The main reason why IPv6, or IP next generation (IPng) as it was known in 1994, began development was due to the impending exhaustion of IPv4 addresses. The IETF officially adopted RFC 2460 in December 1998, and IPv6 was born! Part of the problem in the mid-90’s was the inability for companies and consumers to buy a chunk of IP addresses, instead of huge sections of the IP block, like Hewlett-Packard being assigned 15.0.0.0/8, or Apple having 17.0.0.0/8. To put this in perspective, these companies owned 16,777,216 unique and publicly accessible Internet addresses.
Beginning in 1993, a system named Classless Inter-Domain Routing or simply CIDR was developed to allow companies to buy IP subnets smaller than a /24, which contains 254 unique publicly routable IP addresses. Today, if a company has a need to monitor security cameras from the Internet, they could purchase a /30 network block from a provider like Spectrum (don’t do that!) which would give them two Internet, or Wide Area Network (WAN) addresses, to use for their camera system.
This post is going to explain how IPv4 subnetting works, and how you can quickly calculate the below addresses from a given notation, like 10.250.54.0/22:
- Network Address – 10.250.52.0
- First Assignable – 10.250.52.1
- Last Assignable – 10.250.55.254
- Broadcast Address – 10.250.55.255
- Number of Assignable – 1022
- Next Network – 10.250.56.0
Mathematics of calculating subnet masks
Two things we need to establish in order to make calculations related to IPv4 addresses. Computers obviously use 1’s and 0’s, or the binary number system in every operation it performs. Code is ultimately converted to 1’s and 0’s, as is this webpage is converted to 1’s and 0’s in your CPU. So, computers make use of two values in everything it does.
In IPv4 addressing, the source or destination address fields are ALWAYS 32 bits in length. Thus, to calculate the total number of available IP addresses in the IPv4 address space is 232, which is 4,294,967,296. To put this in perspective, the total number of IPv6 addresses is calculated by 2128, which is 340,282,366,920,938,463,463,374,607,431,768,211,456.
In IPv4 addresses, the first part of the address is called the Network ID (NID), and the remaining part is called the Host ID (HID). The NID is calculated by comparing the IP address to the subnet mask, where the subnet mask transitions from 1’s to 0’s.
E.G. Address = 192.168.1.1 & Subnet Mask 255.255.255.0
Address in binary = 11000000.10101000.00000001.00000001
Subnet Mask in binary = 11111111.11111111.11111111.00000000
Thus, we see the 1’s in the subnet mask are 24 bits in length and encompass the entire first through third octet. This tells us that the NID is 192.168.1.0 and the HID bits are the last eight, or in the range of 192.168.1.0 – 192.168.1.255. We can also calculate the total number of host addresses by 28, which is 256. If you notice, above I said a /24, which is the same as 255.255.255.0, contains 254 unique routable addresses. So, what happened to the other two addresses? Well, in any size network, you have two addresses which are not assignable and/or routable, the network and broadcast address. The network address is the first address in the network range, and the broadcast address is the very last address. These are not changeable, or reconfigurable. In the above example, the network address is 192.168.1.0/24 and the broadcast address is 192.168.1.255. Thus, the assignable host addresses are in the range of 192.168.1.1 – 192.168.1.254.
When learning how to do subnetting, we were required to provide the following addresses for a given address and CIDR/subnet mask.
- Network address
- First assignable
- Last assignable
- Broadcast address
- Total number of addresses
- Next network
The most important thing to remember is that each bit in the ‘Binary Value’ chart below is “weighted”. The numerical equivalent goes from left to right when calculating the values. Thus, you have the following values for each bit:
- Bit 1: 128
- Bit 2: 64
- Bit 3: 32
- Bit 4: 16
- Bit 5: 8
- Bit 6: 4
- Bit 7: 2
- Bit 8: 1
In the first line, we see the ‘Subnet Mask’ begins with 255 in the first octet. This is derived from adding the weighted values of all bits, 1 – 8, which is 255. The curious outcome when adding runs of binary numbers is that the sum is always 1 less than the following value.
E.G. A binary number of 00001111 has a sum of 15 — 8 + 4 + 2 + 1, with the value following 8 being 16.
Also, since the binary values are weighted, you cannot have a subnet mask of something like 255.255.120.0. Subnet mask values are only ever going to have the following values:
128, 192(+64), 224(+32), 240(+16), 248(+8), 252(+4), 254(+2), 255(+1) – in some order.
| Subnet Mask | CIDR Notation | Binary Value | Number of Addresses | Comments |
|---|---|---|---|---|
| 255.0.0.0 | /8 | 11111111.00000000.00000000.00000000 | 16,777,216 | Class A address |
| 255.128.0.0 | /9 | 11111111.10000000.00000000.00000000 | 8,388,608 | |
| 255.192.0.0 | /10 | 11111111.11000000.00000000.00000000 | 4,194,304 | |
| 255.224.0.0 | /11 | 11111111.11100000.00000000.00000000 | 2,097,152 | |
| 255.240.0.0 | /12 | 11111111.11110000.00000000.00000000 | 1,048,576 | |
| 255.248.0.0 | /13 | 11111111.11111000.00000000.00000000 | 524,288 | |
| 255.252.0.0 | /14 | 11111111.11111100.00000000.00000000 | 262,144 | |
| 255.254.0.0 | /15 | 11111111.11111110.00000000.00000000 | 131,072 | |
| 255.255.0.0 | /16 | 11111111.11111111.00000000.00000000 | 65,536 | Class B address |
| 255.255.128.0 | /17 | 11111111.11111111.10000000.00000000 | 32,768 | |
| 255.255.192.0 | /18 | 11111111.11111111.11000000.00000000 | 16,384 | |
| 255.255.224.0 | /19 | 11111111.11111111.11100000.00000000 | 8,192 | |
| 255.255.240.0 | /20 | 11111111.11111111.11110000.00000000 | 4,096 | |
| 255.255.248.0 | /21 | 11111111.11111111.11111000.00000000 | 2,048 | |
| 255.255.252.0 | /22 | 11111111.11111111.11111100.00000000 | 1,024 | |
| 255.255.254.0 | /23 | 11111111.11111111.11111110.00000000 | 512 | |
| 255.255.255.0 | /24 | 11111111.11111111.11111111.00000000 | 256 | Class C address |
| 255.255.255.128 | /25 | 11111111.11111111.11111111.10000000 | 128 | |
| 255.255.255.192 | /26 | 11111111.11111111.11111111.11000000 | 64 | |
| 255.255.255.224 | /27 | 11111111.11111111.11111111.11100000 | 32 | |
| 255.255.255.240 | /28 | 11111111.11111111.11111111.11110000 | 16 | |
| 255.255.255.248 | /29 | 11111111.11111111.11111111.11111000 | 8 | |
| 255.255.255.252 | /30 | 11111111.11111111.11111111.11111100 | 4 | See Note 1 below |
| 255.255.255.254 | /31 | 11111111.11111111.11111111.11111110 | 2 | See Note 2 below |
- This subnet mask is most used between two network devices with only a point-to-point connection. E.G. Two Internet routers – Router1:10.54.254.1/30 – Connected to – Router2:10.54.254.2/30
- I have only seen this subnet mask used in Cisco ISE hardware where a /31 is used to as it only has two addresses available. Note, both devices have to accept this kind of address scheme.
