7.4 Subnet masks and CIDR
In this part you’ll revisit subnet masks but in a little more depth than you’ve seen previously. This will reinforce and extend your understanding of how the subnet mask indicates ‘network’ parts of the IP address and ‘host’ parts. You’ll also learn how a process called Classless Inter-Domain Routing (abbreviated as CIDR) achieves more efficient use of available network addresses in the IPv4 addressing scheme.
There are four videos in this part – each video is followed by an activity.
Watch the video below, which is about 3 minutes long.
You’ve met subnet masks at various places in the preceding sessions and particularly in Session 1 and Session 2. This video is just a brief reminder of what you already know about them.
You know that an IPv4 address is represented as four decimal numbers separated by dots like the example here, but that this is just a representation that makes it easy for humans to understand. It’s really a group of 32 binary digits, or bits, made up of four octets with each octet translated into a decimal number.
This shows the 32 bits for our example IP address. You also know from your study of Sessions 1 and 2 that an IP address has two components. The part to the left identifies the network a device is attached to. This part is known as the network part.
The part to the right uniquely identifies the device that is attached to the network. This part is known as the device part or, more commonly, the host part. I’ll stick to the term ‘host’ from now on.
The subnet mask identifies where the boundary between the network part and the host part lies.
The subnet mask looks a bit like an IP address in that it is also four decimal numbers separated by dots, but these decimal numbers are either 255 or 0. This is an example subnet mask.
Where there’s a 255 in the mask it means that the corresponding decimal number in the IP address is a network part and that this number mustn’t be altered on this network. A zero in the mask means that the corresponding decimal number in the address is a host part and this can be varied.
So with a subnet mask of 255.255.255.0, 192.168.2 is the network part and 100 is the host part.
You also know from Session 2 that the number of octets used by each part is variable. For example, the network part could be two octets long with a two octet host. So with a subnet mask of 255.255.0.0 the network part in our example would be 192.168 and the host part would be 2.100.
Now try the activities that follow this video to complete your revision.
Activity 7 Test yourself
Identify the true statement from the options below for the IP address 192.168.2.10 with its subnet mask of 255.255.255.0.
The host portion of the IP address is 192.168.2.
The IP address 192.168.2.254 is in the same network.
The maximum number of device addresses on this network is less than 10.
The correct answer is b.
Correct. All IP addresses that start 192.168.2 are in the same network.
Watch the video below, which is about 3 minutes long.
Classful and classless addresses
In this video I’m going take a closer look at subnet masks and introduce you to a system called Classless Inter-Domain Routing. I’m going to start with a bit of history.
When the IP addressing scheme was first developed, subnet masks weren’t used. Instead the address space was divided into five classes: A, B, C, D and E.
Class A addresses were indicated by a zero in the leading bit of the address (that is, the left-most bit) and provided 128 separate networks, each with over 16 million different addresses.
Class B addresses were indicated by one-zero in the two leading bits of the address, giving 16,346 networks each with over 65,000 different addresses.
Class C networks had one-one-zero in their three leading bits and could provide over 2 million separate networks each with 256 different addresses.
Class D addresses were used for broadcasting, and Class E addresses were reserved for future use.
By the way, for this this course you won’t need to remember any of the details shown here but they do help to provide a foundation for what I’m going to explain next.
One of the problems with this early addressing scheme (now known as ‘classful addressing’) is that the smallest allocation (a Class C address) provided only 256 host addresses whereas the next size up had 65,536. For some small organisations 256 address were more than enough but for others they weren’t. However, the 65,000 or so provided in the next size allocation (Class B addresses) were far, far too many so network addresses were being wasted and Class B addresses were starting to run out.
The answer to both these problems is Classless Inter-Domain Routing, abbreviated as CIDR (but pronounced ‘cider’). CIDRider eliminates the previous octet boundaries (8, 16 and 24) of classful addressing by allowing fluidity between the network portion and the host portion of the address. I’ll explain how this works.
Look again at the IP address 192.168.2.0 and its subnet mask 255.255.255.0.
By writing them out in binary and putting one below the other, you can see that the only portion of relevance to the subnet mask is where all the bits have a one in them. These are always contiguous and start from the left. So a subnet mask can just be expressed by counting up these bits. By convention this is shown with a forward slash followed by the number of bits with a one in them.
In this example there are 24 is in the subnet mask. This would be forward-slash-twenty-four and the complete network address / subnet mask pair could be expressed as 192.168.2.0/24.
This provides a convenient shorthand which is known as CIDR notation.
Activity 8 Test yourself
1. In the old classful addressing system, if an organisation needed 1500 network addresses, roughly how many network addresses from their allocation block would have been wasted?
The organisation would have been given a Class B address block with just over 65,500 addresses as a Class C address block (256 addresses) would have been too small. Therefore about 64,000 addresses would have been wasted.
2. Express the following in CIDR notation:
- IP address: 192.168.100.0
- Subnet mast: 255.255.0.0
The subnet mask indicates that there are 16 bits in the network address, therefore in CIDR notation the IP address would be expressed as 192.168.100.0/16.
Watch the video below, which is about 2 minutes long.
In the last video you saw how CIDR notation enables fluidity between the rigid octet boundaries of the old classful addressing system. This has provided a way to make networks more scalable, so the old Class B addresses could be broken down into smaller allocations. Let me show you how this works.
I’ll demonstrate it with a simple example. I’ll use the network address 192.168.0.0 with a subnet mask of 255.255.255.0 and show both in binary. You can see that this provides 8 bits for the host portion (all those bits shown grey here).
Now, if we were to take two bits from the network portion and add it to the host portion, this would result in a network portion of 22 bits and a host portion of 10 bits giving 1024 addresses –four times as many as the old Class C addresses.
Now look at the third octet of bits in the subnet mask. This is 1111 1100. Your studies in the previous parts of this session should have enabled you to translate this into the decimal equivalent of 252, so in dotted decimal the subnet mask would be expressed as 255.255.252.0 or in CIDR notation as /22.
By the way, although 192.168.0.0 is a perfectly legitimate network address, it’s seldom used for reasons that I won’t go into here. I just used this address because it provided a convenient demonstration.
Activity 9 Test yourself
What is the size of the host portion of the following IP address (expressed in CIDR notation): 192.168.10.0/24?
/24 indicates that there are 24 bits in the network portion of the address. Therefore there must be 8 bits in the host portion.
Watch the video below, which is about 4 minutes long.
Subnetting with CIDR
In the previous video, you saw how CIDR provided a way to subdivide the network allocation boundaries of the old classful system into smaller chunks, resulting in more scaleable networks and less waste of network addresses. But other benefits arise from being able to subdivide networks into smaller portions. Remember that subnetting with CIDR is simply a method of dividing a block of IP addresses into smaller portions which can be operated as independent networks. This means that network managers can subdivide their networks to provide separation between different departments and functions.
In fact there are many advantages to separating out a network into smaller subnetworks. It can lead to an increase in reliability as technical problems in one subnet won’t affect other subnets. It helps with security as sensitive data can be restricted. Administration also becomes simpler and network traffic is reduced as broadcasts can be contained in smaller domains.
So I’ll briefly demonstrate how CIDR can be used to divide a network with 256 network addresses into smaller subnetworks. Let’s go back to that network address of 192.168.2.0. Here it is with the binary version, shown in red, and here’s the binary version, shown in blue, of the original subnet mask 255.255.255.0.
This subnet mask tells us that the first 24 bits give the network part of the address, and the last 8 bits give the host part. This network can provide 256 host addresses starting with the address 192.168.2.0 and ending with the address 192.168.2.255. You already know that 192.168.2.0 is, of course, the network address and 192.168.2.255 is the broadcast address for this network, so this leaves 254 available device addresses.
Now, here’s a new subnet mask of 255.255.255.192 where we have taken two bits from the host address portion. This subnet mask tells us that there are now 26 bits in the network part and 6 bits in the host part.
Here are the addresses of the four newly created subnetworks. Each of these has a host portion of 6 bits providing 64 network addresses.
So, taking the top network, it has a network address of 192.168.2.0. It can provide 62 device addresses starting 192.168.2.1 and ending 192.168.2.62. Its broadcast address will be 192.168.2.63.
The next network has a network of address of 192.168.2.64 and it also has a host portion of 6 bits and can provide 62 devices addresses, and so on.
So effectively, the previous 8-bit host address space which provided 256 different addresses has now been divided into four separate subnetworks each with a 6-bit host address (shown in black) and each providing 64 different network addresses.
The overarching network address of the organisation remains the same: 192.168.2.0. You can see that all the numbers in the first 24 bits of the IP address remain unchanged. But within the organisation, CIDR has enabled the original 256 network addresses to be split into four separate and independent subnetworks.
So, just to summarise. The old classful method of indicating the network and host portions of an IP address was very rigid allowing boundaries to be placed only between octets. Classless Inter-Domain Routing (CIDR) removed the previous octet boundaries and enables scalability of networks. This helps to conserve network addresses and enables subdivision within networks.
Activity 10 Test yourself
Imagine you are a network manager who has been allocated an IP address block of 512 addresses.
1. What would be the CIDR notation for your network?
A block of 512 addresses would have 9 bits in the host portion (29 = 512). This would mean that the network portion would be 32 − 9 = 23 bits. Therefore the CIDR notation would be /23.
2. How many subnetworks with 128 addresses would you be able to create?
512/128 = 4, therefore four subnets would be possible.
3. What would be the CIDR notation for each of these four new subnets?
128 addresses in the host portion would require 7 bits (27 = 128), leaving 25 bits in the network portion. Therefore the CIDR notation would be /25.