Subnetting CSIS 3723 Why Subnet We need to

Subnetting CSIS 3723

Why Subnet? � We need to create some logic to the environment � We want to keep like devices together � We want to make money leasing the use of the space � Security

Public Versus Private � When designing the Internet it was decided that not all devices would need or want to be addressable from the Internet but the will still need to communicate using the network � Because of this private address space was created � These addresses are not accessible from the Internet without the network administrator doing something to give them a Internet address (NAT) � These addresses can be accessible in your intranet (corporate space)

Public Versus Private � RFC 1918 defines these ◦ 10. 0 - 10. 255 (10. 0/8) ◦ 172. 16. 0. 0 – 172. 31. 255 (172. 16. 0. 0/12) ◦ 192. 168. 0. 0 – 192. 168. 255 (192. 168. 0. 0/16) � These are the IP address spaces that can be used internally in an enterprise

Public Versus Private � RFC states a “link local” block � Also reserves lowest Class B � Also defines loop back space (RFC 1700) � Also defines multicast address space (RFC 5771) ◦ 169. 254. 0. 0 – 169. 254. 255 (169. 254. 0. 0/16) ◦ To be used when a device can not get an IP address through DHCP ◦ 128. 0. 0. 0 -128. 0. 255 (128. 0. 0. 0/16) ◦ Not able to be used under old class system but can be assigned to someone ◦ 127. 0. 0. 0 – 127. 255 (127. 0. 0. 0/8) ◦ Used for a machine to communicate internally ◦ 224. 0. 0. 0 – 239. 255 (224. 0. 0. 0/4) � So you should never use these IP address spaces!

And You Should NEVER Just Pick an IP Space 150. 134. 10. 0/24 Internet 150. 134. 10. 0/24 150. 134. 10. 30 192. 168. 1. 0/24 192. 168. 1. 12

How does subnetting work? � What are the IP addresses for the subnet 192. 168. 0. 0/24? � 192. 168. 0. 0 through 192. 168. 0. 255 � Anything after the 24 th most significant bit can change and be in the same subnet 11000000 10101000 00000000 11000000 10101000 0000 1111

How We Use CIDR � We use the CIDR as a binary number � Every most significant bit is a one the rest are zero � So a /24 would be: Subnet Mask 11111111 0000 255 255 0000

� What would subnet mask be for /20? 128 64 32 16 8 4 2 1 1111 128 + 64 + 32 + 16 + 8 + 4 + 2 + 1 = 255 111111110000 255 240 0000

Lets Look at What Happens Network 192 168 0 0 Destination Address 192 168 0 138 IP Address /24 11000000 10101000 0000 10001010 11111111 0000 Logical AND 11000000 10101000 00000000 Network 11000000 10101000 00000000 Subnet Mask Bitwise AND is used. Logical AND is done on each bit between the IP address and the subnet mask. If the result matches the network it is in the same subnet Logical AND 0 0 1 1 0 1 0 0 0 1

Lets Look at What Happens Network 192 168 0 0 Destination Address 150 134 10 28 IP Address /24 10010110 10000110 00001010 00011100 11111111 0000 Logical AND 10010110 10000110 00001010 0000 Network 11000000 10101000 00000000 Subnet Mask No match different subnet

More on Subnet � If we look at just one octet we see a pattern Mask Binary Ratio 0 0000 1: 256 128 1000 0000 2: 128 192 1100 0000 4: 64 224 1110 0000 8: 32 240 1111 0000 16: 16 248 1111 1000 32: 8 252 1111 1100 64: 4 254 1111 1110 128: 2 255 1111 256: 1

More on Subnet If I start with: 192 168 10 This is the last octet: 0 0000 1: 256 If we change it to: 128 1000 0000 2: 128 0 /24 We would get two networks: 192 168 10 0 /25 192 168 10 128 /25

Let look Why Lets look at what happens when the number change in the last octet Mask 10000000 Last Octet of IP address 000000010010 As long as this bit does not become a one in the IP address it is in the first subnet First Subnet 01011010 10010100 Second Subnet

It Does Not Have To Be In The Same Octet What if an ISP owns a block of IP addresses like: ISP's block 11001000 00010111 00010000 200. 23. 16. 0/20 If I had 8 customers that want to buy subnets how could I change the subnet mask to get 8 subnets? 11001000 00010111 00010000 200. 23. 16. 0/20 11001000 00010111 00010000 Each place I move I get a multiple of two

It Does Not Have To Be In The Same Octet 11001000 00010111 00010000 To get 8 in binary I would need 3 binary numbers 4 2 1 111 4 + 2 + 1 = 7 ? ? ? We start count from zero

It Does Not Have To Be In The Same Octet ISP's block 11001000 00010111 00010000 200. 23. 16. 0/20 Organization 1 Organization 2. . . 11001000 00010111 00010000 11001000 00010111 00010010 0000 11001000 00010111 00010100 0000 …. 200. 23. 16. 0/23 200. 23. 18. 0/23 200. 23. 20. 0/23 …. Organization 7 11001000 00010111 00011110 0000 200. 23. 30. 0/23

It Does Not Have To Be In The Same Octet What if I needed 11 subnets? ? ? ISP's block Organization 0 Organization 1 Organization 2. . . Organization 16 11001000 00010111 000100000000 11001000 00010111 00010010 0000 …. 11001000 00010111 00011111 0000 200. 23. 16. 0/20 200. 23. 16. 0/24 200. 23. 17. 0/24 200. 23. 18. 0/24 …. 200. 23. 31. 0/24 We need to create 16 subnets to get 11

It Does Not Have To Be In The Same Octet What if I needed subnets that can have 56 hosts? ? ? ISP's block 11001000 00010111 00010000 200. 23. 16. 0/20 Where can we move from the right to get a number larger the 56 ? ? ? 128 64 32 16 8 4 2 1 1111 32 + 16 + 8 + 4 + 2 + 1 = 63 (plus one for zero) is 64

It Does Not Have To Be In The Same Octet What if I needed subnets that can have 56 hosts? ? ? ISP's block Organization 0 Organization 1 Organization 2. . . Organization 64 11001000 00010111 000100000000 11001000 00010111 0001000000 11001000 00010111 00010000000 …. 11001000 00010111 00011111 11000000 200. 23. 16. 0/26 200. 23. 16. 64/26 200. 23. 16. 128/26 …. 200. 23. 31. 192/26 We need to create 64 subnets each having 64 IP addresses

Do We Get 64 Usable IP addresses � On the subnet 200. 23. 16. 0/26 � We only get 61 usable IP address � One is used for the network ◦ 200. 23. 16. 0 not used � One must be used for the router interface on the subnet ◦ 200. 23. 16. 1 is usual used as the router IP address but does not have to (could be 200. 23. 16. 62 or any other host IP address) � One must be used for the broadcast address ◦ Is always the last IP address in the subnet (200. 23. 16. 63)