Getting stuck on the why of subnetting

theGECK

Hello everybody, I think I'm going to like this board.

I'm studying for the N+ certification, and I just hit a chapter on subnetting in the book I'm using to study. Like what I gather to be many people before me, I got stuck. But I don't think I'm stuck in the same way. I seem to understand the numbers and how to get the number, but I don't quite understand what it all means, or what benefit it would be to use subnets. I think I'm getting stuck on it because I can't reconcile it with how our network was setup at work, and why it is that way.

In the network I work with (small network, only 60 computers), we use an IP in the 172.16.x.x range, and we use 255.255.255.0 as the subnet. Firstly, this seems to go against what I read where 255.255.0.0 was supposed to be the subnet for Class B addresses.

Secondly, I don't understand what "254 subnets with 254 hosts" means - I seem to be missing something very basic here and I don't know what it is. How does that work, exactly? From this site (Subnet Addressing - Network Computing), it seems that the subnet mask shows which bits to use as the host, and which are the network identifiers. Is that true?

So, this is what I think I understand. Subnets are used if you have a public IP address. You can specify them at the router level to divide your network as you go out. Somehow the routers will communicate to each other to allow the subnets to talk to each other (or do you have to have a DHCP server on each subnet?). So, for each subnet you need a router? I know you can do it via static IPs as well, but to do it though DHCP would you need some sort of server on each subnet...

I just keep going in circles and making myself more confused, so I'll stop for now. Hopefully I can clarify things and explain myself better if it's murky right now.


Edit: Here's something to help clarify. I guess I'm just not sure why you'd use subnets instead of private IPs on your network and NAT. Or am I confusing what each is used for?

Edit 2: Another part of confusion - can hosts on different subnets see/talk to each other? I seem to be reading contradictory statements on that, but it could just be because I'm confused at the basic levels.

huntert

i do not think there will be many if any questions about subnetting for the net + i just went through cbt nuggats to study and the instructor went through all the domains for the tests and i do not remember that to be one of the domains to be tested

Download Exam Objectives

if you go to this link you can download the objectives for the test

Paperlantern

I'm not going to try to fully answer your question, because honestly I don't even FULLY understand subnetting myself. As I do understand it, subnetting doesn't allow for more possible nodes or anything like that, it actually decreases the number of available nodes, but is normally used for organization or security within a network.

I just passed the exam today and I had 2 questions out of 100 that had a /xx denotation on them, both had to do with classful addresses. I never touched on that so i guessed, but even getting 2 wrong wont be a huge detriment to my score.

I would say, just understand how the /xx denotation effects the subnet mask, and what the mask would be on any given network by DEFAULT (yes you can have 255.255.255.0 on a 172, or a 10 network because those are PRIVATE networks). And youll most likely know anything your test would require of you for subnetting.

kriscamaro68

theGECK wrote: »

Hello everybody, I think I'm going to like this board.

In the network I work with (small network, only 60 computers), we use an IP in the 172.16.x.x range, and we use 255.255.255.0 as the subnet. Firstly, this seems to go against what I read where 255.255.0.0 was supposed to be the subnet for Class B addresses.

They are using the 255.255.255.0 subnet mask because there is no need for 65,534 hosts on their network. With the 255.255.255.0 subnet mask they are allowed 254 hosts on the network and in turn limits the amount of usable ip addresses to a more realistic number for their size. You can take ip addresses from just about any class and subnet them into what you want for the most part. The classes of ip addresses was set as a standard before it was believed that we would run out of ip addresses. Subnetting was created to prevent us from running out of ip addresses. Thats why there are 3 sets of private ip addresses that can be used by a home or business internally and will never be used as public ip addresses.

theGECK wrote: »

Secondly, I don't understand what "254 subnets with 254 hosts" means - I seem to be missing something very basic here and I don't know what it is. How does that work, exactly? From this site (Subnet Addressing - Network Computing), it seems that the subnet mask shows which bits to use as the host, and which are the network identifiers. Is that true?

That is true. The 254 subnets means you have 254 networks that can support 254 hosts. So if you where a huge company this would be useful (although that is a bit over kill). There are many companies that have more the 254 hosts on a network which means they need to be able to span more than 1 network of 254 hosts.

theGECK wrote: »

So, this is what I think I understand. Subnets are used if you have a public IP address. You can specify them at the router level to divide your network as you go out. Somehow the routers will communicate to each other to allow the subnets to talk to each other (or do you have to have a DHCP server on each subnet?). So, for each subnet you need a router? I know you can do it via static IPs as well, but to do it though DHCP would you need some sort of server on each subnet...

You can setup routers to communicate with separate subnets.

theGECK wrote: »

Edit: Here's something to help clarify. I guess I'm just not sure why you'd use subnets instead of private IPs on your network and NAT. Or am I confusing what each is used for?

Edit 2: Another part of confusion - can hosts on different subnets see/talk to each other? I seem to be reading contradictory statements on that, but it could just be because I'm confused at the basic levels.

You use subnetting when you want to be able to use more than 254 hosts but not have to be subject to classful subnetmasks. Jumping from 254 hosts to 65,000+ hosts is a huge jump if you just need to use 500 computers on a network. Also Subnetting can be used on public ip addresses as well. So if an ISP is given a range of ip addresses and doesn't want to have to buy more then they subnet out the ip addresses so that only so many are used. If they had to follow a classful ip scheme then they would have to use an entire subnet of 254 ip addresses on say 1 connection that only requires 4 addresses.

Yes Hosts on different subnets can see and talk to eachother as long as its setup that way.

Hope this makes sense and didn't bring more confusion to what is already pretty confusing subject. This is just me explaining it how I learned it and there are people on here that could do a much better job I am sure.

Paul Boz

subnets are used to scale your network, logically classify hosts, and break up larger chunks of addressing. The fact that you guys are using 172.16.x.x/24 means you're using "classless" subnetting. This means that while 172.16.x.x should have a default CLASSFUL mask of /16, you guys have broken it up along a smaller subnet boundary.

Here's a link which explains the difference between classful and classless and why your 172.16.x.x is a /24 subnet and not a /16. Classful vs Classless Addressing

Ideally in a larger environment you wouldn't want your servers, hosts, and other devices on the same network. Typically what network admins will do is put hosts into one or more subnets, put servers into one or more subnets, and route between them. This gives greater control over the traffic going from hosts to servers. Another example of using subnets would be configuring a DMZ to place your web servers, web email, and other internet-facing servers in.

Paperlantern

Paul Boz wrote: »

subnets are used to scale your network, logically classify hosts, and break up larger chunks of addressing. The fact that you guys are using 172.16.x.x/24 means you're using "classless" subnetting. This means that while 172.16.x.x should have a default CLASSFUL mask of /16, you guys have broken it up along a smaller subnet boundary.

Here's a link which explains the difference between classful and classless and why your 172.16.x.x is a /24 subnet and not a /16. Classful vs Classless Addressing

Heh wish this thread happened yesterday, i might have gotten a slightly better score than I did.

Paul Boz

Paperlantern wrote: »

Heh wish this thread happened yesterday, i might have gotten a slightly better score than I did.

Did you pass regardless?

theGECK

Ok, I think it's making sense. Spending 3 hours reading multiple sources over and over has at least made me think I have a shaky grasp on it.

One thing I don't understand is about "block size" as it's called in my book. It says that if, say, the subnet is 255.255.255.128 (a /25 address), then you can have 2 subnets, which makes sense for me as the bit could either be on or off identifying the different subnets. But why does the books say that the first block size is 1-126, and the second is 129-254? Wouldn't the valid hosts be the same set of numbers for each subnet?

Or is this how it works: the subnet mask is set to 255.255.255.128. Therefore, the IP address determines what subnet it is on - 192.168.10.10 is defined as being on a different network as 192.168.10.210, despite being connected to the same switch, router, etc. So, the subnet mask is similar to a VLAN, in that it doesn't change the physical setup, but it changes how the computers sees themselves as part of a network. Am I even close?

Paperlantern

Paul Boz wrote: »

Did you pass regardless?

Yes, heh, but a better score is not a bad thing. =p

wolverene13

Subnets are in place primarily to separate networks. There are classful networks, which are your standard class A, class B, and class C networks. Class A is anything from 0.0.0.0 - 127.255.255.255. Class B is anything from 128.0.0.0 - 191.255.255.255. Class C is anything from 192.0.0.0 to 223.255.255.255. There are also class D and E networks, but we won't get into that. There are also classless networks, which "break" these rules, but I'll explain that later.

Why would you need to separate networks? Well, think about it. If there was no divider between groups of IP addresses, the whole world would be on the same network. Some hacker in Lithuania would be on the same network as the Pentagon, the Iranian government would be on the same network as the Israeli government, etc. Everyone would basically have access to each others' stuff and that would be messy. This doesn't just apply to public IP addresses. Subnetting applies to both public and private IP addresses. Would you want Bill from Sales to have access to the files that Sally from Accounting has access to? No way, because Bill is a dirtbag and wants to embezzle money from the company.

So, these people and devices are separate from one another, but suppose they need to talk to one another for certain reasons. While Bill and Sally shouldn't be accessing each others' stuff, they both need access to the files that Jill in Billing has access to for expense reports, pricing, yada yada yada. How do we do this? That's where routers come into play. Routers mostly operate at Layer 3 (they can do much more, but let's stick with Layer 3 for the sake of argument). At Layer 3, broadcasts stay only within the local subnet. The traffic never goes beyond the nearest Layer 3 interface (any interface with an IP address on it). To make the networks that hang off of each interface talk to one another, the router does what it does...it "routes" the traffic where it needs to go. So, in the above example, I can tell the router not to let people from the subnet that Bill is on talk to the people on the subnet that Sally is on. However, I can also tell it to let Bill's subnet and Sally's subnet talk to Jill's subnet. So, when the traffic on the local subnet hits the nearest Layer 3 (router) interface, the router checks its configuration to see where it should send the traffic to based on what is in the packets it receives.

As far as what "x" # of networks vs. "x" # of hosts means, let me use an example.

Let's pretend that the rules of subnetting don't exist. Lets say instead of each octet of an IP address having 256 possible values (0-255), it only has 20. Let's also pretend you can use the first and last IP in a subnet. If I leave this alone, I have 1 network with 20 possible hosts (meaning 20 interfaces with IP addresses, which could include anything from router interfaces to the IP on a PC's NIC). If I split those 20 addresses into two parts, I have two sets of IP addresses, with 10 IP addresses in each set. So, I then have 2 networks, with 10 possible hosts in each network. This is the same with subnetting in the real world. If I have a Class B subnet, for example 172.16.0.0 255.255.0.0, I have 16,384 possible networks. How? Well, I have 172.16.1.0, 172.16.2.0, 172.16.3.0, etc. all the way up to 172.16.255.252. Within each network, I have 65,536 possible hosts per network. For example, if I start at 172.16.0.0, we have 172.16.1.1-255, 172.16.2.1-255, 172.16.3.1-255, etc. all the way up to 172.16.255.255. With 256 possible values in the 3rd octet (0-255) and 256 possible values for the 4th octet (0-255), 256 x 256 = 65,536 possible combinations in the third and fourth octets.

Now, what do we do if there's only two people who use a Layer 3 interface? Do we use an entire Class C subnet for just two people? No way. That wastes 252 IP addresses because nobody is using them! That's where "classless" subnetting comes into play. This is what your network at work is doing. They've "broken the rules" so to speak. They've basically broken down your class B into 256 networks, 256 hosts per network.

Hope this helps, not sure if I covered everything (some of my math may be wrong because I did this on the fly), but if you have any more questions, feel free to ask!

theGECK

I think I just facepalmed. Sub-nets are a "subdivided network", right? That means in your network (whatever it may be) you have a certain range of IPs you can use and still be on that network. Subnets are a way of dividing that existing range up. I've been thinking that it was creating new networks!

So instead of all of 192.168.0.xxx being on the same network, You could make 4 networks out of that one range of numbers by changing the subnet mask to 255.255.255.192. This is the reason why, on our network, 172.16.0.x and 172.16.1.x can't talk to each other, because those regions are part of the subnet mask, which is specifying where to look for the network identifier.

So, subnets really only seem to get confusing when you don't use either 0 or 255 in them. Does this sound right?

wolverene13

theGECK wrote: »

Ok, I think it's making sense. Spending 3 hours reading multiple sources over and over has at least made me think I have a shaky grasp on it.

One thing I don't understand is about "block size" as it's called in my book. It says that if, say, the subnet is 255.255.255.128 (a /25 address), then you can have 2 subnets, which makes sense for me as the bit could either be on or off identifying the different subnets. But why does the books say that the first block size is 1-126, and the second is 129-254? Wouldn't the valid hosts be the same set of numbers for each subnet?

You can't use the first and last IP addresses in a subnet. 10.10.10.0/24 identifies the network that begins the subnet and 10.10.10.255 is the broadcast address for that subnet. You cannot apply these addresses to anything because routers, PCs, switches, etc. use the network and broadcast addresses for various reasons. If a host had them, routing would be totally messed up. So even though 10.10.10.0 through 10.10.10.255 provides you with 256 addresses, you can only use 10.10.10.1 through 10.10.10.254, which is 254 addresses instead of 256.

theGECK wrote: »

Or is this how it works: the subnet mask is set to 255.255.255.128. Therefore, the IP address determines what subnet it is on - 192.168.10.10 is defined as being on a different network as 192.168.10.210, despite being connected to the same switch, router, etc. So, the subnet mask is similar to a VLAN, in that it doesn't change the physical setup, but it changes how the computers sees themselves as part of a network. Am I even close?

Exactly.

theGECK

wolverene13 wrote: »

If I have a Class B subnet, for example 172.16.0.0 255.255.0.0, I have 16,384 possible networks. How? Well, I have 172.16.1.0, 172.16.2.0, 172.16.3.0, etc. all the way up to 172.16.255.252. Within each network, I have 65,536 possible hosts per network. For example, if I start at 172.16.0.0, we have 172.16.1.1-255, 172.16.2.1-255, 172.16.3.1-255, etc. all the way up to 172.16.255.255.

Wolverene, this was very helpful. I have a question about the above though - you mention that you have 16,384 possible networks. And then 65,536 possible hosts within the network. How would that work? I'm not sure I follow your math. If you were to define the last octet as being part of the network identifier, wouldn't that prevent you from having any hosts? Unless, I suppose, you had only some of the bits activated, leaving you some left for hosts. Maybe I'm just getting tripped up on the words you use - when you say the network of 172.16.0.0, do you mean it has a subnet of 255.255.255.255?

wolverene13

theGECK wrote: »

Wolverene, this was very helpful. I have a question about the above though - you mention that you have 16,384 possible networks. And then 65,536 possible hosts within the network. How would that work? I'm not sure I follow your math. If you were to define the last octet as being part of the network identifier, wouldn't that prevent you from having any hosts? Unless, I suppose, you had only some of the bits activated, leaving you some left for hosts. Maybe I'm just getting tripped up on the words you use - when you say the network of 172.16.0.0, do you mean it has a subnet of 255.255.255.255?

You're correct in the assumption that some of the bits are activated. And that's basically what classless subnetting is. Classful subnetting stops when an octet is "full" and the remaining octets have a "0" in them. Classless networks don't stop when the remaining octets are "0" and they split the octets into pieces. For instance, a classful network looks like 172.16.0.0 255.255.0.0, whereas a classless network could be 172.16.10.128/25, or 172.16.10.128 255.255.255.128. You've "borrowed" all of the bits in the third octet for the network address as well as the first bit in the last octet. This essentially makes your Class B network into a Class C, then breaks the last octet into two equal networks with 126 hosts per network. So, you'd have network 172.16.10.0/25 (or 172.16.10.0 255.255.255.128 through 172.16.10.127 255.255.255.12 and network 172.16.10.128/25 (or 172.16.10.128 255.255.255.128 through 172.16.10.255 255.255.255.12.

wolverene13

theGECK wrote: »

I think I just facepalmed. Sub-nets are a "subdivided network", right? That means in your network (whatever it may be) you have a certain range of IPs you can use and still be on that network. Subnets are a way of dividing that existing range up. I've been thinking that it was creating new networks!

So instead of all of 192.168.0.xxx being on the same network, You could make 4 networks out of that one range of numbers by changing the subnet mask to 255.255.255.192. This is the reason why, on our network, 172.16.0.x and 172.16.1.x can't talk to each other, because those regions are part of the subnet mask, which is specifying where to look for the network identifier.

So, subnets really only seem to get confusing when you don't use either 0 or 255 in them. Does this sound right?

[Insert round of applause here]

You got it! You have just had what everyone has at some point with subnetting. At first, you usually get the math, but typically have no idea why this is being done in the first place. Then, at some point you have an "Aha!" moment where everything clicks into place and a light bulb goes on. I think a lot of cert books make too many assumptions about what the reader already knows, and the authors don't always explain things clearly to the "newbie," but in my opinion there's no real way to explain subnetting so that the reader gets it on the first shot.

Paperlantern

A subnet of 255.255.255.255 would result in 0 possible hosts.

Unless i'm also missing something. Which is possible.

Heh, I am not even going to try to compete here, but this is making for good reading. I think even I have a higher understanding of it now than i did before.

theGECK

Paperlantern wrote: »

A subnet of 255.255.255.255 would result in 0 possible hosts.

That's what I thought, leaving me confused as to what he is saying for some reason.

wolverene13

wolverene13 wrote: »

You're correct in the assumption that some of the bits are activated. And that's basically what classless subnetting is. Classful subnetting stops when an octet is "full" and the remaining octets have a "0" in them. Classless networks don't stop when the remaining octets are "0" and they split the octets into pieces. For instance, a classful network looks like 172.16.0.0 255.255.0.0, whereas a classless network could be 172.16.10.128/25, or 172.16.10.128 255.255.255.128. You've "borrowed" all of the bits in the third octet for the network address as well as the first bit in the last octet. This essentially makes your Class B network into a Class C, then breaks the last octet into two equal networks with 126 hosts per network. So, you'd have network 172.16.10.0/25 (or 172.16.10.0 255.255.255.128 through 172.16.10.127 255.255.255.12 and network 172.16.10.128/25 (or 172.16.10.128 255.255.255.128 through 172.16.10.255 255.255.255.12.

Sorry about that. Apparently an "8" followed by a period makes a Terminator smiley or something

Paperlantern

wolverene13 wrote: »

Sorry about that. Apparently an "8" followed by a period makes a Terminator smiley or something

Ah! Dont say TERMINATOR!

wolverene13

Paperlantern wrote: »

Ah! Dont say TERMINATOR!

Sounds like you have a bad history with him. Are you a T-1000 or something?

Paperlantern

wolverene13 wrote: »

Sounds like you have a bad history with him. Are you a T-1000 or something?

Heh, I was thinking more along the lines of a bus network topology...

uhtrinity

I think some others posted good reasons on why to use subnets, as far as the how I like this guide:

Networking 101: Understanding Subnets and CIDR - www.enterprisenetworkingplanet.com

Forsaken_GA

theGECK wrote: »

I think I just facepalmed. Sub-nets are a "subdivided network", right? That means in your network (whatever it may be) you have a certain range of IPs you can use and still be on that network. Subnets are a way of dividing that existing range up. I've been thinking that it was creating new networks!

Yes and no. When you chop up the IP space that is common to a bunch of hosts, you are in effect creating a new network.

If I have 500 hosts on a /23, and then I chop that into a pair of /24's with 250 hosts on each /24, they can no longer talk to each other without the intervention of a layer 3 device.

Think of it like an office building. The office building is your IP allocation. You allocate space in that office building according to the number of businesses that want to move in there. The businesses are your subnets. So while you control the allocation in it's entirety (you own the office building), each business inside is a discrete entity to itself, just as each subnet is a discrete network unto itself.

Forsaken_GA

Paperlantern wrote: »

A subnet of 255.255.255.255 would result in 0 possible hosts.

Unless i'm also missing something. Which is possible.

Heh, I am not even going to try to compete here, but this is making for good reading. I think even I have a higher understanding of it now than i did before.

I'm not sure subnet is the right word, but a mask of /32 (255.255.255.255) identifies exactly one host (that's why they're called host routes).

Usually, that type of IP is assigned as a loopback address on a network device or server. They're used because loopback interfaces are always up, so as long as the machine has some kind of connectivity, that IP should always be reachable.

As far as the Net+ is concerned, there are basically three types of addresses in a subnet - the network identifier, which is the first IP in the subnet, the broadcast address, which is the last, and the host address, which uniquely identifies an endpoint.

the network identifier is kind of like a street sign. It says 'if you've got anything for folks on Baker street, we're over here', and then the host addresses are the individual houses on Baker street. The broadcast address is the middle of the street where your drunk neighbor goes at 3am with a megaphone to tell you he just farted (don't confuse this with twitter!).

If you've got an address scheme where there is a subnet where there is more than one host possible, the network identifier and the broadcast addresses are necessary. The network ID because it's his job to represent more than one person and the broadcast because sometimes those people need to talk to everyone at once instead of one by one.

But sometimes you don't need to allocate an entire subnet, sometimes you just need a path to one single solitary host. In that case, you don't need the network identifier or the broadcast address, you just need a way to uniquely represent that one single solitary person. That's what a /32 mask/route is for.

Paperlantern

Oops i meant to say subnet MASK of 255.255.255.255

But good info, thank you

wolverene13

Forsaken_GA wrote: »

The broadcast address is the middle of the street where your drunk neighbor goes at 3am with a megaphone to tell you he just farted (don't confuse this with twitter!).

LOL, that was awesome.