Last update: February 27, 2001

Secrets I learned... about sub-networking
A lot of addresses
Internet IP addresses are composed of 4 numbers. More specifically, each is an octet. An octet is any number that can be represented by 8-bits, ie: a number ranging from 0 through 255.

That makes for over 4 billion possible addresses. You'd think that's enough for a small world. Believe it or not, it's not enough. But that's a discussion for another day.

An IP address represents a computer. Well, that's not quite true. An IP address identifies a machine's interface to the rest of the world. And a single machine may have several.

If I want to route a packet of information to an interface whose IP address is 209.47.5.66, then somehow I have to know where that is. With billions of possibilties, it's a daunting task.

Addressing this daunting task (no pun intended) is the subject of this document.

How do I get it There?

The Post Office has the same problem. Canada Post has a hard enough time knowing where Canadians live. If I live in Canada and mail a package to someone in Los Angeles, what do I do? Well, I drop it in the mail box, in quite the same way as I mail a package to anybody.

  1. Canada Post picks it up and says
    "Hey, this package is destined for the US network. Pass it on to the US Post Office and let them worry about it further."
  2. The US Post Office gets it and says
    "Hey, this package is destined for Los Angeles. Pass it on to the Los Angeles Post Office and let them worry about it further."
  3. Los Angeles gets it and says
    "Oh yes, I recognize this address. I'll deliver it."
  4. Done.

So the postal service is a network of networks. Some, like the US Post Office are large. Some, like the Israel Post Office are comparatively small.
The Internet is a network of networks too.
The folks at IANA (Internet Assigned Numbers Authority), see www.iana.org might have said something like the following (but they didn't).

A rigid Class structure.
  1. Make the 1st octet a "major" network. Say, "US"
  2. Make the 2nd octet a "minor" network. Say, "Los Angeles"
  3. Make the 3rd octet a "minor-minor" network. Say, "South-eastern LA"
  4. Make the 4th octet represent individuals within it.
This would have been a bad idea. It would impose severe administration limitations.
  • We're implying a maximum of 256 countries in the world.
  • We're implying a maximum of 256 cities in each of those countries.
  • We're implying a maximum of 256 districts in each of those cities.
  • We're implying a maximum of 256 real people in each district.
oh dear.
  • There are far more than 256 countries in the world. We'd have to combine some. (Let's put Iraq and Israel together. They'll love that.)
  • Some countries won't have as many as 256 cities. Oh well. I guess some of those numbers in octet#2 will go unused.
  • Some cities won't have as many as 256 districts. Oh well. I guess some of those numbers in octet#3 will go unused.
  • Some districts will have more than 256 real people in them.
All of a sudden, "4 billion" is much too small. Take your choice. This scheme is either entirely unworkable or an administrative nightmare.

Here's what was really done.

A not quite so rigid Class structure.

We need a more flexible way of carving up all those IP numbers into something which is still manageable. We start by focussing on the first octet. There are 256 choices.

  • Class A
    Take half of octet#1, ie: half of the 0 - 255 range
    256 / 2 = 128
       128 will be where the Class B begins.
       Class A begins at 1.
       127 is a reserved number.
    So we have 126 (huge) Class A networks: 1 - 126

    Each of them will consist of a huge number of IP addresses because those addresses can have anything they want in the 2nd, 3rd and 4th octet. ie: The administrator of each Class A network will be responsible for administering 255*255*255 = over 16 million IP addresses.

    Here are our 126 Class A networks:
        1.###.###.###
        2.###.###.###
        ...
        126.###.###.###

  • Class B
    The first half of the 256 possible values of octet#1 has already been used, mostly by Class A. What's left is the 128 - 255 range.

    Let's take the first half of that, ie: 128 - 191
       192 will be where Class C begins.
       Class B begins at 128.
    That leaves us with 64 numbers: 128 - 191. To each of them, we'll also attach all possible numbers in the 2nd octet to them.

    This will give us 16,384 Class B networks, a heck of lot more than we had in Class A. However, since we've stolen the 2nd octet to help identify the network IDs in Class B, each of these networks won't be able to house quite so many host IDs.

    Only octets 3 and 4 are left, so each Class B network will have a somewhat smaller capacity, 65,534 hosts.

    Here are our 16,320 Class B networks:
        128.1.###.###
        128.2.###.###
        ...
        128.254.###.###     		    129.1.###.###
        129.2.###.###
        ...
        129.254.###.###     		    ...    
        ...    
        ...    
        ...         		    191.1.###.###
        191.2.###.###
        ...
        191.254.###.###

  • Class C
    The first half of the 0 - 255 range of octet#1 possible values has already been used, mostly by Class A. That left the 128 - 255 range.

    The first half of the 128 - 255 range of octet#1 possible values has already been used, mostly by Class B. That leaves the 192 - 255 range.

    Let's take the first half of that, ie: half of the 192 - 256 range which is 192 - 224
       224 will be where Class D begins.
       Class C begins at 192.
    That leaves us with 32 numbers: 192 - 223 To each of them, we'll also attach the possible numbers in the 2nd and 3rd octet to them.

    Since we have 32 possible values from octet#1 and 256 values from octet#2 and 256 values from octet#3, this will give us 2,097,152 Class C networks, a heck of lot more than we had in Class B.

    However, since only octet#4 is left for Host IDs, these Class C, networks won't be quite so large. Each network will have a smaller Host ID capacity, only 254 hosts.

    Here are our more than 2 million Class C networks:
        192.1.1.###
        192.1.2.###
        ...
        192.1.254.###    		     192.2.1.###
        192.2.2.###
        ...
        192.2.254.###    		     ...         192.254.1.###
        192.254.2.###
        ...
        192.254.254.###
        193.1.1.###
        193.1.2.###
        ...
        193.1.254.###    		     193.2.1.###
        193.2.2.###
        ...
        193.2.254.###    		     ...         193.254.1.###
        193.254.2.###
        ...
        193.254.254.###
        ...         ...         ...         ...    
        224.1.1.###
        224.1.2.###
        ...
        224.1.254.###    		     224.2.1.###
        224.2.2.###
        ...
        224.2.254.###    		     ...         224.254.1.###
        224.254.2.###
        ...
        224.254.254.###

  • Class D
    (For right now, we'll leave that for another time.)
  • Class E
    (For right now, we'll leave that for another time.)
Looking at the first octet in an IP address, we can tell its class.
  • Class A: Octet#1 is less than 127. Mask is 255.0.0.0
  • Class B: Octet#1 is less than 192. Mask is 255.255.0.0
  • Class C: Octet#1 is less than 225. Mask is 255.255.255.0

Mask? What's a mask?

You put a mask on your face. It hides part of your identity. I cannot see your face. Perhaps because of that, other characteristics stand out, such as your hair colour. That's what a mask is all about. It hides some things with the goal of revealing other things.

Going back to the Post Office for a moment, consider the two parts of this address:

    1. -- Toronto, Ontario, Canada
    • In Post Office terms, this identifies the Post Office.
    • In IP addressing terms, this identifies the Network ID.
    2. -- 5050 Yonge Street
    • In Post Office terms, this identifies the building.
    • In IP addressing terms, this identifies the Host ID.
In IP addressing, both pieces of information are shoved into the IP#. The way it's usually done is:
    The first number of bits identifies the Network.
    The remaining bits identify the Host.

I could say simply that "the mask is /8" meaning that the first 8 bits of this IP# identifies its Network ID and the remaining 24 bits identifies the Host ID. In fact, this is often done.

More generally however, I would say that "the mask is 255.0.0.0" When you convert this 4-octet number to binary, you get a string of 8 ones followed by 24 zeroes which says the same thing.

In a "natural" network, the Class A, B, or C we've talked about, you can reveal an IP number's Class by looking at the value of its first octet.

IP# 101.111.222.7 is a Class A IP#.
- You knew that because octet#1 is in the range 1 to 126.

IP# 150.111.222.7 is a Class B IP#.
- You knew that because octet#1 is in the range 126 to 191.

If I told you that the natural mask of some IP# is 255.0.0.0,
you'd know that it's a Class A IP#.
If I told you that the IP# was w.x.y.z,
you'd know that it belongs to network w.0.0.0

If I told you that the natural mask of some IP# is 255.255.0.0,
you'd know that it's a Class B IP#.
If I told you that the IP# was w.x.y.z,
you'd know that it belongs to network w.x.0.0

Are these 2 IP#s on the same network?

As we've said, a 32-bit IP# consists of 2 parts: a Network ID and a Host ID.
As we've said, the network mask tells us where the Network ID component ends and the Host ID component begins.

If a packet's source address and destination address have the same Network ID, then, by definition, both the source and destination are on the same network.

Consider a network mask of 18 1's followed by 14 0's.
In binary, this is   In decimal, this is  
11111111.11111111.11000000.00000000 255.255.192.0
Suppose I am sending a packet from 150.111.199.123 to 150.111.247.7. Are they on the same network? Compare them. If their 1st 18 bits match, then we know that they're on the same network.

To compare their first 18 bits, we'll have to compare
    * the entire first octet (ie: its full 8 bits),
    * the entire second octet (ie: its full 8 bits) and
    * the 1st 2 bits of the third octet.

Well,
    * 150 obviously matches 150 (even in binary!)
    * 111 obviously matches 111
    * but what about the 1st 2 bits of 244 and 247?

Well, they do. In order to know that, I had to convert 11000000 to its decimal equivalent which is 192. Since both 199 and 247 are greater than 192, I know that their first 2 bits (their most significant bits) do indeed match.

So all 18 bits match. Yes. These two IP addresses are on the same network.

How do I get from here to there?

After I'd received my 150.111.*.* Class B from Internic, I set things up with my upstream provider (sometimes called an ISP). Basically, they promised to shove any packets destined for 150.111.any.thing down to me. On my side of that connection, I have a router.

If I really need to get to 150.111.247.7 and can't find it any other way, I can be assured that that router will be able to help me.

But that might not be terribly efficient. True, the router does know something about all the IPs in its network. But there are 255*255 = 65,025 IPs in the 150.111.0.0 network!

Wouldn't it be a shame if my IP# was 150.111.222.6 and I wanted to get to the machine whose IP# was 150.111.222.7 (which is only 10 metres away from me) and I went hundreds of kilometres away just to find that out!

My system contains the instruction "If you don't know where a packet's destination is located, then send the packet to this nearby router address instead. When you do so, make sure the router is told the following 3 pieces of information:"
        my source address
        the destination address
        my netmask

The router will compare the source and destination addresses and see if they are identical as far as the netmask is concerned.

If they are the same, then the router concludes that the destination is inside its network and thus it will know to where it should forward that packet.

If they are not the same, then the router cannot deliver the packet. This router also has a similar instruction, ie "If you don't know where a packet's destination is located, ie: if they're not both on your network segment, then send the packet to this not-so-nearby router instead. When you do so, make sure the other router is told the following 3 pieces of information:"
        my source address
        the destination address
        my netmask

The source and destination addresses havn't changed, however "my netmask" is now the router's netmask, not the originator's netmask. The router's netmask will be shorter.

Now the packet arrives at the no-so-nearby router. It will compare the source and destination addresses based on this shorter netmask.

If they are the same, then the not-so-nearby router concludes that the destination is inside its (bigger) network and thus it will know to where it should forward that packet.

If they are not the same, then this not-so-nearby router cannot deliver the packet. And so, in like fashion, it passes the request on up to a farther away router. Eventually, comparing the source and destination addresses on the basis of fewer and fewer bits, even if we have to go all the way up to the root server routers, we'll find some grand-daddy of a router that will have both source and destination in common.

... and the packet will be delivered.

Not so natural Network Masks

Let's say you are the system administrator for the Class B 150.111.0.0. You have one router to which are attached thousands of computers. With that kind of planning, you'll lose your job tomorrow.

You would be far better off to designate some of those IP#s to other routers and thereby share the work. You can carve up your block of IP#s in much the same way that IANA does. Make your own network of networks.

Roll-your-own sub-nets

Being forward thinking, you want to create more networks than you need today, to allow for future growth. However it's also true that the more networks you create, the fewer will be the number of hosts that each will be able to support.

You could take the easy way out. You could choose to use all 8 bits of the 3rd octet and create 254 Network IDs. That would mean that each of the networks would only have the 4th octet to define its Host IDs. In other words, each network would be able to support 254 Host IDs.

If you make that particular decision because the arithmetic is easier, you'll be out of a job next week.

Odds are, you'll probably have a better fix on how many networks you need compared to knowing how many hosts you need to be on any of them.

So, you decide to first consider how many networks you ought to have. You will of course plan for expansion, so you'll add a few more. When you've done the math, you'll look at how many hosts will be able to fit onto a network.

If that number of hosts is far more than you could possibly ever need, you'll go back and add a few more network IDs which will give more growth potential to the number of networks but reduces the number of hosts per network.

If that number of hosts is too small, you'll have to cut back on the number of networks in order to allow for more hosts.

It may be a balancing act. Remember, this is a binary world. Every time you multiply the number of networks by 2, you divide the number of hosts/network by 2 at the same time.

How to divvy up a network.

In this situation, Internic has made its allocation of a Class B series of IP numbers. The first 2 octets are already spoken for. You have all the IP numbers 151.111.*.*

You'll follow a procedure similar to the one designed by IANA, by progressively dividing the 256 addresses in the 3rd octet in half. Each division requires another bit to define it.

    Bear in mind that
  • the very first number, "0" is a reserved network number
  • the very last number is the reserved broadcast address

  1. Only 1 "in-half" division (1 bit) isn't useful. We get 0 networks!
        0 - reserved network number!
        128 - reserved broadcast number!
  2. Let's divide in half again. (2 bits) We get 2 networks.
        0 - reserved network number!
        64
        128
        192 - reserved broadcast number!
  3. Let's divide in half again. (3 bits) We get 6 networks.
        0 - reserved network number!
        32
        64
        96
        128
        160
        192
        224 - reserved broadcast number!
  4. Let's divide in half again. (4 bits) We get 14 networks.
        0 - reserved network number!
        16
        32
        48
        64
        80
        96
        112
       
    		    128
        144
        160
        176
        192
        208
        224
        240 - reserved broadcast number!

Are you seeing a pattern here?

Number of times  
we divide in half
(Number of bits
required)
 Number of  
sub-networks
we will get
 Formula
10 2**1 -2
22 2**2 -2
36 2**3 -2
4142**4 -2
5302**5 -2
6622**6 -2
71262**7 -2
82542**8 -2

Sub-net mask

The natural sub-net mask for the Class B was all eight bits set in the first 2 octets. But we have extended things by creating new networks. So we must also extend our sub-net mask by the same number of bits we used to define our sub-nets. Here is our revised chart.

Number of times  
we divide in half
(Number of bits
required)
 Number of  
sub-networks
we will get
 Formula
  
Sub-Network
Mask		 1st
Host
ID
  Binary
 Decimal  
10! 2**1 -2  1 0000000(128) (128)
22 2**2 -2  11 000000192 64
36 2**3 -2  111 00000224 32
4142**4 -2  1111 0000240 16
5302**5 -2  11111 000248 8
6622**6 -2  111111 00252 4
71262**7 -2  1111111 0254 2
82542**8 -2  11111111255 1

Hosts per Network?

The number of Host IDs you have per Network ID is determined by the number of bits you have left to play with. An IP# starts off with 32, but Internic took away 16 of them when it gave you the Class B. That leaves 16.

The question now is "How many bits did you consume when you defined your sub-nets?"

If you designated 5, that leaves you with 16 - 5 = 11 bits left. With 11 bits:

  • There are 2**11 = 2048 possible values.
  • However, 8 are all-zero values and 8 are all-one values which are not available. Therefore, there can be only 2**11 - 8 - 8 = 2046 Host IDs associated with each network.

        The 1st network is 151.111.8.0
        The 2nd network is 151.111.16.0

Can we say that the Host IDs belonging to the 1st network are all the numbers that fit in between the 1st and 2nd network? Not quite. We can't use the number 255 because it's reserved as a broadcast address. [*]

So the Host IDs belonging to Network 151.111.8.0 are:

151.111.8.1  - 151.111.8.254
151.111.9.1  - 151.111.9.254
151.111.10.1  - 151.111.10.254
151.111.11.1  - 151.111.11.254
151.111.12.1  - 151.111.12.254
151.111.13.1  - 151.111.13.254
151.111.14.1  - 151.111.14.254
151.111.15.1  - 151.111.15.254

[*] We ought to be able to use many of the "reserved" 255's but can't, due to an historical misinterpretation on the part of MicroSoft and Cisco!
Think about it!
The "reserved" 255 address is for broadcasting.
The broadcast address for the 151.111.8.0 network is (only) 151.111.15.255. So you might well ask "Why can we not use any of 151.11.8.255, 151.11.9.255, 151.11.10.255, 151.11.11.255, 151.11.12.255, 151.11.13.255, 151.11.14.255!"