Subnet Masks
Subnet
masks are essential tools in network design, but can make things more
difficult to understand. Subnet masks are used to split a network into a
collection of smaller subnetworks. This may be done to reduce network
traffic on each subnetwork, or to make the internetwork more manageable
as a whole. To all intents and purposes, each subnetwork functions as if
it were an independent network, as far as entries in the routing table
are concerned. The illustration below shows how a routing table looks
when subnet masks are used on a network.
Interface configuration for router 1
Interface IP Address Subnet mask
E0 150.4.2.1 255.255.255.0
E1 150.4.3.1 255.255.255.0
E2 150.4.1.1 255.255.255.0
150.4.0.0 is subnetted with three subnets
c 150.4.1.0 directly connected Ethernet 2
c 150.4.2.0 directly connected
Ethernet 0
c 150.4.3.0 directly connected Ethernet 1
As
you can see, the routing table notes that the class B network is
subnetted, and recognizes each subnet as a separate entry in the routing
table.
As the subnet mask is the area that causes most confusion, let's look more closely at how the subnet mask works.
Communication
between a node on a local subnetwork and a node on a different
subnetwork is like communication between nodes on two different
networks. To a user, routing between subnetworks is transparent.
Internally, however, the IP software recognizes any IP addresses that
are destined for a subnetwork and sends those packets to the gateway for
that subnetwork.
When subnet masks are used, an IP address is interpreted as follows:
[IP address] = [Network address][Subnetwork address][Host address]
This
shows that when a network is divided into subnetworks, the host address
portion of the IP address is divided into two parts, the subnetwork
address and the host address.
For
example, if a network has the Class B IP network address portion
129.47, the remainder of the IP address can be divided into subnetwork
addresses and host addresses. This division is controlled by the network
administrator to allow the most flexibility for network development at
the site.
A
subnet mask is the mechanism that defines how the host portion of the
IP address is divided into subnetwork addresses and local host address
portions. The subnet mask is a 32-bit, (four byte) number, just as an IP
address is.
To
understand the mechanics of the subnet mask, it is important to know a
little of binary arithmetic. We will go through the process of working
out how subnet masks work longhand, then show a shortcut.
In
binary numbers, the only digits available are 0 and 1. The rightmost
digit of a binary number represents the amount of ones in the number
(either 0 or 1). The next number represents the amount of twos, either 0
or 1, the next number, the amo unt of fours etc. Thus to convert the
eight bit binary number 01101001, to the more familiar decimal, we need
to use the map below:
128 64 32 16 8 4 2 1
0 1 1 0 1 0 0 1
Thus,
the binary number 01101001 is in fact 105 in the more familiar decimal
notation. If you have eight zeroes in a binary number, the decimal value
is obviously zero. If you have eight ones, the decimal value is 255.
To
see how a subnet mask splits up the host portion into subnet address
and host address, it is necessary to convert both the IP address and the
subnet mask to binary numbers. Once the IP address and subnet mask have
been converted to binary, a logical AND is performed between the
address and subnet mask (which means the resultant value is 1 if both IP
and subnet mask value are a 1; otherwise the result is zero). Let's
look at an example:
IP Address : 201.222.5.121
Subnet Mask : 255.255.255.248
201.222.5.121
: 11001001.11011110.00000101.01111 001 255.255.255.248 :
11111111.11111111.11111111.11111 000 Subnet :
11001001.11011110.00000101.01111 000 201. 222. 5. 120
Thus,
the resultant subnet address is 201.222.5.120. This subnet mask is said
to have five bits in the subnet field, which leaves three bits to
define hosts. (Note that the last three bits of the fourth byte are
separated off to show the effect of the subnet mask.) With three binary
bits, there are eight possible values (0 through7). However, there are
only six of these addresses that can be used for hosts on this subnet.
This is because the first and last values are reserved. The first is
reserved as identifying the subnet number itself and the last is the
broadcast address for that subnet. This is shown for our example IP
address and subnet mask below:
IP address = 210.222.5.121
Subnet Mask = 255.255.255.248
Subnet Address = 201.222.5.120
Usable Host Addresses on Subnet = 201.222.5.121 - 201.222.5.126
Subnet Broadcast Address = 2 01.222.5.127
Subnet Mask = 255.255.255.248
Subnet Address = 201.222.5.120
Usable Host Addresses on Subnet = 201.222.5.121 - 201.222.5.126
Subnet Broadcast Address = 2 01.222.5.127
It
is good to work through a few example to understand how it works. Try
to work out the subnet address, usable host addresses and broadcast
address for the following:
IP address = 164.2.34.35
Subnet mask = 255.255.255.224
Subnet mask = 255.255.255.224
IP address = 101.2.3.18
Subnet Mask = 255.255.0.0
Subnet Mask = 255.255.0.0
(The answers are given at the end of this article.)
For
subnetting the last octet (which is the most common task) the quicker
way to work it out is as follows: subtract the value of the last octet
of the subnet mask from 256, and that will tell you how many IP
addresses there are in the subnet.
For
example, with a subnet mask of 255.255.255.224, take 224 from 256 and
you get 32. This tells you that for a subnet mask ending in 224, you are
splitting the network number into subnets that have 30 usable IP
addresses in them (remembering that the first and last IP address in a
subnet is not useable for host addressing).
An
alternate method that works for subnets that extend in to the third
octet (such as 255.255.192.0) starts with writing down the subnet mask
in binary.
Look at the decimal value of the rightmost 1 in the subnet mask.
This decimal value tells you what increment in the IP address puts you into a new subnet.
This
is best explained by using an example. Let's say we have a subnet mask
of 255.255.255.224; converting this to binary, we get:
11111111.11111111.11111111.11100000
We
can see that the ones end in the spot that represents the number of
32's we have in the number. This means that with every increment of 32
in the IP address, we go in to a new subnet. We can illustrate this by
applying this subnet mask to the following IP address:
150.2.3.56
With the 255.255.255.224 subnet mask we get a new subnet every 32 addresses, so the subnets will start at:
150.2.3.0
150.2.3.32
150.2.3.64
150.2.3.96
150.2.3.128
150.2.3.160
150.2.3.192
150.2.3.224
150.2.3.32
150.2.3.64
150.2.3.96
150.2.3.128
150.2.3.160
150.2.3.192
150.2.3.224
So, for the address 150.2.3.56, with a subnet mask of 255.255.255.24, the subnet address is 150.2.3.32.
The
following tables show how many hosts per subnet, and total subnets
result when a range of subnet masks are applied to both class B and C
networks.
Class B Subnetting
#Subnet Bits Subnet Mask #Subnets #Hosts
2 255.255.192.0 4 16382
3 255.255.224.0 8 8190
4 255.255.240.0 16 4094
5 255.255.248.0 32 2046
6 255.255.252.0 64 1022
7 255.255.254.0 128 510
8 255.255.255.0 256 254
9 255.255.255.128 512 126
10 255.255.255.192 1024 62
11 255.255.255.224 2048 30
12 255.255.255.240 4096 14
13 255.255.255.248 8192 6
14 255.255.255.252 16384 2
Class C Subnetting
#Subnet Bits Subnet Mask #Subnets #Hosts
2 255.255.255.192 4 62
3 255.255.255.224 8 30
4 255.255.255.240 16 14
5 255.255.255.248 32 6
6 255.255.255.252 64 2
RFCs
760, 791 and 1812 caution against the use of the first and last subnet,
and in some installations, either the last subnet, or the first and
last subnet are unavailable. Whether these subnets are usable depends on
the routing protocols in use on the network and the IP implementation
on the routing devices on the network.
In
practice an RFC is a guideline--not an officially sanctioned
standard--and vendors are free to implement workarounds to problems
highlighted in RFCs. If your network uses UNIX hosts and RIP version 1
as its routing protocol, you cannot use the first and last subnet. (In
this instance, the number of subnets listed in the tables needs to be
reduced by two in each case.) If your network consists of Cisco routers
using OSPF or EIGRP, you can use the f irst and last subnet. If you are
using Cisco routers and IGRP, you can always use the first subnet, but
not always the last. Of course, there are other combinations that will
or will not work--either refer to the documentation of your specific
devices, or refer to the manufacturer to see if the first and last
subnet can be used.
If
you are at all unclear on whether your combination will work with the
first and last subnet, avoid their use. However, if you are short on
available IP addresses and your configuration supports it, there is no
reason not to use them.
What
defines whether a routing protocol will support use of the first and
last subnet correctly is whether the routing protocol in use sends
subnet mask information in route updates. RIP and other distance vector
protocols do not, link state and hybrid protocols (such as EIGRP and
OSPF) do.
The
reason this is so, is best illustrated with an example. Suppose you
have a Class C network of 200.200.200.0, using a subnet mask of
255.255.255.192 and allocate an interface on a router with an IP address
of 200.200.200.195. This is in the last subnet in the network which
starts at 200.200.200.192. The broadcast address for this subnet is
200.200.200.255, which also happens to be the broadcast address for the
whole class C network. If the value of the subnet mask is not sent in
routing updates, a remote router that has the 200.200.200.192 subnet
listed in its routing table may not know if a packet addressed to
200.200.200.255 is meant for just that subnet or the whole class C.
As
if all this was not enough, there are other issues that need to be
considered, that make the definition of hard and fast rules complex.
Routing Protocols
As the routing table is the center of what goes on for a routed network, there are routing protocols implemented to keep it updated automatically. A routing protocol runs on each router in the network and has the goal of notifying all other routers regarding the networks it knows about and any changes to the network that occur (for example, as the result of a link failure making a remote network reachable via a different route.
As the routing table is the center of what goes on for a routed network, there are routing protocols implemented to keep it updated automatically. A routing protocol runs on each router in the network and has the goal of notifying all other routers regarding the networks it knows about and any changes to the network that occur (for example, as the result of a link failure making a remote network reachable via a different route.
Unfortunately,
the behavior of these routing protocols is different enough that you
need to be aware of what they will do to the routing table under various
conditions.
Distance
vector routing protocols, like RIP and IGRP, send updates on a regular
basis (defaults are 30 seconds for RIP, 90 seconds for IGRP, although
this is configurable) that include information on all the routes know
about in the routing table. For large routing tables, these updates can
consume signficant bandwidth (for example, a couple of thousand entries
in a routing table will consume a 128k line every time an update is sent
out). These updates are only sent to neighboring routers.
Link
state protocols use a different mechanism. These protocols send out
small hello packets every 30 seconds to all routers in the network as
keep-alive messages. Route information is only sent out whenever
something changes, and them, only to the routers that need to know. Link
state protocols may be a bit better on bandwidth consumption, but
require more processing and memory within the router to operate well.
If
a router learns of two ways to get to a remote subnet via RIP, the
route with the lowest metric will be selected and placed in the routing
table. If the metrics are equal, how the router behaves varies from
vendor to vendor. The router may place either of the routes in the
routing table, however, with RIP, you are sure that only one route will
be used.
If
a router learns of two ways to get to a remote subnet via IGRP, things
are different. If the two routes have equal metric, they will both be
put in the routing table and traffic split between them. If the metric
for the two routes is within a pre-defined variance, traffic will be
split between them in proportion to their metric values. If the
difference between the metrics is greater than the pre-defined variance,
the route with the lowest metric alone will be entered in to the
routing table. For IGRP the default variance is 1.
Within
a network, you can restrict the distribution and acceptance of route
updates via passive interfaces and trusted routers. If a router
interface is defined as passive, it will only listen for route updates
and not send any out. If there are only certain routers that you want to
receive route update information from, you can use the neighbor command
(for Cisco routers). This identifies the list of router IP addresses
you will accept updates from.
In
multi-protocol networks, there may be more than one routing protocol in
use. If a router learns of the same network number from two different
routing protocols, how does it select which set of information to put in
the routing table? In this case comparing metrics is useless as RIP
uses a different metric calculation than IGRP, which is different again
from OSPF. The way this problem is handled in a Cisco environment is to
assign an administrative distance to each protocol, and prefer the
information from the protocol with the lowest administrative distance.
RIP has an administrative distance of 120, OSPF of 110, IGRP of 100,
EIGRP of 90. Static roues have an administrative distance of 1 and
directly connected networks of 0.
The
next issues to consider are Autonomous Systems and OSPF areas. In the
thinking presented so far, the network number is the highest level in
the IP address hierarchy, which may or may not have subnets allocated
underneath it. With RIP version 1 as a routing protocol, this remains
true. With more modern protocols, the concept of an Autonomous System
(AS) comes in to play. An AS is a collection of network numbers under a
common administration. By default, routers will process route updates
that originate from the same AS and will disregard updates from other
ASes. The AS that a particular router is configured for is set when the
routing process is enabled.
So,
with an IGRP router, the IP address hierarchy starts with Autonomous
Syst em number, then network number, then subnet number.
With
an OSPF system, another level of hierarchy is introduced, which is the
Routing Area. Each OSPF system has to have at least one Area configured.
As link state routing protocols maintain a topological database of all
network numbers, which is used to calculate entries to the routing
table, there needs to be some way to reduce the size of the topological
database to make it manageable for a large network. This is achieved by
splitting an OSPF system into multiple areas, each of which are
inter-connected via Area 0, the backbone area.
So, with an OSPF system, the hierarchy is Autonomous System, OSPF Area, network number, subnet number.
With
link state and hybrid routing protocols, there is the option to use
Variable Length Subnet Masks (VLSM). With a distance vector protocol
such as RIP or IGRP, only one subnet mask value can be used on a
network, as subnet mask values are not sent in routing updates. In this
situation, the routing protocol looks to see the mask used on the
interface it received the routing update on and assumes that mask value
is in use throughout the network.
In
link state and hybrid protocols, subnet mask information is sent in
routing updates, which allows a different subnet mask value to be used
in different parts of the network. This adds a measure of flexibility in
assigning subnet masks, but does add complexity.
Next,
an issue that continually causes confusion, and that is route
summarization for distance vector protocols (link state protocols can be
configured to enable or disable route summarization). What route
summarization means is that when a router connects two different network
numbers together, subnet information is not passed between the two
networks. This is best illustrated with an example.
An incorrectly configured network for use with distance vector protocols subject to route summarization
In
this figure, the 180.5.0.0 network has a sub net mask of 255.255.255.0
in use. Because of route summarization, router 2 and router 3 will both
advertise 180.5.0.0 without subnet information to router 1. Router 1
will therefore have two equal cost routes to the 180.5.0.0 network. Any
packets that router 1 needs to send to the 180.5.1.0 subnet will be
split between router 2 and router 3, as all router 1 knows about is the
180.5.0.0 network. Potentially, this could cause only half the packets
to be delivered to a host on the 180.5.1.0 subnet.
The
routing protocols discussed so far have been interior gateway routing
protocols. Exterior protocols also exist. These protocols are designed
to regulate what traffic can travel between different Autonomous Systems
(AS) and protect each from any bugs in another AS. The mechanisms we
will examine here are static routing, the Exterior Gateway Protocol and
the Border Gateway Protocol. An AS is a collection of network numbers
and equipment that is under a common administration. Routing processes
like IGRP and OSPF are initiated with as AS number in the router
configuration and only accept updates from other routers within the same
AS. Different AS numbers are used on the Internet
0 comments: