Originally, subnetting was not intended for the Internet from the start. Initially there were only network classes with fixed lengths for the host and network parts. It was not necessary to specify a subnet mask to clearly identify the networks due to the fixed division of the address space.
Through the IANA (Internet Assigned Numbers Authority), companies and organizations received Class A, B or C networks, depending on their size. However, the strong growth of the Internet meant that addresses quickly became scarce. The concept of fixed network classes no longer made sense as it led to a waste of IP addresses.
Starting in 1993, the Internet used the concept of Classless Inter-Domain Routing (CIDR), which replaced the classic network class-based system. Bit-variable network masks (subnet masks) made it possible to divide previously statically defined network areas into subnets. The prerequisite for CIDR is that IP addresses are always used with the associated subnet mask. This is the only way to clearly identify the network and host parts of an IP address.
One of the main reasons for the introduction of Classless Inter-Domain Routing (CIDR) and subnetting was the address waste caused by the fixed IP network classes. It allows networks to be separated from each other and private IP addresses can therefore be assigned twice. However, it also brought with it a number of far-reaching improvements.
Subnetting increases security because the individual networks are separated from each other. Attacks must first reach other network sections before they can spread.
System administrators can create a logical structure for assigned IP addresses. This increases clarity and makes work much easier.
To understand subnetting, it is first important to know the structure of IP addresses.
An IP address is an address used to uniquely identify a device on an IP network. The address consists of 32 binary bits which are divided into four octets (1 octet = 8 bits). Each octet is converted into decimal places and separated by a period. This is why an IP address is called decimal point format.
The value in each octet is between 0 and 255 decimal numbers or 000000-111111 binary numbers.
IP addresses are divided into two parts, a network part and a host part. The network address (the front part of the IP address) refers to the subnet in which the computer with the corresponding host address is located. What is the power part and what is the host part of the address is determined by the subnet mask used.
The net mask or subnet mask is a bit mask. In IPv4 networks, it indicates how many bits the network prefix for an IP address consists of.
Together with the IP address, it defines the address of a device on the network. The network part shows which devices are in a network. This network part must be the same for all devices in the network.
A subnet mask consists of 32 bits and is always used in combination with the IP address. It is therefore exactly as long as an IP address. The bits of the subnet mask that are “1” determine the locations of the IP address that belong to the network portion. All remaining digits of the IP address which are set to “0” then define the host portion.
CIDR, short for Classless Inter-Domain Routing, is an IP addressing scheme that improves the allocation of IP addresses. It replaces the old class-based system.
This scheme has also helped significantly extend the lifespan of IPv4 and slow the growth of routing tables.
CIDR is based on variable-length subnet masking (VLSM). This allows prefixes of any length to be defined, making it much more efficient than the old system. CIDR IP addresses consist of two groups of numbers. The network address is written as a prefix, like that of a normal IP address (e.g. 192.168.255.255). The second part is the suffix, which indicates how many bits of the subnet mask define the network share (e.g. /24). Put together, a CIDR IP address would look like this: 192.168.1.0/24
In order to visualize the calculation, a /14 network which includes 262144 addresses is converted into a /23 network. The first thing to do is to find out how large the original network is. The subnet mask is used for this. If you translate this into binary notation and count the number of 1 bits (network share) you get the CIDR suffix. Then you have to calculate the size of the host share. Simply subtract the CIDR from 32 and you get the number of bits in the host share. You can now use this value as an exponent of 2 to get the total number of addresses.
Example: 32 – 14 = 18 ⟶ 2^ 18 = 262144 (including network address & broadcast)
The original /14 network is divided into several subnets. First, we find out how many hosts are needed per subnet. To determine this, you need to find the next larger power value of 2. Example: 300 hosts are required per subnet, the next higher power value would be 512 ( 2 ^9 ). You should keep in mind that the network area itself is always 2 addresses smaller. Both the network address and the broadcast would be reserved and therefore cannot be assigned to hosts.
The network address (or network ID) is the starting point of a network. It defines where the network is separated and therefore also where the broadcast from the previous network is located.
A broadcast address is a network address used for broadcasting to all devices connected to a network. A message sent to a broadcast address can be received by all hosts connected to the network.
The network range defines the number of freely available IP addresses that can be assigned to hosts. In general, these are all addresses in a network. Except the network ID & broadcast address.
When subnets are calculated, the octet on which the network portion ends is the most important. Because this switches to the host portion. This jump is indicated by a “ | “ (Pipe) shown. See table below: “Network share/Host share”
The step size only refers to the affected octet, which all remaining octets completely correspond to the network share and are therefore fixed. Or the host share and thus rotate all addresses from 0-255.
The last masked bit of the network component is of particular importance. Because you go through all power values of 2 (until the last masked bit of the network component is reached). The affected power value therefore corresponds to the subnet step size. In our example, the new subnet increment is 2 (/23).
|
128 |
64 |
32 |
16 |
8 |
4 |
2 |
1 |
|
| Octet ( /14 ) |
1 |
1 |
1 |
1 |
1 |
1 |
0 |
0 |
| Octet ( /23 ) |
1 |
1 |
1 |
1 |
1 |
1 |
1 |
0 |
In the host portion of the octet you can find out the minimum & maximum hosts of the network. If you now set all the digits of the host portion in the affected octet to 0, you get the smallest possible IP address in the network.
The first network address always has the same network address, and the last broadcast address always has the same broadcast address as the original network. Everything can be calculated by setting all digits of the host portion to 1 in the affected octet.
If you now have all this information, you can start counting at the first IP of the network. This allows all subnets, as well as their network areas and broadcast address, to be calculated.
The first IP after the network address is always the first freely available IP in the network area. The broadcast IP always corresponds to the next smaller IP of the network address. In front of this is the last freely available IP in the network area. You can also calculate the total number of subnets by subtracting the old CIDR from the new CIDR and calculating the result as an exponent of 2.
| Network address | Network area | Broadcast | ||
| Subnet 1 | 172.16.0.0 | 172.16.0.1 | 172.1.254 | 172.16.1.255 |
| Subnet 2. . . | 172.16.2.0 | 172.16.2.1 | 172.3.254 | 172.16.3.255 |
| Subnet 511 | 172.19.252.0 | 172.19.252.1 | 172.19.253.254 | 172.19.253.255 |
| Subnet 512 | 172.19.254.0 | 172.19.254.1 | 172.19.255.254 | 172.19.255.255 |
| netmask | Binary | |||
| CIDR (OLD) | 172.18.0.0/14 | 10101100.000100 | 10.00000000.00000000 | ||
| Subnet mask (ALT) | 255.252.0.0 | 11111111.111111 | 00.00000000.00000000 | ||
| Subnet mask (NEW) | 255.255.254.0 | 11111111.11111111.1111111 | 0.00000000 | ||
| CIDR (NEW) | 172.18.0.0/23 | 10101100.00010010.0000000 | 0.00000000 | ||
Now we have a /14 network which includes 262142 addresses divided into a /23 network which provides 512 (2^ 9) subnets with 510 free addresses each.
A first look at IPv6 can be overwhelming. Strictly speaking, the addressing scheme is the same as IPv4, with the main difference being that the address length is 128 bits instead of 32 bits and uses hexadecimal notation. For example, you could write an IPv4 address as FFFF:FFFF, which would be 255.255.255.255. Vice versa an IPv6 address as 255.255.255.255.255.255.255.255. 255.255.255.255.255.255.255.255. Which would therefore be FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF. Other than the addressing scheme and hexadecimal notation, IPv6 is exactly the same as IPv4 for subnet and routing purposes. A subnet is still a subnet. A /24 in IPv4 is simply a /120 in IPv6, hence the same number of IP addresses. However, IPv6 (due to the 128-bit address length) offers the possibility of creating significantly larger networks.
