Jake's Subnet Mask and Address Range Calculation Tutorial

2 Tutorials from the Internet

Long tutorial on Subnet Masks and it talks about Zero Subnet:
http://www.akadia.com/services/ip_routing_on_subnets.html

Shorter tutorial that shows you an easier way to calculate and split up a Class C: http://www.techrepublic.com/article/subnetting-a-class-c-network-address/

One thing I must point out is many of these tutorials say you shouldn’t use the first and last subnets of a subnetted class C, B or A. The fact is you CAN now use the bottom and top subnets when you split a class C more than 2 times. Ive been doing it for years and it hasn’t caused me any problems. Let me explain. Zero Subnet, which they call it, is really legacy stuff. It just basically said you weren't allowed to use the top and bottom subnets if you were splitting up a class C into more than 2 chunks, like a subnetted 192.168.1.0 because the whole class C AND the first subnet of the class C would both have the same network number of 192.168.1.0. This would confuse older routers and switches; but, it is really NOT a problem anymore because all the routers in the last 15 years can deal with it, yet many of these tutorials would have you waste addresses by telling you NOT to use those ranges.

Let’s take the Table A in the shorter tutorial above:

Mask             Binary      # Subnet bits   # Host bits      Subnets   Hosts

255.255.255.128   10000000   1               7                      2      126
255.255.255.192   11000000   2               6                      2       62  (only 124 hosts?)
255.255.255.224   11100000   3               5                      6       30
255.255.255.240   11110000   4               4                      14      14
255.255.255.248   11111000   5               3                      30       6
255.255.255.252   11111100   6               2                      62       2
 

So this table tells us on line 1 that if you want to split a Class C into 2 subnets, you get 2 subnets of 126 hosts each as shown in the first line of the table. Example:

Network 1

            Network number: 192.168.1.0
            Netmask: 255.255.255.128 (in binary, this number is 11111111.11111111.11111111.10000000)
            Broadcast address: 192.168.1.127 (last byte is  = 256/2-1= 127)
            Range of useable addresses for host computers: 192.168.1.1 to 192.168.1.126 (126 addresses)

Network 2

            Network number: 192.168.1.128 (the very next number after the broadcast address of the previous network)
            Netmask: 255.255.255.128 (in binary, this number is 11111111.11111111.11111111.10000000)
            Broadcast address: 192.168.1.255 (the last byte is the last number in the Class range from 0 to 255)
            Range of useable addresses for host computers: 192.168.1.129 to 192.168.1.254 (126 addresses)

That is pretty easy to understand, but then notice line 2 in the table above in the Subnets column. It is ALSO 2. Why not 4? If you split the Class C of 0 to 255 into 4 chunks, that is 256 / 4 = 64, it follows that this means 4 subnets of 62 addresses and not 2 subnets of 62 addresses. By the way, it is 62 and not 64 because you have to subtract 2, 1 for the network # and 1 for the broadcast #.

What you DON’T have to do anymore is subtract 2 from the Netmask side of the calculation. It REALLY could and should be 4 subnets because pretty much EVERY router today understands CIDR (Classless Inter Domain Routing) and the CIDR slash notation. This is where you represent the netmask by the # of mask bits, so 255.255.255.0 would be written as "/24". SO.. the table above really should read as:

CIDR  Mask              Binary     # Subnet bits    # Host bits Subnets Hosts

/25   255.255.255.128   10000000   1                7            2      126
/26   255.255.255.192   11000000   2                6            4       62
/27   255.255.255.224   11100000   3                5            8       30
/28   255.255.255.240   11110000   4                4           16       14
/29   255.255.255.248   11111000   5                3           32        6
/30   255.255.255.252   11111100   6                2           64        2

I added an extra column in the front to show the CIDR slash notation for a subnet. In a router, you use one or the other but not both. It depends on what the router wants. Some still ask you to type in a netmask. Some let you put the slash notation right on the end of the network number. i.e. 129.7.1.0/24 is a Class C. By the way, why don't we keep going in the table and the last 2 logical lines?

/31   255.255.255.254   11111110   7                1          126        0 (none)
/32   255.255.255.255   11111111   8                0          254       -1 (less than none?)

Do you see a problem? Since you have to use 2 of the numbers for the network # and the broadcast address, in the case of a /31 (use 31 of 32 bits to represent the netmask), you have 2-2 or 0 for # of hosts. So you couldn't have ANY hosts on your /31 network. So you will NEVER see a /31 network or a network with netmask of 255.255.255.254. Now..you MIGHT see a netmask of 255.255.255.255 in a routing table but that doesn't refer to a network. It refers to 1 specific host, so a network # and broadcast address aren't needed. If you open a Command Line window and type "route print", you will see at least 1 entry with a netmask of 255.255.255.255..it is YOUR ip address of YOUR machine.Actually you should see at least 2, one of them has the interface address of 127.0.0.1. This is the loopback ip address that is preassigned to your PC. It is so network based software can work on your PC to talk to itself. The other address, probably 192.168.1.something... is the ip address given to you by your Firewall router during DHCP negotiation. 

So the SMALLEST subnet you will EVER see routed has a netmask of 255.255.255.252 and it only has 2 usable host ip's in it. There is no point in doing even that because you usually need to use 1 ip for a router for the local lan so it can get traffic to the Internet, so really the smallest Subnet you will see, on Comcast for example, has a subnet of 255.255.255.248 (slash notation of /29), 5 subnet bits and 3 host bits. 2 to the 3rd power is 8. Then subtract 2 and you have 6. Comcast advertises it as a block of 5 usable static ip's, because they use 1 of the ips to assign to the router they give you. Unless you had a PC with a Cable modem card in it and allow others on the net to use your PC as a router (an option with Windows), then you have to use a stand alone device, like a router, and that takes up an ip address.  

Remember (this is also in the short tutorial above) you can go backwards from 256 to get that last byte of a Class C subnetted netmask... what is 256/4? 64. Subtract 64 from 256 and you get 192. If you wanted to split the network into 8 chunks, that is 256/8 = 32. So the last byte of the netmask would be 256-32 or 224. What if you wanted to split it into 16 chunks, that is 256 / 16 = 16, so 256 - 16 = 240. Keep going... if I wanted 32 networks: 256/32 = 8, then 256-8 = 248, etc... compare this to the table above.

Okay so lets try a practical example:

Given: Our upstream provider has routed us a Class C to do whatever we want with it. Lets say we have 5 departments, each different sizes and we need to subnet that Class C to accomodate the departments so each can have their own Subnet. You also do not want to be wasteful in case your needs change.

Class C: 129.7.1.0 /24  (classic netmask of 255.255.255.0)

Dept A: has 12 pc's and printers that need ips.
Dept B: has 20 pc's and printers that need ips.
Dept C: has 60 pc's and printers that need ips but they may grow as many as 10 more within a year or so.
Dept D: has 7 pc's and printers that need ips.
Dept E: has 3 pc's and printers that need ips.

The first thing to do is look at the dept with the largest needs and/or the greatest potential for growth. Then look at the table above and find a line where the # of hosts is equal to or greater than your needs.

Dept C has 60 pc. Line 2in the table allows for 62 hosts, which is just barely enough. Remember that we need 1 IP for the router in that department, so the need is really 61 ips. We have literally just 1 ip left if we went with a /26. We can do 1 of 2 things, either one is right but option 2 is probably smarter:

1. Route Dept C a /26 sized subnet (1/4th of the Class C):

Netmask 255.255.255.192 (the 192 is 256 - 64. The 64 comes from 256 / 4)

Network #: 129.7.1.0

Broadcast address: 129.7.1.63 (calculate the last byte as  256 / 4 - 1, or 64 - 1 = 63)

Host Ip range: 129.7.1.1 to 129.7.1.62 

Then since we need to plan for the future, SKIP the next block of EQUAL SIZE (129.7.1.64 to 129.7.1.127), and map out the rest of the departments within the 2nd half of the Class C. It is important to be an EQUAL SIZE because if you have to come back later on and give them a larger range because they grew, the easiest thing is to simply leave them where they are and change their netmask to a /25, or a classic notation of 255.255.255.128 and it won’t cut into the next block. Remember you must split the network in exponents of 2, so if 64 addresses isn’t enough, then you have to jump all the way to 128. You can’t route them a network of 96 addresses using this method because there is no way to represent the number 96 in binary with consecutive 1’s or 0’s. That is the key. Binary netmasks have to be all 1’s on the left and all 0’s on the right.  96 in binary is 01100000. Notice the 0 at the left

2. Route Dept C a /25 sized subnet (1/2 a class C):

Netmask 255.255.255.128

Network #: 129.7.1.0

Broadcast address: 129.7.1.127 (calculate the last byte as  256/2 - 1, or 128-1)

Host Ip range: 129.7.1.1 to 129.7.1.126

Then there is PLENTY of room to grow in that subnet. Yes it wastes a lot of IPs and NO you CAN’T steal some of the extra ones and route them to one of the other departments unless you made one of the departments a SUB department off of Dept C; but then, all of the Sub department’s traffic would have to go through Dept C and maybe you don’t want that for security reasons. Unless there was some good physical reason why you would want to tier the network like that, you want to keep it a logical star topology. The only time you might see this multi-tier subnetting is if the sub department was totally owned and controlled the Sub Department. A tiered subnet hierarchy is more appropriate for subnetting with downstream companies. i.e. a BIG internet company routes a large subnet to a smaller internet company which then re-routes a smaller subnet of its own subnet to 1 or more small companies.

So now we have used up the first half of our class C. Who is next? Dept B needs 20 ips, so we would need to route them a /27 network of 30 usable IPs, according to the table above. That is 1/8th of the class C :

Netmask 255.255.255.224  (Get the last byte of the netmask: 32-27=5, 2^5=32. 256-32=224)

Network #: 129.7.1.128  (the next consecutive # after the broadcast address of the previous subnet above)

Broadcast address: 129.7.1.159  (I added 32 to 128 from the network number and subtracted 1 to get the broadcast address last byte)

Host Ip range: 129.7.1.129 to 129.7.1.158 (30 addresses)

Then the next largest dept is A with 12 PC’s. Adding 1 for a router, means we need 13 usable ip addresses. That is cutting it close if we use a /28 subnet which gives us 14 host addresses but lets go ahead and do it assuming they won't grow. That is 1/16th of a whole class C.

Netmask 255.255.255.240  (you can get the 240 by subtracting 16 which is 2^4 from 256)

Network #: 129.7.1.160  (the next consecutive # after the broadcast address of the previous subnet above)

Broadcast address: 129.7.1.175  (I added 16 to 160 from the network number -1 to get the broadcast address last byte)

Host Ip range: 129.7.1.161 to 129.7.1.174 (14 addresses)

Dept D is 7 PC’s. Adding 1 for a router, means we need 8 usable ip addresses. We will also have to use a /28 for this subnet because 8 is bigger than the 6 hosts that a /29 would give us.

Netmask 255.255.255.240  (calculate last byte: 2^4=16.  256-16=240)

Network #: 129.7.1.176  (the next consecutive # after the broadcast address of the previous subnet above)

Broadcast address: 129.7.1.191  (I added 16 to 176 from the network number -1 to get the broadcast address last byte)

Host Ip range: 129.7.1.177 to 129.7.1.190 (14 addresses)

Dept E has just 5 PC’s. Adding 1 for a router, means we need 4 usable ip addresses. You get 6 addresses with a  /29:

Netmask 255.255.255.248  (subtract 8 or 2^3 from 256 to get the 248)

Network #: 129.7.1.192  (the next consecutive # after the broadcast address of the previous subnet above)

Broadcast address: 129.7.1.199  (I added 8 to 192 from the network number -1 to get the broadcast address last byte)

Host Ip range: 129.7.1.193 to 129.7.1.198 (6 addresses)