From Wikipedia, the free encyclopedia

Jump to: navigation, search

A subnetwork, or subnet, describes networked computers and devices that have a common, designated IP address routing prefix.

Subnetting is used to break the network into smaller more efficient subnets to prevent excessive rates of Ethernet packet collision in a large network. Such subnets can be arranged hierarchically, with the organization's network address space (see also Autonomous System) partitioned into a tree-like structure. Routers are used to manage traffic and constitute borders between subnets.

A routing prefix is the sequence of leading bits of an IP address that precede the portion of the address used as host identifier. In IPv4 networks, the routing prefix is often expressed as a "subnet mask", which is a bit mask covering the number of bits used in the prefix. An IPv4 subnet mask is frequently expressed in quad-dotted decimal representation, e.g., is the subnet mask for the network with a 24-bit routing prefix ( For IPv6 networks, routing prefixes are always expressed in the standardized CIDR notation consisting of the network address and the mask length, e.g., 2001:db8::/32.

All hosts within a subnet can be reached in one "hop" (time to live = 1), implying that all hosts in a subnet are connected to the same link.

A typical subnet is a physical network served by one router, for instance an Ethernet network (consisting of one or several Ethernet segments or local area networks, interconnected by network switches and network bridges) or a Virtual Local Area Network (VLAN). However, subnetting allows the network to be logically divided regardless of the physical layout of a network, since it is possible to divide a physical network into several subnets by configuring different host computers to use different routers.

While improving network performance, subnetting increases routing complexity, since each locally connected subnet is typically represented by one row in the routing tables in each connected router. However, with intelligent design of the network, routes to collections of more distant subnets within the branches of a tree-hierarchy can be aggregated by single routes. Existing subnetting functionality in routers made the introduction of Classless Inter-Domain Routing seamless.

A graphic representation of relationships and source of the various variables representing a chunk of /24 subnets


[edit] Network address and logical address

The term network address sometimes refers to logical address, i.e. network layer address such as the IP address, and sometimes to the first address (the base address) of a classful address range to an organization.

Computers and devices that are part of an internetworking network such as the Internet each have a logical address. The network address is unique to each device and can either be dynamically or statically configured. An address allows a device to communicate with other devices connected to a network. The most common network addressing scheme is IPv4. An IPv4 address consists of a 32 bit address written, for human readability, into 4 octets and a subnet mask of like size and notation. In order to facilitate the routing process the address is divided into two pieces:

  • The network prefix (some contiguous range of higher-order bits) that is significant for routing decisions at that particular topological point.
  • The network host (the remaining bits) that specify a particular device in the network.

This works much like a postal address in that network prefix would represent the city and the network host would represent the address of a specific house on that street. The subnet mask (e.g. to specify the top 18 bits; in binary: 11111111.11111111.11000000.00000000) or CIDR suffix address (e.g. /18) is used in conjunction with the network address to determine how many higher-order bits are used for the network prefix. For instance, the following are equivalent:

  • with netmask

[edit] Binary subnet masks

While subnet masks are often represented in dot-decimal form, their use becomes clearer in binary. Looking at a network address and a subnet mask in binary, a device can determine which part of the address is the network address and which part is the host address. To do this, it performs a bitwise "AND" operation.


Dot-decimal Address Binary
IP address 11000000.10101000.00000101.00001010
Subnet Mask 11111111.11111111.11111111.00000000
Network Portion 11000000.10101000.00000101.00000000
Host Portion 00000000.00000000.00000000.00001010

Subnet masks consist of 32 bits, usually a block of ones (1) followed by a block of 0s. The last block of zeros (0) designate that part as being the host identifier. This allows a classful network to be broken down into subnets. A classful network is a network that has a subnet mask of, or

[edit] IPv4 classes

IPv4 addresses are broken down into three parts: the network part, the subnet part (now often considered part of the network part, although originally it was part of the rest part), and the host part. Even though classful networks are obsolete, both classful and classless networks are shown in the following table.

Class Leading bits Start End Default Subnet Mask in dotted decimal
A (CIDR /8) 0
B (CIDR /16) 10
C (CIDR /24) 110
D 1110
E 1111

While the network is in the Class A area, it is designated for loopback and cannot be assigned to a network.

Class D multicasting

Class E reserved

Subnetting is the process of allocating bits from the host portion as a network portion. The above example shows the bitwise "AND" process being performed on a classful network. The following example shows bits being borrowed to turn a classful network into a subnet.



Dot-decimal Address Binary
IP address 11000000.10101000.00000101.10000010
Subnet Mask 11111111.11111111.11111111.11000000
Network Portion 11000000.10101000.00000101.10000000

In this example two bits were borrowed from the original host portion. This is beneficial because it allows this network to be split into four smaller networks. A /24 suffix (Class C block) allows 254 hosts; split into four parts, the prefix is /26, each has 62 hosts.

[edit] Subnets and host count

It is possible to determine the number of hosts and subnetworks available for any subnet mask. In the above example two bits were borrowed to create subnetworks. Each bit can take the value 1 or 0, giving 4 possible subnets (22 = 4)

Network Network (binary) Broadcast address 11000000.10101000.00000101.00000000 11000000.10101000.00000101.01000000 11000000.10101000.00000101.10000000 11000000.10101000.00000101.11000000

According to the RFC 950 standard the subnet values consisting of all zeros and all ones are reserved, reducing the number of available subnets by 2. However due to the inefficiencies introduced by this convention it is no longer used on the public Internet, and is only relevant when dealing with legacy equipment that does not understand CIDR. The only reason not to use the all-zeroes subnet is that it is ambiguous when the exact suffix length is not available. All CIDR-compliant routing protocols transmit both length and suffix. See RFC 1878 for a subnetting table with extensive examples.

The remaining bits after the subnet are used for addressing hosts within the subnet. In the above example the subnet mask consists of 26 bits, leaving 6 bits for the address (32 − 26). This allows for 64 possible combinations (26), however the all zeros value and all ones value are reserved for the network ID and broadcast address respectively, leaving 62 addresses.

In general the number of available hosts on a subnet can be calculated using the formula 2n − 2, where n is the number of bits used for the host portion of the address.

RFC 3021 specifies an exception to this rule when dealing with 31 bit subnet masks (i.e. 1 host bit). According to the above rule a 31 bit mask would allow for 21 − 2 = 0 hosts. The RFC makes allowances in this case for certain types of networks (point-to-point) to disregard the network and broadcast address, allowing two host addresses to be allocated.

Possible subnets for a /24 suffix (traditional Class C):

CIDR notation Network Mask Available Networks Available Hosts per network Total usable hosts
/24 1 254 254
/25 2 126 252
/26 4 62 248
/27 8 30 240
/28 16 14 224
/29 32 6 192
/30 64 2 128
/31 128 2 * 256

* only applicable on point-to-point links

[edit] Subnetting in IPv6 networks

The primary reason for subnetting in IPv4 was to improve efficiency in the utilization of the relatively small address space available, particularly to enterprises. Subnetting is also used in IPv6 networks. However, in IPv6 the address space available even to end-users is so large that address space restrictions no longer exist. The recommended allocation for a site is an address space comprising 80 address bits (prefix /48), but may be as small as a prefix /56 allocation (72 bits) for a residential customer network.[1] This provides 65,536 subnets for a site, and a minimum of 256 subnets for the residential size. An IPv6 subnet always has a /64 prefix which provides 64 bits for the host portion of an address. Although it is technically possible to use smaller subnets, they are impractical for local area networks because stateless address autoconfiguration of network interfaces (RFC 4862) requires a /64 address. Subnetting, based on the concepts of Classless Inter-Domain Routing is however used in the routing between networks both locally and globally.

[edit] Example routing scenario based on subnet concept

Suppose a home network consists of computers named Foo and Bar, connected to a router, and then via a cable modem to the Internet. The home network is configured as a subnet: address is assigned to Foo, address to Bar, and address to the router. The subnet has been configured so that the first three octets of its members' addresses are all the same subnet id, 17.76.99, and this fact is expressed by the subnet mask (binary 11111111 11111111 11111111 00000000) configured in the router.

When Foo sends data to at, the router performs a logical AND of the destination address with the subnet mask. It also performs a logical AND of the origin address ( and recognizes that these two results are different, and therefore sends the data over the Internet, via the subnet's default gateway.

When Foo sends data to Bar, however, it determines that the results of the two AND operations are the same, therefore the destination lies within the subnet and the default gateway is not required. The data is transmitted directly from Foo to Bar within the home network.

[edit] See also

[edit] Notes

  • RFC 950 Internet Standard Subnetting Procedure
  • RFC 1812 Requirements for IPv4 Routers
  • RFC 917 Utility of subnets of Internet networks
  • RFC 1101 DNS Encodings of Network Names and Other Type
  • RFC 1878 Variable Length Subnet Table For IPv4
  • Blank, Andrew G. TCP/IP Foundations Technology Fundamentals for IT Success. San Francisco, London: Sybex, Copyright 2004.
  • Lammle, Todd. CCNA Cisco Certified Network Associate Study Guide 5th Edition. San Francisco, London: Sybex, Copyright 2005.
  • Groth, David and Toby Skandier. Network + Study Guide, 4th Edition. San Francisco, London: Wiley Publishing, Inc., Copyright 2005.

[edit] References

[edit] External links

Personal tools