Once again about IP addresses, subnet masks and generally

    A little educational program. Inspired by previous copy-paste of various nonsense on this topic. Sorry, staffing staff.

    The IP address (v4) consists of 32 bits. Any self-respecting admin, and indeed an IT specialist (I am silent about network engineers) should be able to, when woken up in the middle of the night or in a state of extreme alcohol intoxication, correctly answer the question "how many bits does an IP address consist of". In general, it is also desirable about IPv6 too: 128 bits.

    The first circumstance. In total, theoretically IPv4 addresses can be:
    2 32 = 2 10 * 2 10 * 2 10 * 2 2  = 1024 * 1024 * 1024 * 4 ≈ 1000 * 1000 * 1000 * 4 = 4 billion.
    Below we will see that quite a lot of they are "eaten" under any garbage.


    They write down the IPv4 address, I think everyone knows how. Four octets (the same as a byte, but if you want to flash, then say “octet” - immediately go for your own) in decimal notation with leading zeros, separated by periods: “192.168.11.10”.

    The IP packet header contains the source IP and destination IP fields: source addresses (who sends) and destinations (to whom). Like on a mail envelope. Inside the packets, IP addresses have no masks. There are no separators between octets either. Just 32 bits to the destination address and another 32 to the source address.

    However, when the IP address is assigned to the interface (network adapter or as it is called there) of the computer or router, then in addition to the address of this device, it is also assigned a subnet mask. Once again: the mask is nottransmitted in the headers of the IP packets .

    Computers need a subnet mask to determine the boundaries - you will never guess what - a subnet. So that everyone can determine who is with him in the same [sub] network, and who is beyond it. (In fact, you can simply say “networks”, often this term is used in the meaning of “IP subnet.”) The fact is that within one network computers exchange packets “directly”, and when they need to send a packet to another network, they send to their default gateway (the third parameter is configurable in the network properties, if you remember). We will figure out how this happens.

    The subnet mask is also 32 bits. But unlike the IP address, zeros and ones in it cannot alternate. There are always some units first, then some zeros. There can be no mask

    120.22.123.12 = 01111000.00010110.01111011.00001100.

    But there may be a mask

    255.255.248.0 = 11111111.11111111.11111000.00000000.

    First N units, then 32-N zeros. It is easy to guess that this form of recording is redundant. The number N, called the length of the mask, is quite enough. They do so: they write 192.168.11.10/21 instead of 192.168.11.10 255.255.248.0. Both forms carry the same meaning, but the first is much more convenient.

    To determine the boundaries of the subnet, the computer does bit-wise multiplication (logical AND) between the IP address and the mask, receiving the address with zero bits at the zeros of the mask at the output. Consider the example 192.168.11.10/21:

    11000000.10101000.00001011.00001010
    11111111.11111111.11111000.00000000
    ----------------------------------------------
    11000000.10101000.00001000.00000000 = 192.168.8.0

    The second circumstance. Any self-respecting administrator must be able to translate IP addresses from decimal to binary and vice versa in the mind or on a piece of paper, as well as good knowledge of binary arithmetic.

    The address 192.168.8.0, with all bits set to zero at positions corresponding to zeros in the mask, is called the subnet address. It (usually) cannot be used as an address for the interface of a host. If these bits are reversed, set to units, then the address is 192.168.15.255. This address is called directional Broadcast (broadcast) for this network. Its meaning is very small today: it was once believed that all the hosts on the subnet should respond to it, but this was not true for a long time. However, this address also cannot (usually) be used as the host address. Total two addresses in each subnet - in the trash. All other addresses in the range from 192.168.8.1 to 192.168.15.254 inclusive are full host addresses within the 192.168.8.0/21 subnet, they can be used for assignment on computers.

    Thus, that part of the address to which the units in the mask correspond is the address (identifier) ​​of the subnet. It is often called the word prefix. And the part that matches the zeros in the mask is the host ID inside the subnet. The subnet address in the form of 192.168.8.0/21 or 192.168.8.0 255.255.248.0 can be found quite often. It is the prefixes that operate routers, laying routes for transmitting traffic over the network. Only the default gateway of a given subnet (through a particular link-level technology) knows about the location of hosts within subnets, but not transit routers. But the host address in isolation from the subnet is not used at all.

    The third circumstance. The number of hosts in the subnet is defined as 2 32-N -2, where N is the length of the mask. The longer the mask, the less hosts it has.

    From this circumstance, in particular, it follows that the maximum mask length for a subnet with hosts is N = 30. It is the / 30 networks that are most often used for addressing on point-to-point links between routers.

    And although most modern routers work fine with / 31 masks, using the subnet address (zero in the one-bit host part) and the Broadcast (unit) as interface addresses, administrators and network engineers are often simply afraid of this approach, preferring to be guided by the principle ".

    But the mask / 32 is used quite often. Firstly, for all sorts of official needs when addressing the so-called. loopback interfaces, secondly, from curvature: / 32 is a subnet consisting of one host, that is, no network, in essence. The more often the network administrator does not operate with host groups, but with individual machines, the less the network is scalable, the more snot, mess, and unknown rules. The exception, perhaps, is to write firewall rules for servers, where specificity is a good thing. But it is better to treat users not individually, but in droves, whole subnets, otherwise the network will quickly become unmanageable.


    The interface on which the IP address is configured is sometimes referred to as the IP interface or L3 interface (“e-three”, see OSI Model ).

    Before sending an IP packet, the computer determines whether the destination address falls into its “own” subnet. If it does, it sends the packet “directly”, if not, it sends it to the default gateway (router). As a rule, although this is not necessary at all, the default gateway is assigned the first host address in the subnet: in our case, 192.168.8.1 is for beauty.

    The fourth circumstance. From what has been said in particular, it follows that a router (a gateway and a router are the same thing) with an interface address of 192.168.8.1 does not know anything about traffic transmitted between, for example, hosts 192.168.8.5 and 192.168.8.7. A very common mistake made by novice administrators is the desire to block or somehow control the traffic between hosts on the same subnet using a gateway. For traffic to pass through the router, the destination and sender must be on different subnets.

    Thus, in the network (even of the smallest enterprise) there should usually be several IP subnets (2+) and a router (more precisely, a firewall, but in this context these words can be considered synonyms), routing and controlling traffic between subnets.


    The next step is to split the subnets into smaller subnets. Our favorite network 192.168.8.0/21 can be divided into 2 subnets / 22, four subnets / 23, eight / 24, etc. The general rule, as you might guess, is: K = 2 X-Y , where K is the number of subnets with mask length Y that fit on a subnet with mask length X.

    The fifth circumstance. Like any decent IT-employee, network administrator, unless he gets paid not for his beautiful eyes, he should know by heart the degrees of two from 0 to 16.


    The process of combining small prefixes (with a long mask, in which there are few hosts) into large ones (with a short mask, in which there are many hosts) is called aggregation or summarization (that's not a summation!). This is a very important process that minimizes the amount of information a router needs to find a transmission path on the network. So, let’s say, providers give customers thousands of small blocks of type / 29, but the entire Internet does not even know about their existence. Instead, each provider is assigned large prefixes such as / 19 and larger. This allows you to reduce the number of entries in the global Internet routing table by orders of magnitude .

    The sixth circumstance. The longer the length of the mask, the less hosts can be in the subnet, and the greater the share of “eating” addresses to the addresses of the subnet, the broadcast Broadcast and the default gateway. In particular, in the subnet with mask / 29 (2 32-29  = 8 combinations) there will be only 5 addresses available for real use (62.5%). Now imagine that you are a provider that issues thousands of blocks / 29 to corporate clients. Thus, the competent division of IP-space into subnets (preparation of an address plan) is a whole little science, including the search for compromises between various complex factors.


    If there is a sufficiently large range of addresses, usually from blocks for private use, 10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16, of course, it is convenient to use masks that coincide in length with the octet boundaries: / 8, / 16 , / 24 or, respectively, 255.0.0.0, 255.255.0.0 and 255.255.255.0. Using them, you can facilitate the work of the brain and the calculator, eliminating the need to work with the binary system and bits. This is the right approach, but do not forget that the abuse of the sluggish rarely leads to good.

    And the last one. The notorious address classes. Dear comrades, forget this word at all! Absolutely. 20 years (!) Are coming soon, as there are no classes. Exactly since it became clear that the prefix can be any length, and if you distribute addresses in blocks of / 8, then no Internet will work.

    Sometimes “seasoned specialists” like to show off the words “network of a class of such and such” in relation to a subnet with one or another mask length. Say, you can often hear the word “class C network” about something like 10.1.2.0/24. The network class (when it was) had nothing to do with the length of the mask and was determined by completely different factors (combinations of bits in the address). In turn, class addressing required to have masks only of the length prescribed for this class. Therefore, the specified subnet 10.1.2.0/24 never belonged and will not belong to class C.

    But all this is better not to remember. The only thing you need to know is that there are different global conventions gathered under one roof in RFC3330, about the special values ​​of certain address blocks. So, for example, the mentioned blocks 10/8, 172.16 / 12 and 192.168 / 16 (yes, you can write prefixes so that the host part is completely turned off) are defined as ranges for private use, which are prohibited for routing on the Internet. Everyone can use them for private purposes at their discretion. Block 224.0.0.0/4 is reserved for multicast, etc. But all these are just conventions designed to facilitate administrative interaction. And although I personally do not highly recommend you violate them (with the exception of reliably isolated laboratory tests), technically no one forbids using any addresses for any purpose, as long as you do not get in touch with the outside world.

    Also popular now: