Subnet masks are one of the most interesting aspects of TCP/IP. Subnet masks point out to IP which bits of the 32-bit IP address refer to the network. A good network administrator understands how to determine and use subnet masks.
What Is a Subnet Mask?
A subnet mask is a number that looks like an IP address. It shows TCP/IP how many bits are used for the network portion of the IP address by covering up, or “masking,” the IP address’s network portion. As you learned in Chapter 6, an IP address is made up of two parts: the network portion and the host portion. For every outgoing packet, IP has to determine whether the destination host is on the same local network or on a remote network . If the destination is local, then IP uses an ARP broadcast to find out the hardware address of the destination host. If the destination host is not on the local network, then ARP broadcastsa request for the hardware address of the router. Therefore, IP sends packets that are bound for a remote network directly to the router, which is also known as the default gateway. The router then sends the packet to the next network on its journey to the correct destination network.Just as the telephone system uses an area code to determine whether a number is local or long distance, TCP/IP uses the subnet mask to determine whether the destination of a packet is a host on the local network or a host on a remote network. In the same way that every U.S. telephone number must have an area code, every IP address must have a subnet mask. If, for example, your telephone number is (619) 555-1212, and you call someone whose telephone number is (619) 345-1111, it is a local call. You know that because you can look at the numbers between the parentheses and see that they have the same value. If, on the other hand, your number is (619) 555-1212, and you call someone whose number is (213) 888-8146, it’s a long distance call. You know that because the numbers inside of the parentheses are different. You can think of the subnet mask as the area code in the parentheses of a telephone number. Just as an area code determines a phone call’s destination, a subnet mask tells IP how many bits to look at when determining if the destination IP address is local or remote.The following graphic shows Harry calling Amber. Since Amber has a different area code, the phone call will have to go through the router. When Harry calls Sally, however, it is a local call and does not need to go through the router. When determining if the packet is bound for the local network or a remote network, IP compares the network portion of the sender’s IP address with the same number of bits from the destination’s IP address. If the bit values are exactly the same, the packet’s destination is determined to be local. If there are
any differences in the bit values, the packet’s destination is determined to be remote. To know how many bits to compare, IP evaluates the subnet mask of the sending host. In the subnet mask, there is a series of 1s, and then the rest of the bits are set to 0. When IP evaluates the subnet mask, it is looking specifically for the answer to the question, “How many bits are set to 1?” Once IP determines how many bits are set to 1, it knows how many bits of the source host’s IP address and the destination host’s IP address will be compared.You can think of the number of bits that are set to 1 in the subnet mask as the number of digits inside the parentheses in a telephone number—if that number could change (in other words, if it’s variable). If, for example, a telephone number has 10 digits, imagine if the parentheses include 4, 5, or 6 digits. You would
then evaluate the number to be local or long distance based on the digits that are in the arentheses. If there are 8 bits set to 1 in the subnet mask, IP will compare the first 8 bits of the host with the first 8 bits of the destination. If there are 16 bits in the subnet mask that are set to 1, IP will compare the first 16 bits of host and destination. A subnet mask is a required element of every IP address. When you want to type in the IP address for a host, the only two required elements are the IP address itself and the subnet mask. Likewise, when you want to call someone, it is required that you know the correct area code for the phone number. You then
compare the first three characters of your phone number (your area code) with the first three characters of their phone number (their area code). If the area codes are the same, you don’t need to dial the area code, nor do you have to pay for a long distance call, because it is a local call. If the area code is not the same, however, you’ll have to dial their area code so that the telephone system can route your call to their city. You’ll see over the next several pages that IP looks at everything in binary. Subnet masks and routing will become clearer if you think about the IP addresses and subnet masks in binary, so begin now to think of IP addresses and subnet
masks as 32 bits. When thinking in binary, do not pay attention to the periods
that we use in the decimal representation. IP does not pay attention to the periods;
neither should we. Just consider the addresses as 32 1s and 0s.
Network and Host
A fictional set of goggles that IP wears
when looking at an IP address to determine
whether an address is local or
remote. The goggles “light up” the network
and subnet bits with 1s as the bit
values in the subnet mask.
Applying a subnet mask is like looking through a set of “
wearing a set of goggles as you look at an IP address; you see all 32 bits, each
in its own slot. When you ask the question, “How many bits are used for the network
portion of this IP address?” the subnet mask lights up the slots that are in
the network portion of the address.
Through subnet goggles, 255.0.0.0 looks like this:
HHHH HHHH.HHHH HHHH.HHHH HHHH
The goggles light up the first 8 bits as the network portion (
), and the
remaining 24 bits are used for the host portion (H).
Through subnet goggles, 255.255.0.0 looks like this:
NNNN NNNN.NNNN NNNN.
HHHH HHHH.HHHH HHHH
The goggles light up the first 16 bits as the network portion.
The subnet mask simply provides a means to light up the correct slots so that
IP can figure out the number of bits used for the network portion of the address.
After IP figures this out, it can compare the address to that of another host to
determine whether that host is local or remote. Using our telephone number and
area code example, we can say that the subnet goggles are illuminating the area
Identifying a Local or Remote Network
With every packet that is sent across a network, the big question is: Is the destination
address local or remote? The destination is local if the network portion of the source’s IP address is the same as that of the destination’s IP address. If any bits of the network portions differ from each other, then the destination
is remote. This is similar to figuring out whether someone lives on the same street as you do. If you look at the person’s street name and it is the same as yours, the person lives on the same street as you do. If any part of the street name is different, the person is remote to your street. But, as stated earlier, before IP can figure out whether the destination address is remote, IP has to determine how many bits are in the network portion of the source IP address. IP uses the subnet mask to determine which bits of the IP address represent the network portion of the address.The subnet mask is 32 bits long, but you use dotted decimal notation to represent
it, just as you do with an IP address. A subnet mask, in binary, is made up of several contiguous 1s, which represent the network portion of the address, and then the rest of the bits are 0s. When determining how many of the 32 bits are in the network portion of an IP address, IP looks at the subnet mask for the contiguous 1s. When you look at a subnet mask in binary, imagine that the 1s represent the beginning and end of an area code. The number of bits set to 1 in the subnet mask is the number of bits that will be compared to determine if the destination is local or remote. This is similar to evaluating two telephone numbers by comparing the values that are inside the parentheses. The 1s in the subnet mask will act like the number of digits within the parentheses in an area code; these are the only values that are compared to determine if the destination is local or remote. When someone gives you their telephone number, you can tell if it is a long distance number just by looking at the digits in the parentheses. Likewise, the subnet mask’s only purpose is to determine how many bits are used to identify if the destination host of every packet is local or remote. For example, if the first 16 bits are set to 1, then IP compares the first 16 bits of the source IP address with the first 16 bits of the destination IP address. If these 16 bits are exactly the same, the destination host is local; if any of the bits are different,the destination host is remote. If the first 24 bits are set to 1, then IP compares the first 24 bits of the source IP address with the first 24 bits of the destination IP address. If these 24 bits are exactly the same, the destination host is local; if any of the bits are different, the destination host is remote. It is called a subnet “mask” for a good reason: it indicates or “masks” the network bits. Think of it as a shadow covering up some of the bits.
Standard Subnet Masks
In Chapter 6, you looked at the five classes of IP addresses. For each class of address, there is a standard, or default, subnet mask. Each is discussed in the following sections.
Class A Addresses
The standard subnet mask for a Class A address is 255.0.0.0. This tells IP that the first 8 bits are used for the network portion of the IP address, and the remaining 24 bits are used for the host portion. IP looks at the 32 bits and uses the subnet mask to mask out the network portion of the address: NNNN NNNN.HHHH HHHH.HHHH HHHH.HHHH HHHH
Because 24 bits are left for the host portion of the address, there are almost 17 million unique host IP addresses for each Class A network address.
Class B Addresses
A Class B address has a standard subnet mask of 255.255.0.0. This mask tells IP that the first 16 bits are used for the network portion of the address, and the remaining 16 bits are used for the host portion: NNNN NNNN.NNNN NNNN.HHHH HHHH.HHHH HHHH The 16 bits that are used for the host portion of the address can uniquely address more than 16,000 hosts on each Class B network.
Class C Addresses
A Class C address has a standard subnet mask of 255.255.255.0, which masks out the first 24 bits as the network portion and leaves the remaining 8 bits for the host portion:
NNNN NNNN.NNNN NNNN.NNNN NNNN. HHHH HHHH The 8 bits used for the host portion can uniquely address 254 hosts on each of the Class C networks.
Class Subnet Masks(decimal) Standard Masks (Binary)
A 255.0.0.0 1111 1111.0000 0000.0000 0000.0000 0000
B 255.255.0.0 1111 1111.1111 1111.0000 0000.0000 0000
C 255.255.255.0 1111 1111.1111 1111.1111 1111.0000 0000
You can remember the standard masks this way:
1 octet = Class A (1st letter in the alphabet)
2 octets = Class B (2nd letter in the alphabet)
3 octets = Class C (3rd letter in the alphabet)
In most cases, however, using the standard subnet mask is not the optimal
solution for designing a TCP/IP addressing plan. Most implementations use a
variation of the standard subnet mask called a custom subnet mask, which is
explained in Chapter 9, “Using Custom Subnet Masks.”
The following screen capture shows a custom subnet mask being used.
Because the IP address has “10” in the first octet, this is a Class A address, and
the standard subnet mask is 255.0.0.0. However, the administrator has defined
a custom subnet mask of 255.255.255.240, which enables him to create more
networks with fewer hosts on each network.