Getting stuck on the why of subnetting
Hello everybody, I think I'm going to like this board.
I'm studying for the N+ certification, and I just hit a chapter on subnetting in the book I'm using to study. Like what I gather to be many people before me, I got stuck. But I don't think I'm stuck in the same way. I seem to understand the numbers and how to get the number, but I don't quite understand what it all means, or what benefit it would be to use subnets. I think I'm getting stuck on it because I can't reconcile it with how our network was setup at work, and why it is that way.
In the network I work with (small network, only 60 computers), we use an IP in the 172.16.x.x range, and we use 255.255.255.0 as the subnet. Firstly, this seems to go against what I read where 255.255.0.0 was supposed to be the subnet for Class B addresses.
Secondly, I don't understand what "254 subnets with 254 hosts" means - I seem to be missing something very basic here and I don't know what it is. How does that work, exactly? From this site (Subnet Addressing - Network Computing), it seems that the subnet mask shows which bits to use as the host, and which are the network identifiers. Is that true?
So, this is what I think I understand. Subnets are used if you have a public IP address. You can specify them at the router level to divide your network as you go out. Somehow the routers will communicate to each other to allow the subnets to talk to each other (or do you have to have a DHCP server on each subnet?). So, for each subnet you need a router? I know you can do it via static IPs as well, but to do it though DHCP would you need some sort of server on each subnet...
I just keep going in circles and making myself more confused, so I'll stop for now. Hopefully I can clarify things and explain myself better if it's murky right now.
Edit: Here's something to help clarify. I guess I'm just not sure why you'd use subnets instead of private IPs on your network and NAT. Or am I confusing what each is used for?
Edit 2: Another part of confusion - can hosts on different subnets see/talk to each other? I seem to be reading contradictory statements on that, but it could just be because I'm confused at the basic levels.
I'm studying for the N+ certification, and I just hit a chapter on subnetting in the book I'm using to study. Like what I gather to be many people before me, I got stuck. But I don't think I'm stuck in the same way. I seem to understand the numbers and how to get the number, but I don't quite understand what it all means, or what benefit it would be to use subnets. I think I'm getting stuck on it because I can't reconcile it with how our network was setup at work, and why it is that way.
In the network I work with (small network, only 60 computers), we use an IP in the 172.16.x.x range, and we use 255.255.255.0 as the subnet. Firstly, this seems to go against what I read where 255.255.0.0 was supposed to be the subnet for Class B addresses.
Secondly, I don't understand what "254 subnets with 254 hosts" means - I seem to be missing something very basic here and I don't know what it is. How does that work, exactly? From this site (Subnet Addressing - Network Computing), it seems that the subnet mask shows which bits to use as the host, and which are the network identifiers. Is that true?
So, this is what I think I understand. Subnets are used if you have a public IP address. You can specify them at the router level to divide your network as you go out. Somehow the routers will communicate to each other to allow the subnets to talk to each other (or do you have to have a DHCP server on each subnet?). So, for each subnet you need a router? I know you can do it via static IPs as well, but to do it though DHCP would you need some sort of server on each subnet...
I just keep going in circles and making myself more confused, so I'll stop for now. Hopefully I can clarify things and explain myself better if it's murky right now.
Edit: Here's something to help clarify. I guess I'm just not sure why you'd use subnets instead of private IPs on your network and NAT. Or am I confusing what each is used for?
Edit 2: Another part of confusion - can hosts on different subnets see/talk to each other? I seem to be reading contradictory statements on that, but it could just be because I'm confused at the basic levels.
Comments
Download Exam Objectives
if you go to this link you can download the objectives for the test
I just passed the exam today and I had 2 questions out of 100 that had a /xx denotation on them, both had to do with classful addresses. I never touched on that so i guessed, but even getting 2 wrong wont be a huge detriment to my score.
I would say, just understand how the /xx denotation effects the subnet mask, and what the mask would be on any given network by DEFAULT (yes you can have 255.255.255.0 on a 172, or a 10 network because those are PRIVATE networks). And youll most likely know anything your test would require of you for subnetting.
Or my twitter: www.twitter.com/securityslam
They are using the 255.255.255.0 subnet mask because there is no need for 65,534 hosts on their network. With the 255.255.255.0 subnet mask they are allowed 254 hosts on the network and in turn limits the amount of usable ip addresses to a more realistic number for their size. You can take ip addresses from just about any class and subnet them into what you want for the most part. The classes of ip addresses was set as a standard before it was believed that we would run out of ip addresses. Subnetting was created to prevent us from running out of ip addresses. Thats why there are 3 sets of private ip addresses that can be used by a home or business internally and will never be used as public ip addresses.
That is true. The 254 subnets means you have 254 networks that can support 254 hosts. So if you where a huge company this would be useful (although that is a bit over kill). There are many companies that have more the 254 hosts on a network which means they need to be able to span more than 1 network of 254 hosts.
You can setup routers to communicate with separate subnets.
You use subnetting when you want to be able to use more than 254 hosts but not have to be subject to classful subnetmasks. Jumping from 254 hosts to 65,000+ hosts is a huge jump if you just need to use 500 computers on a network. Also Subnetting can be used on public ip addresses as well. So if an ISP is given a range of ip addresses and doesn't want to have to buy more then they subnet out the ip addresses so that only so many are used. If they had to follow a classful ip scheme then they would have to use an entire subnet of 254 ip addresses on say 1 connection that only requires 4 addresses.
Yes Hosts on different subnets can see and talk to eachother as long as its setup that way.
Hope this makes sense and didn't bring more confusion to what is already pretty confusing subject. This is just me explaining it how I learned it and there are people on here that could do a much better job I am sure.
Here's a link which explains the difference between classful and classless and why your 172.16.x.x is a /24 subnet and not a /16. Classful vs Classless Addressing
Ideally in a larger environment you wouldn't want your servers, hosts, and other devices on the same network. Typically what network admins will do is put hosts into one or more subnets, put servers into one or more subnets, and route between them. This gives greater control over the traffic going from hosts to servers. Another example of using subnets would be configuring a DMZ to place your web servers, web email, and other internet-facing servers in.
CCNA Security | GSEC |GCFW | GCIH | GCIA
[email protected]
http://twitter.com/paul_bosworth
Blog: http://www.infosiege.net/
Heh wish this thread happened yesterday, i might have gotten a slightly better score than I did.
Or my twitter: www.twitter.com/securityslam
Did you pass regardless?
CCNA Security | GSEC |GCFW | GCIH | GCIA
[email protected]
http://twitter.com/paul_bosworth
Blog: http://www.infosiege.net/
One thing I don't understand is about "block size" as it's called in my book. It says that if, say, the subnet is 255.255.255.128 (a /25 address), then you can have 2 subnets, which makes sense for me as the bit could either be on or off identifying the different subnets. But why does the books say that the first block size is 1-126, and the second is 129-254? Wouldn't the valid hosts be the same set of numbers for each subnet?
Or is this how it works: the subnet mask is set to 255.255.255.128. Therefore, the IP address determines what subnet it is on - 192.168.10.10 is defined as being on a different network as 192.168.10.210, despite being connected to the same switch, router, etc. So, the subnet mask is similar to a VLAN, in that it doesn't change the physical setup, but it changes how the computers sees themselves as part of a network. Am I even close?
Yes, heh, but a better score is not a bad thing. =p
Or my twitter: www.twitter.com/securityslam
Why would you need to separate networks? Well, think about it. If there was no divider between groups of IP addresses, the whole world would be on the same network. Some hacker in Lithuania would be on the same network as the Pentagon, the Iranian government would be on the same network as the Israeli government, etc. Everyone would basically have access to each others' stuff and that would be messy. This doesn't just apply to public IP addresses. Subnetting applies to both public and private IP addresses. Would you want Bill from Sales to have access to the files that Sally from Accounting has access to? No way, because Bill is a dirtbag and wants to embezzle money from the company.
So, these people and devices are separate from one another, but suppose they need to talk to one another for certain reasons. While Bill and Sally shouldn't be accessing each others' stuff, they both need access to the files that Jill in Billing has access to for expense reports, pricing, yada yada yada. How do we do this? That's where routers come into play. Routers mostly operate at Layer 3 (they can do much more, but let's stick with Layer 3 for the sake of argument). At Layer 3, broadcasts stay only within the local subnet. The traffic never goes beyond the nearest Layer 3 interface (any interface with an IP address on it). To make the networks that hang off of each interface talk to one another, the router does what it does...it "routes" the traffic where it needs to go. So, in the above example, I can tell the router not to let people from the subnet that Bill is on talk to the people on the subnet that Sally is on. However, I can also tell it to let Bill's subnet and Sally's subnet talk to Jill's subnet. So, when the traffic on the local subnet hits the nearest Layer 3 (router) interface, the router checks its configuration to see where it should send the traffic to based on what is in the packets it receives.
As far as what "x" # of networks vs. "x" # of hosts means, let me use an example.
Let's pretend that the rules of subnetting don't exist. Lets say instead of each octet of an IP address having 256 possible values (0-255), it only has 20. Let's also pretend you can use the first and last IP in a subnet. If I leave this alone, I have 1 network with 20 possible hosts (meaning 20 interfaces with IP addresses, which could include anything from router interfaces to the IP on a PC's NIC). If I split those 20 addresses into two parts, I have two sets of IP addresses, with 10 IP addresses in each set. So, I then have 2 networks, with 10 possible hosts in each network. This is the same with subnetting in the real world. If I have a Class B subnet, for example 172.16.0.0 255.255.0.0, I have 16,384 possible networks. How? Well, I have 172.16.1.0, 172.16.2.0, 172.16.3.0, etc. all the way up to 172.16.255.252. Within each network, I have 65,536 possible hosts per network. For example, if I start at 172.16.0.0, we have 172.16.1.1-255, 172.16.2.1-255, 172.16.3.1-255, etc. all the way up to 172.16.255.255. With 256 possible values in the 3rd octet (0-255) and 256 possible values for the 4th octet (0-255), 256 x 256 = 65,536 possible combinations in the third and fourth octets.
Now, what do we do if there's only two people who use a Layer 3 interface? Do we use an entire Class C subnet for just two people? No way. That wastes 252 IP addresses because nobody is using them! That's where "classless" subnetting comes into play. This is what your network at work is doing. They've "broken the rules" so to speak. They've basically broken down your class B into 256 networks, 256 hosts per network.
Hope this helps, not sure if I covered everything (some of my math may be wrong because I did this on the fly), but if you have any more questions, feel free to ask!
Occupation: Tier II NOC Tech - Centurylink
CCIP Progress: [x] BSCI
[x] BGP
[ ] MPLS
[ ] QoS
So instead of all of 192.168.0.xxx being on the same network, You could make 4 networks out of that one range of numbers by changing the subnet mask to 255.255.255.192. This is the reason why, on our network, 172.16.0.x and 172.16.1.x can't talk to each other, because those regions are part of the subnet mask, which is specifying where to look for the network identifier.
So, subnets really only seem to get confusing when you don't use either 0 or 255 in them. Does this sound right?
You can't use the first and last IP addresses in a subnet. 10.10.10.0/24 identifies the network that begins the subnet and 10.10.10.255 is the broadcast address for that subnet. You cannot apply these addresses to anything because routers, PCs, switches, etc. use the network and broadcast addresses for various reasons. If a host had them, routing would be totally messed up. So even though 10.10.10.0 through 10.10.10.255 provides you with 256 addresses, you can only use 10.10.10.1 through 10.10.10.254, which is 254 addresses instead of 256.
Exactly.
Occupation: Tier II NOC Tech - Centurylink
CCIP Progress: [x] BSCI
[x] BGP
[ ] MPLS
[ ] QoS
Wolverene, this was very helpful. I have a question about the above though - you mention that you have 16,384 possible networks. And then 65,536 possible hosts within the network. How would that work? I'm not sure I follow your math. If you were to define the last octet as being part of the network identifier, wouldn't that prevent you from having any hosts? Unless, I suppose, you had only some of the bits activated, leaving you some left for hosts. Maybe I'm just getting tripped up on the words you use - when you say the network of 172.16.0.0, do you mean it has a subnet of 255.255.255.255?
You're correct in the assumption that some of the bits are activated. And that's basically what classless subnetting is. Classful subnetting stops when an octet is "full" and the remaining octets have a "0" in them. Classless networks don't stop when the remaining octets are "0" and they split the octets into pieces. For instance, a classful network looks like 172.16.0.0 255.255.0.0, whereas a classless network could be 172.16.10.128/25, or 172.16.10.128 255.255.255.128. You've "borrowed" all of the bits in the third octet for the network address as well as the first bit in the last octet. This essentially makes your Class B network into a Class C, then breaks the last octet into two equal networks with 126 hosts per network. So, you'd have network 172.16.10.0/25 (or 172.16.10.0 255.255.255.128 through 172.16.10.127 255.255.255.12
Occupation: Tier II NOC Tech - Centurylink
CCIP Progress: [x] BSCI
[x] BGP
[ ] MPLS
[ ] QoS
[Insert round of applause here]
You got it! You have just had what everyone has at some point with subnetting. At first, you usually get the math, but typically have no idea why this is being done in the first place. Then, at some point you have an "Aha!" moment where everything clicks into place and a light bulb goes on. I think a lot of cert books make too many assumptions about what the reader already knows, and the authors don't always explain things clearly to the "newbie," but in my opinion there's no real way to explain subnetting so that the reader gets it on the first shot.
Occupation: Tier II NOC Tech - Centurylink
CCIP Progress: [x] BSCI
[x] BGP
[ ] MPLS
[ ] QoS
Unless i'm also missing something. Which is possible.
Heh, I am not even going to try to compete here, but this is making for good reading. I think even I have a higher understanding of it now than i did before.
Or my twitter: www.twitter.com/securityslam
That's what I thought, leaving me confused as to what he is saying for some reason.
Sorry about that. Apparently an "8" followed by a period makes a Terminator smiley or something
Occupation: Tier II NOC Tech - Centurylink
CCIP Progress: [x] BSCI
[x] BGP
[ ] MPLS
[ ] QoS
Ah! Dont say TERMINATOR!
Or my twitter: www.twitter.com/securityslam
Sounds like you have a bad history with him. Are you a T-1000 or something?
Occupation: Tier II NOC Tech - Centurylink
CCIP Progress: [x] BSCI
[x] BGP
[ ] MPLS
[ ] QoS
Heh, I was thinking more along the lines of a bus network topology...
Or my twitter: www.twitter.com/securityslam
Networking 101: Understanding Subnets and CIDR - www.enterprisenetworkingplanet.com
BS IT Network Administration AAS Electronics / Laser Electro Optics
Yes and no. When you chop up the IP space that is common to a bunch of hosts, you are in effect creating a new network.
If I have 500 hosts on a /23, and then I chop that into a pair of /24's with 250 hosts on each /24, they can no longer talk to each other without the intervention of a layer 3 device.
Think of it like an office building. The office building is your IP allocation. You allocate space in that office building according to the number of businesses that want to move in there. The businesses are your subnets. So while you control the allocation in it's entirety (you own the office building), each business inside is a discrete entity to itself, just as each subnet is a discrete network unto itself.
I'm not sure subnet is the right word, but a mask of /32 (255.255.255.255) identifies exactly one host (that's why they're called host routes).
Usually, that type of IP is assigned as a loopback address on a network device or server. They're used because loopback interfaces are always up, so as long as the machine has some kind of connectivity, that IP should always be reachable.
As far as the Net+ is concerned, there are basically three types of addresses in a subnet - the network identifier, which is the first IP in the subnet, the broadcast address, which is the last, and the host address, which uniquely identifies an endpoint.
the network identifier is kind of like a street sign. It says 'if you've got anything for folks on Baker street, we're over here', and then the host addresses are the individual houses on Baker street. The broadcast address is the middle of the street where your drunk neighbor goes at 3am with a megaphone to tell you he just farted (don't confuse this with twitter!).
If you've got an address scheme where there is a subnet where there is more than one host possible, the network identifier and the broadcast addresses are necessary. The network ID because it's his job to represent more than one person and the broadcast because sometimes those people need to talk to everyone at once instead of one by one.
But sometimes you don't need to allocate an entire subnet, sometimes you just need a path to one single solitary host. In that case, you don't need the network identifier or the broadcast address, you just need a way to uniquely represent that one single solitary person. That's what a /32 mask/route is for.
But good info, thank you
Or my twitter: www.twitter.com/securityslam
LOL, that was awesome.
Occupation: Tier II NOC Tech - Centurylink
CCIP Progress: [x] BSCI
[x] BGP
[ ] MPLS
[ ] QoS