CACTUSPEAR.ORG PRESENTS

subnet masks

An IP 4 subnet mask is a 32-bit number consisting of a sequence of 1's, which are known as network bits, followed by a sequence of 0's, known as host bits. For example, the subnet mask for a 24-bit network is

1111 1111.1111 1111.1111 1111.0000 0000

or 255.255.255.0 in dotted decimal representation. Here the mask tells us that the first 24 bits (3 binary octets) of the associated IP address refer to the network, and the final 8 bits (1 octet) refer to the host. There are millions of such networks and each can have as many as 254 (or 28 − 2) hosts, numbered from 1 to 254, inclusive. (The addresses 0 and 255 are reserved for other purposes.)

A 16-bit network uses the subnet mask of 255.255.0.0. In this case, the mask tells us that the first 16 bits (2 octets) of the associated IP address refer to the network, and the final 16 bits (2 octets) refer to the host. There are thousands of such networks, each having as many as 65,534 (or 216 − 2) hosts, numbered from 1 to 65,534, inclusive. 8-bit networks have a default subnet mask of 255.0.0.0. Such networks are relatively few in number, but each can have millions of hosts.

Given an IP address and a subnet mask, one may calculate the corresponding network address by using the following formula:

Network Addr = Subnet Mask AND IP Addr

Remember that AND gives a result of 1 if both operands are 1's, and 0 otherwise. Let's take an example. My IP address is 128.32.173.221 and my subnet mask is 255.255.255.0.

  DECIMAL BINARY
Subnet Mask 255.255.255.0 1111 1111.1111 1111.1111 1111.0000 0000
IP Addr 128.32.173.221 1000 0000.0010 0000.1010 1101.1101 1101
AND -AND---------- -AND-----------------------------------
Network Addr 128.32.173.0 1000 0000.0010 0000.1010 1101.0000 0000

We see that my network address is 128.32.173.0/24. The /24 refers to the fact that this is a 24-bit network. To see why the subnet mask is known as a mask, look closely at the network address. The AND operation has preserved all of the bits in the first three octets (the network portion) of the IP address, but zeroed out (masked) all the bits in the final octet (the host portion).

Note: All of the bits in the host portion of the network address are 0.

So we've calculated the network address. Now let's calculate the host address by using the following formula:

Host Addr = ~(Subnet Mask) AND IP Addr

where ~ indicates a bitwise inversion (also known as a one's complement). The inversion of 1 is 0, and the inversion of 0 is 1. In our example,

  DECIMAL BINARY
Subnet Mask 255.255.255.0 1111 1111.1111 1111.1111 1111.0000 0000
Bit Inversion 0.0.0.255 0000 0000.0000 0000.0000 0000.1111 1111
IP Addr 128.32.173.221 1000 0000.0010 0000.1010 1101.1101 1101
AND -AND---------- -AND-----------------------------------
Host Addr 0.0.0.221 0000 0000.0000 0000.0000 0000.1101 1101

We see that my host address is 0.0.0.221 (or simply 221). This time the AND operation has zeroed out (masked) the first three octets (the network portion) of the IP address, but preserved its final octet (the host portion).

Note: All of the bits in the network portion of the host address are 0.

dividing a network into subnets

For reasons of traffic isolation, security, or administrative convenience, it may make sense to divide a network into subnets. Suppose we are working with the network 128.32.195.0/24 with subnet mask 255.255.255.0. The hosts on this network have IP addresses from 128.32.195.1 (usually the router interface) through 128.32.195.254, inclusive. We may divide this network into two subnets as follows. The first subnet will have network address 128.32.195.0/25 with mask 255.255.255.128. The hosts will have addresses from 128.32.195.1 (router) to 128.32.195.126. The other subnet will have address 128.32.195.128/25, also with mask 255.255.255.128. The hosts in this subnet will have IP addresses from 128.32.195.129 (router) to 128.32.195.254. The important thing to remember is that in both subnets, the first 25 bits of the IP address refer to the network, and the final 7 bits refer to the host.

broadcast addresses

A broadcast address is a 32-bit number that identifies all hosts on a given network. Given a network address and a subnet mask, one may calculate the corresponding broadcast address by using the following formula:

Broadcast Addr = ~(Subnet Mask) OR Network Addr

Remember that OR gives a result of 1 if either operand is a 1, and 0 otherwise. Again, ~ indicates bit inversion.

Let's take an example. My network address is 128.32.173.0 and my subnet mask is 255.255.255.0.

  DECIMAL BINARY
Subnet Mask 255.255.255.0 1111 1111.1111 1111.1111 1111.0000 0000
Bit Inversion 0.0.0.255 0000 0000.0000 0000.0000 0000.1111 1111
Network Addr 128.32.173.0 1000 0000.0010 0000.1010 1101.0000 0000
OR -OR--------- -OR------------------------------------
Broadcast Addr 128.32.173.255 1000 0000.0010 0000.1010 1101.1111 1111

We see that the broadcast address on my network is 128.32.173.255.

Note: On some systems, the broadcast address ends in 0's rather than 1's and is the same as the network address.


CACTUS PEAR HOME
comments to comments at cactuspear dot org