Networking 101: Understanding Subnets and CIDR - Page 2
In reality, you're much more likely to stumble upon a network where there's three /26's and the final /26 is divided up into two /27's. Being able to create the above table mentally will make things much easier.
That's really all you need to know. It gets a little trickier with larger subnets in the /16 to /24 range, but the principal is the same. It's 32 bits and a mask. Do, however, realize that there are certain restrictions governing the use of subnets. We cannot allocate a /26 starting with 10.1.0.32. If we utter the IP/mask of 10.1.0.32/26 to most operating systems, they will just assume we meant 10.1.0.0/26. This is because the /26 space requires 64 addresses, and they must start at a natural bit boundary for the given mask. In the above table, what would 22.214.171.124/29 mean? It means you meant to say 126.96.36.199/29.
Those tricky ones do demand a quick example. Remember how the number of IP addresses in a subnet gets halved when you take another bit from the network side to create a larger mask? The same concept works in reverse. If we have a /25 that holds 128 hosts, and steal a bit from the host (netmask) portion, we now have a /24 that holds 256. Google for a "subnet table" to see the relationship between netmasks and network sizes all at once. If a /16 holds 65536 addresses, a /17 holds half as many, and a /15 holds twice as many. It's tremendously exciting! Practice, practice, practice. That's what it takes to understand how this works. Don't forget, you can always fall back to counting bits.
In a Nutshell
- CIDR IP addresses have a host and network portion. The netmask specifies the number of bits that the network portion uses, and those bits don't change.
- Subnets are created by the simple act of moving the divider up and down the 32-bit number.
- The tricky ones are easy, if you start with a known mask. A /17 is half of a /16, which has 65K addresses.
When he's not writing for Enterprise Networking Planet or riding his motorcycle, Charlie Schluting works as the VP of Strategic Alliances at the US Division of LINBIT, the creators of DRBD. He also operates OmniTraining.net, and recently finished Network Ninja, a must-read for every network engineer.