32/28 192.168.0.48 - 192.168.0.63 = 192.168.0.48/28 192.168.0.64 - 192.168.0.79 = 192.168.0.64/28 192.168.0.80 - 192.168.0.95 = 192.168.0.80/28 192.168.0.96 - 192.168.0.111 = 192.168.0.96/28 192.168.0.112 - 192.168.0.127 = 192.168.0.112/28 192.168.0.128 - 192.168.0.143 = 192.168.0.128/28 192.168.0.144 - 192.168.0.159 = 192.168.0.144/28 192.168.0.160 - 192.168.0.175 = 192.168.0.160/28 192.168.0.176 - 192.168.0.191 = 192.168.0.176/28 192.168.0.192 - 192.168.0.207 = 192.168.0.192/28 192.168.0.208 - 192.168.0.223 = 192.168.0.208/28 192.168.0.224 - 192.168.0.239 = 192.168.0.224/28 192.168.0.240 - 192.168.0.255 = 192.168.0.240/28 Later on, you will learn that the 1st IP address as the reference is called Network ID. Recall the question of finding the IP address range of 192.168.0.67/28. Referring to the above table, you see that 192.168.0.67 is between 192.168.0.64 and 192.168.0.79 or within 192.168.0.64/28. Therefore the IP address range is 192.168.0.64 - 192.168.0.79, where the 192.168.0.67 is the 4th IP address. Note: Since there are 16 IP addresses within one subnet, you can add 16 to the 4th octet of 1st IP address of the subnet to find out the next 1st IP address of the next subnet; while the 1st three octets are constant. Illustration as follows. 1st Subnet: 192.168.0.0/28 Octet 1st.2nd.3rd.4th 192.168. 0 . 0 16 + ---16 Next Subnet: 192.168.0.16/28 2nd Subnet: 192.168.0.16/28 Octet 1st.2nd.3rd.4th 192.168. 0 .16 16
+ ---32 Next Subnet: 192.168.0.32/28 Later you will learn how to find such specific subnet quickly using some tips and tricks. Group of Multiple Single IP addresses or subnets Let's review the previous 192.168.0.0/28 network illustration. As noted, you can create a list of /28 networks to make up a larger 192.168.0.0/24 network. When you see such from the other way around, you have a concept of seeing a Class C network (full /24) as either groups of single IP addresses (256 of /32 subnets) or groups of smaller subnets. In the previous 192.168.0.0/28 network illustration, the 192.168.0.0/24 can be seen as groups of smaller /28 subnets (16 of /28 subnets). Following is a list of smaller subnet groups to make up the entire Class C network /24 = 2 x /25 = 256 x /32 /25 = 2 x /26 /26 = 2 x /27 /27 = 2 x /28 /28 = 2 x /29 /29 = 2 x /30 /30 = 2 x /31 /31 = 2 x /32 = 4 x /26 = 8 x /27 = 16 x /28 = 32 x /29 = 64 x /30 = 128 x /31 = = = = = = 4 4 4 4 4 4 x x x x x x /27 /28 /29 /30 /31 /32 = = = = = 8 8 8 8 8 x x x x x /28 /29 /30 /31 /32 = = = = 16 16 16 16 x x x x /29 = 32 x /30 = 64 x /31 = 128 x /32 /30 = 32 x /31 = 64 x /32 /31 = 32 x /32 /32
Supernetting As noted on previous discussion, you can create a list of /28 networks to make up a larger 192.168.0.0/24 network. When you combine the entire /28 networks, the result is the basically the same as the 192.168.0.0/24 network. Now let's say you have 32 of 192.168.0.x/29 networks. Note that 192.168.0.0/24 covers the same IP addresses as the 32 of 192.168.0.x/29 networks. When you present the 32 of 192.168.0.x/29 to the same device or audience, you have a choice to present them in the form of 192.168.0.0/24. When you present the 32 of 192.168.0.x/29 networks in the form of 192.168.0.0/24, you combine the whole 32 of 192.168.0.x/29 to become larger 192.168.0.0/24 network. This combining process is called supernetting. The result network is called supernet. Let's review another illustration. This time you have four /30 networks; 192.168.0.0/30, 192.168.0.4/30, 192.168.0.16/30, and 192.168.0.20/30. You then have the following IP address ranges 192.168.0.0/30 = 192.168.0.0 - 192.168.0.3 192.168.0.4/30 = 192.168.0.4 - 192.168.0.7
192.168.0.16/30 = 192.168.0.16 - 192.168.0.19 192.168.0.20/30 = 192.168.0.20 - 192.168.0.23 In simpler form, you have the following IP address ranges 192.168.0.0 - 192.168.0.7 = 192.168.0.0/29 192.168.0.16 - 192.168.0.23 = 192.168.0.16/29 You then have a choice to supernet the four /30 networks to become two larger /29 networks. Note that you cannot supernet the four /30 networks to become a single larger /27 network of 192.168.0.0/27. Following is the reason. 192.168.0.0/27 = 192.168.0.0 - 192.168.0.31 You don't have the following range 192.168.0.8 - 192.168.0.15 (= 192.168.0.8/29) 192.168.0.24 - 192.168.0.31 (= 192.168.0.24/29) Therefore to supernet the four /30 networks, you only have a choice to have two larger /29 networks. A good thing of supernetting is summary without losing details. In network device perspective, dealing with supernetting means conserving resources such memory and CPU utilization. Some discussions [HELP] Why use the no auto-summary command for EIGRP Broadcast Network A loose understanding of broadcast network is a network that consists of multiple IP addresses (multiple machines). Example of broadcast network are Ethernet and Token Ring network. Following is illustration. Ethernet Host A Host C Host E | | | +------+-------+-------+--------+ | | Host B Host D Token Ring Host A Host C | | +--------------+ | | Host B ---+ +--- Host D
| | +------+-------+ | Host E Since there are multiple IP addresses within the network, there must be a mechanism to properly select communication partner IP address when one IP address need to communicate with other IP address within the network. The mechanism is called broadcast. This broadcast mechanism requires the communication partner IP address (the Layer 3 info) or the communication partner MAC address (the Layer 2 info) before starting the mechanism. To find its communication partner within a broadcast network, one IP address broadcasts its communication partner IP address and expect to receive a reply from the partner with its MAC address. Once the IP address receives its communication partner MAC address, it starts to communicate with its partner using MAC address. Network ID and Network Broadcast IP Addresses In broadcast network, there is a need to send broadcast to find either IP address of specific MAC address, or to find MAC address of specific IP address. This process is called ARP (Address Resolution Protocol) or RARP (Reverse ARP). To broadcast, the network utilizes an IP address. This IP address is called broadcast IP address. In a subnet, usually the broadcast IP address is the last IP address. As example, the broadcast IP address of 192.168.0.0/29 subnet is the 192.168.0.7/29. In broadcast network, there is also a term called Network ID. Network ID is an IP address that is used to identify specific subnet. In a subnet, usually the network ID is the 1st IP address. As example, the network ID IP address of 192.168.0.8/29 subnet is the 192.168.0.8/29. Normally Network ID and Network Broadcast IP addresses are not allowed to be used by hosts in broadcast network since such IP addresses are reserved for ARP/RARP processes. When there is a special situation as you find out later on, the Network ID and Network Broadcast IP addresses could be usable by hosts. Subnet Zero; Network ID and Network Broadcast Subnets Let's review the previous 192.168.0.0/28 subnet table 192.168.0.0 192.168.0.16 192.168.0.32 192.168.0.48 192.168.0.64 - 192.168.0.15 - 192.168.0.31 - 192.168.0.47 - 192.168.0.63 - 192.168.0.79 = 192.168.0.0/28 = 192.168.0.16/28 = 192.168.0.32/28 = 192.168.0.48/28 = 192.168.0.64/28
192.168.0.80 - 192.168.0.95 = 192.168.0.80/28 192.168.0.96 - 192.168.0.111 = 192.168.0.96/28 192.168.0.112 - 192.168.0.127 = 192.168.0.112/28 192.168.0.128 - 192.168.0.143 = 192.168.0.128/28 192.168.0.144 - 192.168.0.159 = 192.168.0.144/28 192.168.0.160 - 192.168.0.175 = 192.168.0.160/28 192.168.0.176 - 192.168.0.191 = 192.168.0.176/28 192.168.0.192 - 192.168.0.207 = 192.168.0.192/28 192.168.0.208 - 192.168.0.223 = 192.168.0.208/28 192.168.0.224 - 192.168.0.239 = 192.168.0.224/28 192.168.0.240 - 192.168.0.255 = 192.168.0.240/28 Similar to the concept of Network ID and Network Broadcast IP addresses, Network ID subnet is the 1st subnet and Network Broadcast subnet is the last subnet. On the previous table, Network ID Subnet : 192.168.0.0/28 (also called Subnet Zero) Network Broadcast Subnet: 192.168.0.240/28 As a note, Subnet Zero itself refers to the subnet of all 0 and/or subnet of all 1 in binary system perspective. In other words, Subnet Zero refers to the Network ID (the all 0) and Network Broadcast (the all 1) subnets. In the beginning of subnetting technology, using Network ID (or Subnet Zero) and Network Broadcast subnets are not allowed with similar reason of not allowing Network ID and Network Broadcast IP address usages. With newer technology, it is now permitable to use the Network ID and Network Broadcast subnets for host IP address assignments. On today's network, most network are Subnet Zero applicable. When you have to assign IP addresses and/or subnet on today's network, most of the time Subnet Zero usage is assumed. However it is always a good idea to confirm if Subnet Zero is permitable to use or not on specific network. Broadcast and Point-to-Point Networks Network ID and broadcast IP addresses usually exist in broadcast network. As mentioned earlier, network ID and broadcast IP addresses are used to find IP address within the broadcast network to be able to have one IP address to communicate to the IP address in question. Beside a broadcast network, there is also a point-to-point network. Unlike broadcast network where there are multiple IP addresses, point-to-point network only consists of two IP addresses. Here is an illustration Broadcast Network Host A Host C Host E | | | +------+-------+-------+--------+ | | Host B Host D
Point-to-Point Network Host A ------- Host B In a point-to-point network, there should be no need to use network ID and broadcast IP addresses. When one IP address needs to communicate with other IP address, the one IP address no need to select its communication partner. Since there are only two IP addresses in the network, the other IP address must be the one that needs to be communicated with. Note that when someone says broadcast network, the person usually means that the network consists of more than two IP addresses. It is possible however to have broadcast network consisting of only two IP addresses. If a broadcast network only consists of two IP addresses, it is basically point-to-point network. When you have a broadcast network that consists only two IP addresses, you then have a choice to keep it as broadcast network or convert it to a point-topoint network. Following is an illustration. Let's say we have 192.168.0.0/30 network. The network is a broadcast network. The network ID is 192.168.0.0/30 and network broadcast is 192.168.0.3/30. In a broadcast network, the actual IP addresses that can be the host's IP addresses are the remaining after IP addresses reserved for network ID and network broadcast. In 192.168.0.0/30 network, the available IP addresses that can be the host's IP addresses are 192.168.0.1 and 192.168.0.2. Here is the breakdown 192.168.0.0/30 IP Address : 192.168.0.0 Subnet Mask : /30 (255.255.255.252) Number of IP address within the subnet : 4 Number of IP address available for host: 2 IP Address range : 192.168.0.0 - 192.168.0.3 Network ID : 192.168.0.0 Network Broadcast : 192.168.0.3 IP Address range for host : 192.168.0.1, 192.168.0.2 As you can see, there are only two actual IP addresses within 192.168.0.0/30; the 192.168.0.1 and 192.168.0.2. Therefore this broadcast network is somewhat point-to-point network. You then have an option to convert the network to be point-to-point network. Should you decide to convert, then you can subnet 192.168.0.0/30 into two /31 networks; one is 192.168.0.0/31 and another is 192.168.0.2/31. You can use 192.168.0.0/31 for these two hosts to communicate with each other. You can then keep the 192.168.0.2/31 for future use should you have more point-to-point network. Here is the breakdown
* Subnet 192.168.0.0/30 into 2 equal network size makes 2 of /31 networks 1. 192.168.0.0/31 = 192.168.0.0, 192.168.0.1 2. 192.168.0.2/31 = 192.168.0.2, 192.168.0.3 * Use 192.168.0.0/31 and keep 192.168.0.2/31 for future use * Convert hosts' interface to be point-to-point network member from broadcast network member * Assign 192.168.0.0 with /31 subnet mask to one host and assign 192.168.0.1 with /31 subnet mask to another host Subnetting from Binary-Number System Perspective * Wildcard Let's review the following tables Subnet mask in their octet and binary form OCTET 1st.2nd.3rd.4th 1st . 2nd /24: /25: /26: /27: /28: /29: /30: /31: /32:
. 3rd
. 4th
255.255.255.0 = 11111111.11111111.11111111.00000000 255.255.255.128 = 11111111.11111111.11111111.10000000 255.255.255.192 = 11111111.11111111.11111111.11000000 255.255.255.224 = 11111111.11111111.11111111.11100000 255.255.255.240 = 11111111.11111111.11111111.11110000 255.255.255.248 = 11111111.11111111.11111111.11111000 255.255.255.252 = 11111111.11111111.11111111.11111100 255.255.255.254 = 11111111.11111111.11111111.11111110 255.255.255.255 = 11111111.11111111.11111111.11111111
Host quantity available within specific subnet /32: /31: /30: /29: /28: /27: /26: /25: /24: 1 IP address within the subnet = 1 host can exist within the subnet 2 IP addresses within the subnet = 2 hosts can exist within the subnet 4 IP addresses within the subnet = 4 hosts can exist within the subnet 8 IP addresses within the subnet = 8 hosts can exist within the subnet 16 IP addresses within the subnet = 16 hosts can exist within the subnet 32 IP addresses within the subnet = 32 hosts can exist within the subnet 64 IP addresses within the subnet = 64 hosts can exist within the subnet 128 IP addresses within the subnet = 128 hosts can exist within the subnet 256 IP addresses within the subnet = 256 hosts can exist within the subnet
As illustration, let's review 192.168.0.0 subnetting process and host quantity availability within as follows Subnet IP Address available within the subnet 192.168.0.0/32: 192.168.0.0 192.168.0.0/31: 192.168.0.0, 192.168.0.1 192.168.0.0/30: 192.168.0.0, 192.168.0.1, ..., 192.168.0.3
You may notice that the IP Address available within the subnet are within the range of its 0 (zero) bit of the binary form. In other words, the 0 (zero) bit of the binary form (or the last octect of the 4-tuple octet format) represents a set of possible number of the last octet of the subnet. Following is the illustration. 192.168.0.0 subnetting process OCTET subnet 1st.2nd.3rd.4th 1st . 2nd IP Address available within the . 3rd . 4th
/24: 255.255.255.0 = 11111111.11111111.11111111.00000000 = 192.168.0.0, 192.168.0.1, ... , 192.168.0.254 /25: 255.255.255.128 = 11111111.11111111.11111111.10000000 = 192.168.0.0, 192.168.0.1, ... , 192.168.0.127 /26: 255.255.255.192 = 11111111.11111111.11111111.11000000 = 192.168.0.0, 192.168.0.1, ... , 192.168.0.63 /27: 255.255.255.224 = 11111111.11111111.11111111.11100000 = 192.168.0.0, 192.168.0.1, ... , 192.168.0.31 /28: 255.255.255.240 = 11111111.11111111.11111111.11110000 = 192.168.0.0, 192.168.0.1, ... , 192.168.0.15 /29: 255.255.255.248 = 11111111.11111111.11111111.11111000 = 192.168.0.0, 192.168.0.1, ... , 192.168.0.7 /30: 255.255.255.252 = 11111111.11111111.11111111.11111100 = 192.168.0.0, 192.168.0.1, ... , 192.168.0.3 /31: 255.255.255.254 = 11111111.11111111.11111111.11111110 = 192.168.0.0, 192.168.0.1 /32: 255.255.255.255 = 11111111.11111111.11111111.11111111 = 192.168.0.0 With similar understanding, the 1 (one) bit of the binary form represents a set of "fixed" number while the 0 (zero) bit represents a set of "changing" number. From the 4-tuple octet format perspective, the first three octets are "fixed" while the last octet "changes". This "changing" number as mentioned can be any number, depending on how large the subnet is. As illustration, the changing number can be ranging from 0 to 127 when the subnet is /25 size; and the changing number can be ranging from 0 to 31 when the subnet is /27 size. Since this "changing" number varies (could be any number), often the changing number is called wildcard. Note that this understanding of wildcard is essential when you delve into Wildcard Subnet Mask as discussed in the following FAQ. Cisco Forum FAQ Quick and Easy Wildcard (Inverse) Subnet Mask Some Tips and Tricks 1. Quickly Convert CIDR Format To Dotted 4-Tuple Octet Format
Let's review the following CIDR and dotted 4-tuple octet format comparison /32 /31 /30 /29 /28 /27 /26 /25 /24 = = = = = = = = = 255.255.255.255 255.255.255.254 255.255.255.252 255.255.255.248 255.255.255.240 255.255.255.224 255.255.255.192 255.255.255.128 255.255.255.0
As mentioned, the 1st three octet in the dotted 4-tuple always stays the same in /24 and longer prefix. In other word, only the last octet changes. Also mentioned, there is only one IP address within /32 CIDR. The next bigger subnet size is always double of the current subnet size. In other words, there are two IP addresses within /31 CIDR (double of 1 in /32 CIDR). Following is the table 1 IP address = 1 = /32 = 255.255.255.255 2 IP addresses = 1 x 2 = /31 = 255.255.255.254 4 IP addresses = 2 x 2 = /30 = 255.255.255.252 8 IP addresses = 4 x 2 = /29 = 255.255.255.248 16 IP addresses = 8 x 2 = /28 = 255.255.255.240 32 IP addresses = 16 x 2 = /27 = 255.255.255.224 64 IP addresses = 32 x 2 = /26 = 255.255.255.192 128 IP addresses = 64 x 2 = /25 = 255.255.255.128 256 IP addresses = 128 x 2 = /24 = 255.255.255.0 Now let's only consider the last octet on the dotted 4-tuple format. Also keep in mind the IP address amount availability within each subnet. Note the change on the last octet in the following table /32: /31: /30: /29: /28: /27: /26: /25: /24: 255 - 0 = 255 255 - 1 = 254 254 - 2 = 252 252 - 4 = 248 248 - 8 = 240 240 - 16 = 224 224 - 32 = 192 192 - 64 = 128 128 - 128 = 0
The subtraction result is always the last octet next number. You can apply this to convert CIDR format to dotted 4-tuple format quickly. Let's say you have /26 CIDR subnet mask and you need to know how the subnet mask looks like in the dotted 4-tuple format. Start with the longest prefix, which /32 CIDR. Here are the key points. * The /32 always match with 255 of the last octet on the dotted 4-tuple
* To convert /24 CIDR or longer prefix to the dotted 4-tuple, only consider the last octet * In /24 CIDR or longer prefix (within Class C), the 1st three are octet always the same; which is 255 * /32 only has one IP address * The next bigger subnet has always double size of current subnet Using these knowledge, you can start creating your own build-up table as follows. /32 CIDR: 255 (the current last octet) - previous number of IP (= 0 IP address) = 255 (the new current last octet) /31 CIDR: 255 (the current last octet) - previous number of IP (= 1 IP address) = 254 (the new current last octet) /30 CIDR: 254 (the current last octet) - previous number of IP = (1 x 2) IP addresses) = 252 (the new current last octet) /29 CIDR: 252 (the current last octet) - previous number of IP = (2 x 2) IP addresses) = 248 (the new current last octet) /28 CIDR: 248 (the current last octet) - previous number of IP = (4 x 2) IP addresses) = 240 (the new current last octet) /27 CIDR: 240 (the current last octet) - previous number of IP = (8 x 2) IP addresses) = 224 (the new current last octet) /26 CIDR: 224 (the current last octet) - previous number of IP (16 x 2) IP addresses) = 192 (the new current last octet) address address address (= 2 address (= 4 address (= 8 address (= 16 address (= 32 =
Referring to the build-up table, you know now that /26 CIDR is equal xxx.xxx.xxx.192 Since the 1st three octet are always 255; then the dotted 4-tuple format equivalent to /26 CIDR is 255.255.255.192 2. Quickly Find How Many IP Address Within Specific Subnet For the next tip, let's review the following. Say you have 255.255.255.224 subnet mask and you need to know how many IP addresses within the subnet. You may notice that in dotted 4-tuple format, the 255 is the last number within 256 range; where 0 (zero) is the 1st number. As a note, the 256 range is based on 8-bit system; hence it is called octet (the 8-bit numbering system). Let's review the following table CIDR The range Last octet on Number of IP address within octet the 4-tuple within the subnet /32: 256 255 = 1 /31: 256 254 = 2 /30: 256 252 = 4 /29: 256 248 = 8 /28: 256 240 = 16 /27: 256 224 = 32 /26: 256 192 = 64 /25: 256 128 = 128 /24: 256 0 = 256 Referring to the table, you know now that there are 32 IP addresses within the 255.255.255.224 subnet mask.
3. Reverse Bit Correlation Between Subnet Mask and Number of IP Address Let's review the previous table. Note that the sum between the octet and number of IP address is always equal to 256, which is the range within octet. In the binary format, this is seen as a reverse correlation between subnet mask and IP address number. In other words, the subnet mask is always the reverse bit of the IP address number from binary format perspective. Following is an illustration. Say you have a full Class C network. You like to subnet the network into /29 CIDR network. You like to know how many /29 subnet will be and how many IP addresses within each /29 subnet. The full Class C network is /24 CIDR (255.255.255.0). To subnet the /24 into /29, the last octet will change while the 1st three octets are constant. Let's focus on the last octet. Keep in mind that octet is an 8-bit binary. In binary format, this is how subnet mask looks like OCTET 1st.2nd.3rd.4th 1st . 2nd /24: /25: /26: /27: /28: /29: /30: /31: /32:
. 3rd
. 4th
255.255.255.0 = 11111111.11111111.11111111.00000000 255.255.255.128 = 11111111.11111111.11111111.10000000 255.255.255.192 = 11111111.11111111.11111111.11000000 255.255.255.224 = 11111111.11111111.11111111.11100000 255.255.255.240 = 11111111.11111111.11111111.11110000 255.255.255.248 = 11111111.11111111.11111111.11111000 255.255.255.252 = 11111111.11111111.11111111.11111100 255.255.255.254 = 11111111.11111111.11111111.11111110 255.255.255.255 = 11111111.11111111.11111111.11111111
From the table, you can see that the 1st 24 bit are set to 1 (one) and the remaining bit are set to 0 (zero) on /24 CIDR. On the /29, the 1st 29 bit are set to 1 and the remaining bit are set to 0. As you may realize, the set-to-one bits are the basis of CIDR format since the number behind the / shows how many contiguous bits are set to 1 (one) from the left. Let's take the last octet (the last 8-bit) of the /29 CIDR 11111000 The reverse bit is 00000111 As you may notice, 11111000 = 1 x 2^7 + 1 x 2^6 + 1 x 2^5 + 1 x 2^4 + 1 x 2^3 + 0 x 2^2 + 0 x 2^1 + 0 x 2^0 = 128 + 64 + 32 + 16 +8 +0 +0 +0 = 248
00000111 = 0 x 2^7 + 0 x 2^6 + 0 x 2^5 + 0 x 2^4 + 0 x 2^3 + 1 x 2^2 + 1 x 2^1 + 1 x 2^0 =8 The 248 represents the last octet of the /29 subnet mask and the 8 represents the number of IP addresses within the /29 subnet. Since you are subnetting /24 into /29, then you only consider the last octet. From the last octet perspective, the 1st five bits are set to 1. As mentioned, the set-toone bits represents the subnet mask and the set-to-zero bits represents the IP address number within the subnet. To find out the subnet mask quantity from the last octet perspective, * take the number of bits that are set to 1; which is five * take this five as the power of 2 as 2^5 * 2^5 = 32 This 32 represents the quantity of /29 subnet that you will have when you subnet /24 network into /29 network. To find out the IP address quantity within each /29 subnet from the last octet perspective, * take the number of bits that are set to 0; which is three * take this three as the power of 2 as 2^3 * 2^3 = 8 This 8 represents the quantity of IP address that you will have within each /29 subnet. Note: This subnet mask reverse bit is the foundation of wildcard (inverse subnet mask) understanding. Check out following FAQ for further info. Cisco Forum FAQ Quick and Easy Wildcard (Inverse) Subnet Mask When you deal with broadcast network, then you must reserve one IP address (the 1st one, the all zero) for Network ID and reserve another IP address (the last one, the all one) for Network Broadcast. With the /29 subnet, then there are 6 usable IP addresses (8 - 1 for Network ID - 1 for Network Broadcast) for hosts. There is a similar situation with the subnet quantity. Note that so far the assumption is that you can use Subnet Zero, which are the 1st (the all zero, Network ID) and last (the all one, Network Broadcast) subnets. When you cannot use Subnet Zero, then there are only 30 usable subnets (32 - 1 for Network ID 1 for Network Broadcast) for hosts when you subnet /24 into /29 network. 4. Quickly Determine Specific Subnet Range Let's review the previous illustration of subnetting /24 into /29 network. This time you like to see what the 23rd subnet looks like or what the 23rd subnet range is when the /24 network is 192.168.100.0 network.
Since this is subnetting /24 into longer prefix, you only need to focus on the last octet; where the 1st three octet are constant. To quickly determine the subnet range is, you can use the following formula to determine the last octet of the Network ID number (the 1st number within the last octet). Last Octet Network ID number of the n-th subnet = (n - 1) x Number of IP addresses within the subnet Once you have the Network ID number, you can add that number by (Number of IP addresses within the subnet - 1) to have the Broadcast ID number (the last number within the last octet). At this point, you should have the 1st and the last number within the last octet. In other words, you now have the subnet range which shows you the 1st and the last IP addresses. Following is the illustration with the 192.168.100.0/24 subnetting into /29 networks. As mentioned, there are 8 IP addresses within /29 network. Since you like to know what the 23rd subnet range is, then the n = 23. To find out the last octet Network ID number, (23 - 1) x 8 = 176 To find out the last octet Network Broadcast number, 176 + (8 - 1) = 183 Therefore the 23rd /29 subnet range is 192.168.100.176 - 192.168.100.183 = 192.168.100.176/29 where Network ID IP address = 192.168.100.176 Network Broadcast IP address = 192.168.100.183 Usable IP addresses = 192.168.100.177, 192.168.100.178, 192.168.100.179, 192.168.100.180, 192.168.100.181, 192.168.100.182 As you may notice, the (n - 1) part shows that the formula assumes you use Subnet Zero. The formula is therefore alterable easily when Subnet Zero is not in use. 5. Convert Dotted 4-Tuple Subnet Mask Format Into CIDR Format Let's say you have 255.255.255.192 subnet mask. You like to know how the
subnet mask looks in CIDR format. As mentioned, CIDR format is based on the binary format. Therefore you need to use binary to convert. Don't worry! As usual, there is always use of minimal binary calculation :) Following are the steps when deals with /24 subnetting: * Determine IP address quantity within the subnet * Find out n where 2^n = IP address quantity within the subnet * Subtract 8 by n * Take the subtraction result as additional set-to-one bits to the 1st 24 bits set to one * Add the total number of bits set to one * This total number represents the CIDR format Let's use an illustration to convert the 255.255.255.192 into CIDR format. When you build up your own table (or memorize it), you know there are 64 IP addresses within 255.255.255.192 subnet mask. Find out n where 2^n = 64 By simple calculation (and probably some trial and error), you find that n = 6 Recall the previous discussion that the n = 6 represents the six set-to-zero bits within the last octet. Since there are only 8 bits within a single octet, the set-toone bit quantity within the last octet are two. In other word, subtract 8 by 6 to have 2. From the same discussion, recall that 255.255.255.0 network has the 1st 24 bits set to one where the remaining 8 bits are set to zero. In 255.255.255.192, there are additional 2 set-to-one bits within the last octet as you earlier find out. Therefore 255.255.255.192 network has the 1st 26 bits set to one (24 + additional 2) where the remaining 6 bits are set to zero. Since CIDR format bases on the 1st set-to-one bits, the 255.255.255.192 subnet mask is equal to /26 CIDR. Subnetting and Network Design The simpler approach on how to be more familiar with subnetting is probably by doing a network design. There will be three network design processes presented here to illustrate subnetting concept and implementation further. In representing the network design, there are terms and definitions used as follow. * Internet Internet is loosely definied as network outside of local and/or private network. * IP Network IP Network is a network that is based on IP addresses and subnets.
* Same Network Same Network is a network that is shared between multiple hosts. These hosts reside within the same range of network. In other words, all host share the same Network ID and Broadcast IP addresses. As example, a network of 192.168.0.0/25 that hosts multiple machines with the same Network ID IP address of 192.168.0.0 and Broadcast IP address of 192.168.0.127 * Different Network Different Network is a network that has a different Network ID and different Broadcast IP addresses than other IP network. As example, there are two networks of 192.168.0.0/25 and 192.168.0.128/30 where the first network has Network ID IP address of 192.168.0.0 and Broadcast IP address of 192.168.0.127 and the second network has Network ID IP address of 192.168.0.128 and Broadcast IP address of 192.168.0.131 * Router Router is pretty much a host with special functionality. This special functionality is to provide interconnection between hosts of multiple subnets. Therefore a router is a network device that interconnect multiple subnets for communication purposes between hosts in different subnets. Since router deals with subnet interconnection, it is seen as Layer-3 network device. In later illustration, you will see that IP network interconnection is needed when hosts in different network need to communicate between each other. Router provides this IP network interconnection mechanism. * (Router) Interface Router Interfaces or simply Interface is a router port that serve as entry and/or exit point to interconnect multiple subnets. When this Interface has IP address, the IP address is seen as an IP address of a host within specific subnet. From multiple subnet interconnection perspective, you will see that this IP address serves as next hop to reach destination subnet or subnet outside local subnet. Since the IP address serves as next hop to reach subnet outside local subnet, it can be used as default gateway to reach those outside subnets. * Switch Switch is a network device that connect hosts within the same network. Since switch deals only with host connection of the same network, it is seen as Layer-2 network device and does not by default deals with Layer-3 info such as IP address and subnet mask. In later illustration, you will see that IP network interconnection is not needed when hosts in the same network need to communicate between each other. Instead, the hosts just use Layer-2 communication mechanism which is the MAC address as described briefly in Network ID and Network Broadcast IP Addresses previous discussion. Confused about those terms and definitions? Don't worry. Keep reading and slowly but surely those terms and definitions come in to your understanding naturally. :) Network Design #1 Let's say you have the following situation. There are three different departments
that need access within each other and the Internet. Each department has currently 10 hosts total in form of 7 PC, 2 servers, and 1 printer. To setup the network, you are supplied with one router with 4 interfaces and three switches. Following is the network setup. Internet | | Router ||| +--------------------------+ | +-------------------------+ | | | Switch #1 Switch #2 Switch #3 | | | | | | | | | PC | Printer PC | Printer PC | Printer Server Server Server where each switch is dedicated for each department. Let's say you are given a Class C subnet of 192.168.0.0/24 to support the entire network. Since there are multiple hosts within the entire organization, the network type choice is a broadcast network. It is also decided that each department would have independent subnet. To interconnect departments and to allow Internet access, there will be IP routing mechanism for subnet inter-communication. Referring to the host IP address availability table, the closest subnets for 10 hosts are /29 and /28. /29 subnet size is 8, which won't fit 10 hosts. For 10 hosts, the smallest subnet size that fit would then be the /28. In /28, there are 16 IP addresses. Assuming two IP addresses are already reserved as the network ID and broadcast addresses, then there are 14 remaining IP addresses for host. Since there are 10 hosts for each department, then there would be dedicated /28 subnet for one of each. You can then assign the following subnet for each department 1st Department: 192.168.0.0/28 (192.168.0.1 - 192.168.0.14) 2nd Department: 192.168.0.16/28 (192.168.0.17 - 192.168.0.30) 3rd Department: 192.168.0.32/28 (192.168.0.33 - 192.168.0.46) Note that this process of determining subnet mask of certain network to fit specific need of certain number of host within the network is called VariableLength Subnet Masking (VLSM). By subnetting a larger network into smaller networks with certain host size the network can hold, there should be minimal to no waste of IP address use. As in any network, there is no point of creating VLSM to reserve IP address use without some kind of mechanism to provide communication between these smaller-size networks. In other words, there must be some (IP) routing in place
for inter-communication between networks or between device in different network such as inter-communication between devices in 1st, 2nd, and 3rd departments. In routing technology, there is a network device that act as a gateway to reach outside network. In other words, this gateway device should be able to handle traffic routing between networks. The perfect device to handle the routing is the router. Therefore the router should handle the gateway IP address. Since each subnet has its own gateway IP address, then each subnet requires dedicated router interface to handle gateway business. Note that there are four networks that need to intercommunicate. The 1st three networks are the 1st, 2nd, and 3rd Departments (192.168.0.0/28, 192.168.0.16/28, and 192.168.0.32/28 respectively). The last network is the Internet. Each of these networks requires dedicated router interface to act as the gateway to handle gateway business of reaching outside network. This gateway in IP network shows as just another host within certain network. Therefore there would be one IP address from each above subnet reserved for the gateway. Let's say then 1st Department gateway IP address: 192.168.0.14/28 2nd Department gateway IP address: 192.168.0.17/28 3rd Department gateway IP address: 192.168.0.37/28 Now each subnet has 13 IP addresses available remaining. These should be available for all hosts within each department. 1st Department host IP addresses: 192.168.0.1 - 192.168.0.13 2nd Department host IP addresses: 192.168.0.18 - 192.168.0.30 3rd Department host IP addresses: 192.168.0.33 - 192.168.0.36, 192.168.0.38 192.168.0.46 As mentioned, there is only one router for the entire organization network. Fortunately, this router has 4 different interfaces with routing capabilities. You can then have each router interface to handle gateway IP address of each department and to reach the Internet. Let's say Switch #1 is dedicated for 1st Department, Switch #2 is dedicated for 2nd Department, and Switch #3 is dedicated for 3rd Department. Therefore the following applies to all hosts that connect to the respective switch. Switch #1: IP address range: 192.168.0.1 - 192.168.0.14 Subnet Mask: /28 (or 255.255.255.240) Gateway: 192.168.0.14 Switch #2: IP address range: 192.168.0.17 - 192.168.0.30 Subnet Mask: /28 (or 255.255.255.240) Gateway: 192.168.0.17 Switch #3:
IP address range: 192.168.0.33 - 192.168.0.46 Subnet Mask: /28 (or 255.255.255.240) Gateway: 192.168.0.37 Let's take closer look to 1st Department's hosts. One host will have the following. 192.168.0.2/28 Here is the detail subnet info IP Address : 192.168.0.2 Subnet Mask : /28 (255.255.255.240) Number of IP address within the subnet : 16 Number of IP address available for host: 14 IP Address range : 192.168.0.0 - 192.168.0.15 Network ID : 192.168.0.0 Network Broadcast : 192.168.0.15 IP Address range for host : 192.168.0.1 - 192.168.0.14 Gateway IP Address of the subnet : 192.168.0.14 IP Address range available : 192.168.0.1 - 192.168.0.13 The table leads to these understanding * 192.168.0.0 is reserved for Network ID * 192.168.0.15 is reserved for Network Broadcast * 192.168.0.14 is reserved for gateway (the router, or to be precise; the router interface that acts as gateway dedicated for hosts within 192.168.0.0/28 to reach outside network such as the other 192.168.0.x hosts and the Internet) * 192.168.0.1 - 192.168.0.13 range is available for the PCs, servers, printers, and any network device within the 1st Department that need network connectivity * When you set network info on (let's say) a server, the server network info would be the following IP Address: 192.168.0.2 (or any IP address within 192.168.0.1 - 192.168.0.13 range) Subnet Mask: /28 (255.255.255.240) Gateway: 192.168.0.14 (pointing to the router) Similar situation applies to other hosts within 2nd and 3rd Departments. 2nd Department 192.168.0.28/28 IP Address : 192.168.0.28 Subnet Mask : /28 (255.255.255.240) Number of IP address within the subnet : 16 Number of IP address available for host: 14
IP Address range : 192.168.0.16 - 192.168.0.31 Network ID : 192.168.0.16 Network Broadcast : 192.168.0.31 IP Address range for host : 192.168.0.17 - 192.168.0.30 Gateway IP Address of the subnet : 192.168.0.17 IP Address range available : 192.168.0.18 - 192.168.0.30 3rd Department 192.168.0.41/28 IP Address : 192.168.0.41 Subnet Mask : /28 (255.255.255.240) Number of IP address within the subnet : 16 Number of IP address available for host: 14 IP Address range : 192.168.0.32 - 192.168.0.47 Network ID : 192.168.0.32 Network Broadcast : 192.168.0.47 IP Address range for host : 192.168.0.33 - 192.168.0.46 Gateway IP Address of the subnet : 192.168.0.37 IP Address range available : 192.168.0.33 - 192.168.0.36, 192.168.0.38 - 192.168.0.46 The router will have the following IP address assignment. 1st interface IP Address: 192.168.0.14 Subnet Mask: 255.255.255.240 2nd interface IP Address: 192.168.0.17 Subnet Mask: 255.255.255.240 3rd interface IP Address: 192.168.0.37 Subnet Mask: 255.255.255.240 where the router's 1st interface will act as the gateway of the 1st Department's hosts, 2nd interface will act as the gateway of the 2nd Department's hosts, and 3rd interface will act as the gateway of the 3rd Department's hosts respectively. As mentioned, hosts within all department need to reach other hosts that reside at outside world (i.e. the Internet). These outside world hosts do not reside within 192.168.0.0/28, 192.168.0.16/28, and 192.168.0.32/28. To connect to the outside world, the router must have ability to reach subnets that are not within 192.168.0.0/28, 192.168.0.16/28, and 192.168.0.32/28. To set the router to have such ability, there are multiple ways. One way is to define each and every subnet available within the outside world. When the router is running BGP peering with ISP and receive full BGP table, the router then has all of these outside world subnets defined. Another way to set the router is to define the gateway. As mentioned, the gateway should be device that has ability to do routing. In addition, this device
must have knowledge on how to reach those outside subnets. The perfect choice is the ISP device that the router connects to. For this connection, the router is utilizing the 4th interface. You should assign the router's 4th interface IP address and subnet based on the network info your ISP provides. The router's 4th interface then will serve the entire organization network connectivity to the outside world. Should you choose to set gateway to reach outside world, you then use the ISP device IP address. On the ISP network info, this device IP address is usually mentioned as gateway or default gateway. In Cisco router, the command to set gateway is the following ip route 0.0.0.0 0.0.0.0 [ISP DEVICE IP ADDRESS] The command basically informs the router that to reach subnets that are unknown or undefined, use the ISP device as the next hop. FYI, gateway or default gateway term is sometime referred as "the gateway of last resort" since it will be used only to reach unknown or undefined subnets. Some discussions Break /25 into small and large subnet? Subnetting question Network Design #2 After some assessment, it is predicted that 1st Department host number would be triple within 2 years. 2nd Department host number is predicted would be double also within 2 years. 3rd Department host number remains the same after 2 years. In addition, there are additional two departments. Let's say these two departments are called 4th and 5th Departments. The 4th Department host number will be five. The 5th Department host number will be three. There will be plan to host three new servers that are accessible from the Internet. To simplify administration, the existing servers and printers will be moved and kept under the same area as the new servers. Let's call this area "server farm". To provide network security (i.e. to protect the Internet-accessible servers), there will be dedicated firewall box facing the Internet. Since you are using Private IP Address (192.168.0.0/24), there will be plan to use this firewall box also as NAT/PAT device. Side Note Check out the following FAQ for more info on NAT/PAT Cisco Forum FAQ NAT, PAT, Port Forward, Internet and Server Access: Introduction and Practices
To support this new setup, you are provided with the following new equipments * * * * One 2-interface firewall box Two 4-interface router One 2-interface router Four switches
The following is the new network setup. Internet | | Firewall | | Router 4 | | Switch | | | +----------------+ | +-------------------+ | | | Router 1 Router 2 Router 3 | | | | | | 1st | 3rd | 4th 5th 2nd Switch ||| +---+---+--------------------+-+-+-+-+--------------------+---+---+ | | | | | | | | | Server | Server Server | Server Printer | Printer Server Server Printer Existing Internet-accessible
Note that there are multiple network types with this new network design. Network of Router 1, 1st Dept., 2nd Dept., and 3rd Dept. is a broadcast network. Broadcast network type also applies to Router 2 and Server Farm network; Router 3, 4th Dept., and 5th Dept. network; and lastly the Router 1, Router 2, Router 3, and Router 4 network. However network type of Firewall and Router 4 network is point-to-point network. In this case, we had hardware and/or media type restriction that is unable to function as point-to-point network. Therefore the network type used would be still broadcast network, only that it consists of two useable IP addresses (somewhat point-to-point network). Based on this, we can keep using the existing router (that serves 1st, 2nd, and 3rd Dept.) as Router 1. The two new 4-interface routers will be Router 2 and Router 3 respectively. The 2-interface router will then be Router 4. To start, let's recalculate the assigned subnets for each department. 1st Dept. : /27 subnet to cover 30 hosts
2nd Dept. : /27 subnet to cover 20 hosts 3rd Dept. : /28 subnet to cover the same 10 hosts 4th Dept. : /29 subnet to cover 5 hosts 5th Dept. : /29 subnet to cover 3 hosts Server Farm: /28 subnet to cover 12 hosts We will be minimizing on readdressing all the hosts. Therefore there will be IP address reusing and reassigning. 1st Dept. : 192.168.0.0/27 (192.168.0.1 - 192.168.0.30) 2nd Dept. : 192.168.0.32/27 (192.168.0.33 - 192.168.0.62) 3rd Dept. : 192.168.0.64/28 (192.168.0.65 - 192.168.0.78) 4th Dept. : 192.168.0.80/29 (192.168.0.81 - 192.168.0.86) 5th Dept. : 192.168.0.88/29 (192.168.0.89 - 192.168.0.94) Server Farm: 192.168.0.96/28 (192.168.0.97 - 192.168.0.110) Network Info 1st Dept. IP address range: 192.168.0.1 - 192.168.0.30 Subnet Mask: /27 (or 255.255.255.224) Gateway: 192.168.0.14 2nd Dept. IP address range: 192.168.0.33 - 192.168.0.62 Subnet Mask: /27 (or 255.255.255.224) Gateway: 192.168.0.33 3rd Dept. IP address range: 192.168.0.65 - 192.168.0.78 Subnet Mask: /28 (or 255.255.255.240) Gateway: 192.168.0.78 4th Dept. IP address range: 192.168.0.81 - 192.168.0.86 Subnet Mask: /29 (or 255.255.255.248) Gateway: 192.168.0.81 5th Dept. IP address range: 192.168.0.89 - 192.168.0.94 Subnet Mask: /29 (or 255.255.255.248) Gateway: 192.168.0.94 Server Farm IP address range: 192.168.0.97 - 192.168.0.110 Subnet Mask: /28 (or 255.255.255.240) Gateway: 192.168.0.110 Since there will be routing between four routers, Firewall, and the Internet; there will be a need to assign specific subnet for specific connection. Between Router 4 and Firewall Host # :2
Smallest Subnet : /30 Subnet Assignment: 192.168.0.240/30 Between Routers Host # :4 Smallest Subnet : /29 Subnet Assignment: 192.168.0.248/29 Router 1 1st interface IP Address: 192.168.0.14 Subnet Mask: 255.255.255.224 2nd interface IP Address: 192.168.0.33 Subnet Mask: 255.255.255.224 3rd interface IP Address: 192.168.0.78 Subnet Mask: 255.255.255.240 Router 2 1st interface IP Address: 192.168.0.110 Subnet Mask: 255.255.255.240 Router 3 1st interface IP Address: 192.168.0.81 Subnet Mask: 255.255.255.248 2nd interface IP Address: 192.168.0.94 Subnet Mask: 255.255.255.248 To route between routers, there must be routes of reaching specific subnets using specific next hop IP address. To support these routes, there will be a need to assign specific IP address to specific router interface. Router 1 4th interface IP address: 192.168.0.250 Subnet Mask: 255.255.255.248 Router 2 4th interface
IP address: 192.168.0.251 Subnet Mask: 255.255.255.248 Router 3 4th interface IP address: 192.168.0.252 Subnet Mask: 255.255.255.248 Router 4 1st interface IP address: 192.168.0.249 Subnet Mask: 255.255.255.248 Notice that 192.168.0.0/26 (192.168.0.1 - 192.168.0.62) and 192.168.0.64/28 subnets are under Router 1. Similarly, 192.168.0.80/28 (192.168.0.81 192.168.0.94) subnet is under Router 3. Lastly 192.168.0.96/28 is under Router 2. Let's take close look on the 192.168.0.0/26. From other routers' perspective, Router 1 is presenting two consecutive /27 networks; the 192.168.0.0/27 and 192.168.0.32/27. You then have a choice to combine these two /27 networks to become a single larger /26 network of 192.168.0.0/26. In other words, you can supernet both /27 networks to be a /26 network. Similarly, 4th and 5th Depts subnets (that the Router 3 presenting to other routers) are also candidates for supernetting of 192.168.0.80/28. To conserve router's resources, we then supernet the networks. From Router 1 perspective, followings are the route reachability * Use 192.168.0.251 as the next hop to reach 192.168.0.96/28 * Use 192.168.0.252 as the next hop to reach 192.168.0.80/28 * Use 192.168.0.249 as the gateway From Router 2 perspective, followings are the route reachability * * * * Use Use Use Use 192.168.0.250 192.168.0.250 192.168.0.252 192.168.0.249 as as as as the the the the next hop to reach 192.168.0.0/26 next hop to reach 192.168.0.64/28 next hop to reach 192.168.0.80/28 gateway
From Router 3 perspective, followings are the route reachability * * * * Use Use Use Use 192.168.0.250 192.168.0.250 192.168.0.251 192.168.0.249 as as as as the the the the next hop to reach 192.168.0.0/26 next hop to reach 192.168.0.64/28 next hop to reach 192.168.0.96/28 gateway
To route between Firewall and Routers, there must be routes of reaching specific subnets using specific next hop IP address. To support these routes, there will be a need to assign specific IP address to specific device interface.
Router 4 2nd interface IP address: 192.168.0.242 Subnet Mask: 255.255.255.252 Firewall 1st interface IP address: 192.168.0.241 Subnet Mask: 255.255.255.252 2nd interface IP address: refer to the ISP network info Subnet Mask: refer to the ISP network info From Router 4 perspective, followings are the route reachability * * * * * Use Use Use Use Use 192.168.0.250 192.168.0.250 192.168.0.252 192.168.0.251 192.168.0.241 as as as as as the the the the the next hop next hop next hop next hop gateway to to to to reach reach reach reach 192.168.0.0/26 192.168.0.64/28 192.168.0.80/28 192.168.0.96/28
From Firewall perspective, followings are the route reachability * Use 192.168.0.242 as the next hop to reach 192.168.0.0/24 (another supernet) * Use ISP Device IP Address as the gateway With this new network design, similar route statements are in place as follow. Router 1 ip route 192.168.0.96 255.255.255.240 192.168.0.251 ip route 192.168.0.80 255.255.255.240 192.168.0.252 ip route 0.0.0.0 0.0.0.0 192.168.0.249 Router 2 ip ip ip ip route route route route 192.168.0.0 255.255.255.224 192.168.0.250 192.168.0.64 255.255.255.248 192.168.0.250 192.168.0.80 255.255.255.240 192.168.0.252 0.0.0.0 0.0.0.0 192.168.0.249
Router 3 ip ip ip ip route route route route 192.168.0.0 255.255.255.224 192.168.0.250 192.168.0.64 255.255.255.248 192.168.0.250 192.168.0.96 255.255.255.240 192.168.0.251 0.0.0.0 0.0.0.0 192.168.0.249
Router 4 ip ip ip ip ip route route route route route 192.168.0.0 255.255.255.224 192.168.0.250 192.168.0.64 255.255.255.248 192.168.0.250 192.168.0.80 255.255.255.240 192.168.0.252 192.168.0.96 255.255.255.240 192.168.0.251 0.0.0.0 0.0.0.0 192.168.0.241
Firewall ip route 192.168.0.0 255.255.255.0 192.168.0.242 ip route 0.0.0.0 0.0.0.0 [ISP DEVICE IP ADDRESS] As a note, the ip-route statement is a command in Cisco routers to setup static route in IP network, creating specific route statements as defined above. Suggestion Since only the new servers are Internet accessible, it is a good idea to separate them from the existing servers by group. One group will be the Internet accessible server group and another group will be the non-Internet accessible server group. This separation objective is to provide more secured network and broadcast traffic control. The separation involves assigning dedicated subnet to each server group. You should be able to do the work by either subnet the existing 192.168.0.96/28 network or reassign/renumber network devices with minimal changes on the existing network design. Network Design #3 You may notice that above network design is pretty much what small business have as their network. Let's have another look of network design. This time you need to setup private network that consist of three sites as follows. INTERNET | | Internet Router | | Router 1 ------- Switch 1 --- LAN 1 | | | | +--------------------------------+ +-----------------------------------+ | | | | Router 2 ---- Switch 2 Switch 3 ---- Router 3 | | | | LAN 2 LAN 3 As previous illustration, you are assigned 192.168.0.0/24 to use for private
network. Following is one way of design the network. * Three /30 subnets for point-to-point network: Router 1-2, Router 1-3, Router 1-Internet Router * One /25 subnet for LAN 1 * Two /27 subnets for other LAN: LAN 2 and LAN 3 Side Note: In real-live network, this network design could be a hub-and-spoke private network where the Router 1 and LAN 1 is the Main Office where others are Branch Offices. In addition, Main Office tends to house more hosts to serve all offices. Therefore you may need to assign larger subnet for Main Office and to assign smaller subnet for Branch Office. This network design could also be a local network within one office where the Router 1 and LAN 1 is the Main router with its network and each of other routers represent departement router. For more sample network design, check out the following FAQ. Cisco Forum FAQ Should I use Layer-3 switch or router? Subnet Assignment Three /30 subnets: 192.168.0.192/30, 192.168.0.196/30, 192.168.0.200/30 One /25 subnet : 192.168.0.0/25 Two /26 subnets : 192.168.0.128/27, 192.168.0.160/27 Site 1 Router 1 - Internet Router: 192.168.0.192/30, where .193 is for Router 1 and .194 is for Internet Router LAN 1: 192.168.0.0/25, where .1 is for Router 1 (also LAN 1 default gateway) and .2 - .126 are for hosts Site 2 Router 1 - Router 2: 192.168.0.196/30, where .197 is for Router 1 and .198 is for Router 2 LAN 2: 192.168.0.128/27, where .129 is for Router 2 (also LAN 2 default gateway) and .130 - .158 are for hosts Site 3 Router 1 - Router 3: 192.168.0.200/30, where .201 is for Router 1 and .202 is for Router 3 LAN 3: 192.168.0.160/27, where .161 is for Router 3 (also LAN 3 default gateway) and .162 - .191 are for hosts Following are the network setup with their associated subnet assignment
192.168.0.192/30 | | .194 | | 192.168.0.0/25 Router 1 ---------------- Switch 1 --- LAN 1 | | .1 .2 to . 126 | | .197 | | .201 192.168.0.196/30 | | 192.168.0.200/30 | | +--------------------------------+ +-----------------------------------+ | | .198 192.168.0.128/27 192.168.0.160/27 | .202 Router 2 ------------------ Switch 2 Switch 3 ------------------ Router 3 .129 | | .161 | | LAN 2 LAN 3 .130 - .158 .162 - .191
IP Routing Reachability Router 1 To reach the Internet (0.0.0.0/0): through 192.168.0.193 To reach LAN 2 (192.168.0.128/27): through 192.168.0.198 To reach LAN 3 (192.168.0.160/27): through 192.168.0.202 Router 2 To reach anyplace (other LAN and the Internet which is in other words 0.0.0.0/0): through 192.168.0.197 Router 3 To reach anyplace (other LAN and the Internet which is in other words 0.0.0.0/0): through 192.168.0.201 Internet Router To reach the Internet (0.0.0.0/0): through ISP router IP address (or the Internet Router default gateway) To reach any private sites (192.168.0.0/24): through 192.168.0.194 Routing Statement Router 1: ip route 0.0.0.0 0.0.0.0 192.168.0.193 name Internet Access ip route 192.168.0.128 255.255.255.224 192.168.0.198 name LAN 2 ip route 192.168.0.160 255.255.255.224 192.168.0.202 name LAN 3 Router 2: ip route 0.0.0.0 0.0.0.0 192.168.0.197 name Outside Access Router 3: ip route 0.0.0.0 0.0.0.0 192.168.0.201 name Outside Access Internet Router:
ip route 0.0.0.0 0.0.0.0 [ISP DEFAULT GATEWAY IP ADDRESS] ip route 192.168.0.0 255.255.255.0 192.168.0.194 name Private Networks Classless, Classful, CIDR Longer and Shorter Prefixes in Routing As shown on previous network design, there is a default gateway route and there are routes to reach specific subnets. You may notice that these routes to reach specific subnets are preferable to reach the intended subnets or IP addresses. When there are no available routes to reach specific subnets, then the default gateway route is chosen as the last resort. 1. First Illustration Let's review the following routes ip ip ip ip route route route route 0.0.0.0 0.0.0.0 192.168.0.193 192.168.0.0 255.255.255.0 192.168.0.1 192.168.0.128 255.255.255.224 192.168.0.198 192.168.0.160 255.255.255.224 192.168.0.202
Let's say there is a traffic that need to reach a host with IP address of 192.168.0.165. This IP address falls within the 192.168.0.160/27 route. Therefore the traffic will be forwarded via the 192.168.0.202 host. As a note, this 192.168.0.202 IP address host is called the next hop IP address to reach the 192.168.0.160/27 subnet. For the next example, let's say there is a traffic that need to reach a host with IP address of 192.168.0.16. This IP address does not fall within the 192.168.0.128/27 nor the 192.168.0.160/27 routes. There is however a route to reach any IP address that falls within 192.168.0.0/24 range. Therefore the traffic will be forwarded via the 192.168.0.1 host. As a next example, let's say there is a traffic that need to reach a host with IP address of 192.168.2.16. This IP address does not fall within the 192.168.0.128/27 nor the 192.168.0.160/27 routes. This IP address does not fall within the 192.168.0.0/24 range either. There is however a route to reach any IP address that can be used as last resort when there is no match to any of the specific route available. Therefore the traffic will be forwarded via the 192.168.0.193 host. 2. Second Illustration Now let's say there are following routes ip ip ip ip ip route route route route route 0.0.0.0 0.0.0.0 192.168.0.193 192.168.0.0 255.255.255.0 192.168.0.1 192.168.0.128 255.255.255.224 192.168.0.198 192.168.0.160 255.255.255.224 192.168.0.202 192.168.0.164 255.255.255.252 192.168.0.230
Let's review the previous illustration that say there is a traffic that need to reach a host with IP address of 192.168.0.165. This IP address falls within the 192.168.0.160/27 route. There is however more specific route to reach a host with IP address that falls within the 192.168.0.164/30 route.
Note that in IP routing, route with more specific info or in other words longer prefix is preferable to the less specific info or in other words shorter prefix. Therefore the traffic that need to reach a host with IP address of 192.168.0.165 will be forwarded via the 192.168.0.230 host instead of 192.168.0.202 host. 3. Third Illustration As a next illustration, let's review the following routes ip route 0.0.0.0 0.0.0.0 192.168.0.193 ip route 192.168.0.0 255.255.255.0 192.168.0.1 ip route 192.168.0.128 255.255.255.224 192.168.0.198 ip route 192.168.0.160 255.255.255.224 192.168.0.202 ! no ip classless Let's say there is a traffic that need to reach a host with IP address of 192.168.0.165. This IP address falls within the 192.168.0.160/27 route. There is however a statement of no ip classless is being used. This statement means that any CIDR routes with more specific than their classful route are ignored. This statement also means that a classful routing is used and will ignore any subnetted network. On early discussion, there are terms called Class A, B, and C network. As example, following is a list of some Class A, B, and C network available in IP (IP version 4) network. Class A network: 10.0.0.0/8 Class B network: 172.16.0.0/16, 172.17.0.0/16 Class C network: 192.168.0.0/24, 192.168.1.0/24, 192.168.43.0/24 Let's say there is a route that fall under 10.0.0.0/8. When the no ip classless is being used, any specific routes than 10.0.0.0/8 to reach IP address that fall under 10.0.0.0/8 will be ignored. Similarly, any specific routes than 192.168.0.0/24 to reach IP address that fall under 192.168.0.0/24 will be ignored when the no ip classless is being used. When more specific routes that have longer prefix are being ignored, traffic will take either the full class network route or will take the default gateway route as the last resort if available. In the case of reaching IP address that fall under 192.168.0.0/24, any routes that are more specific or have longer prefix than the 192.168.0.0/24 will be ignored and instead the traffic will take the route to reach the entire 192.168.0.0/24 or will take the default gateway route as the last resort when available. With the need of reaching a host with IP address of 192.168.0.165, the other two routes with more specific routes or have longer prefix than 192.168.0.0/24 are ignored. Instead the traffic will consider the 192.168.0.0/24 route. Therefore the traffic that need to reach a host with IP address of 192.168.0.165 will be forwarded via the 192.168.0.1 host instead of 192.168.0.202 host. In the case of following routes
ip route 0.0.0.0 0.0.0.0 192.168.0.193 ip route 192.168.0.128 255.255.255.224 192.168.0.198 ip route 192.168.0.160 255.255.255.224 192.168.0.202 ! no ip classless then a traffic that need to reach a host with IP address of 192.168.0.165 will be forwarded via the 192.168.0.193 since there is no specific route to reach the 192.168.0.0/24 route. As you may note in this illustration, a Classful routing system is used instead of a Classless routing system. In Classful routing system (as indicated by the no-ipclassless statement), any routes that have longer prefix than their associated Class A, B, or C network as result of subnetting are ignored. With Classful routing system, more specific routes or routes with longer prefix are preferred. You can check out the following for more info on Classful and Classless routing system Wikipedia - Classful network TCP/IP Guide - Class A, B and C Network and Host Capacities Some discussion [CCNA] Undertanding Next hop routing answer IP Route, Subnet Mask, and Broadcast Domain As mentioned earlier, the traffic flow is determined based on IP route availability. This IP route availability is called IP Routing Table or Routing Table in short. The Routing Table holds the IP route availability in form of Network ID with its associated Subnet Mask. There is also an IP address of the host used as gateway to reach the intended host IP address. This IP address is called the next hop IP address. Let's review the following illustration. There are three hosts A, B, and C with IP address of 192.168.0.10/25, 192.168.0.56/25, and 192.168.0.130/25 respectively. From the subnet mask, you can see that both A and B are within the same network (192.168.0.0/25) where C is within different network (192.168.0.128/25). When there are hosts within the same network, the hosts are called within the same network or within the same broadcast domain. Let's discuss this broadcast domain further. There was a mention of a Layer-2 mechanism called Broadcast used for communication between hosts within the same network. The network is sometime called Broadcast Domain, since the broadcast traffic only exists within the network (within the domain) and does not by default leave outside the network. You may note that this Broadcast Domain relates closely to Subnet Mask. By checking IP addresses and Subnet Masks of itself and the other host's, a host can tell if the other host in communicating partnership is within the same network or is outside network.
As example, the host A has IP address of 192.168.0.10 with /25 subnet mask. Host A needs to communicate with Host B of 192.168.0.56 with /25 subnet mask. By checking its own IP address and subnet mask, and B's IP address and subnet mask, Host A can tell that A is within the same network (the same Broadcast Domain) as host B. Similarly by checking IP addresses and subnet mask, Host B can tell that B is within the same Broadcast Domain as A. Since both hosts A and B know that they are in the same Broadcast Domain, both hosts know that there will be no route necessary to communicate between each other. Both hosts A and B simply do their Layer-2 mechanism without the necessity of routing the traffic flow. When A needs to communicate with C of 192.168.0.130/25 let's say, the same mechanism of checking IP address and subnet mask takes place. Using the mechanism, A knows that C is at outside network (outside the Broadcast Domain) of A. Similarly by using the mechanism, C knows that A is at outside the Broadcast Domain of C. Since both hosts A and C know that they are at different network, both hosts know a Layer-3 IP routing mechanism is needed. The same consequences take place when B needs to communicate with C. Now let's say there is a host D of 192.168.0.6/24 IP address. From the IP address, hosts A and B think that the host D is within the same network as them. However host C also thinks that host D is within the same network as C itself since /24 subnet mask includes the 192.168.0.128/25. From host D perspective, D sees A, B, and C as hosts that stay within the same subnet as D itself due to the host D's subnet mask identity. The existance of such host D as you may note create confusion. In real network, this confusion create routing and traffic flow ambiguity which lead to inability to communicate between host D and the rest of the network (say A, B, and C).