Net Masks and the Subnet Calculator
Determining the proper mask value to assign to router and client
IP addresses is sometimes difficult. You are usually pretty safe
using 255.255.255.0 for your IPNetRouter gateway's private subnet,
especially if you never intend to have more than 254 unique LAN
clients on your LAN. The approved private LAN network ranges are
described in RFC-1918.
In the simple case, if you lower the number of the subnet mask,
the more open (or greater) the number of valid IP address in a
subnetwork. Let's start with the standard, typical mask for a
home LAN, 255.255.255.0. It typically permits 254 clients on a
LAN connected to the IPNetRouter gateway (eg x.y.z.1-x.y.z.254
are good IPs to use on the x.y.z subnet with mask 255.255.255.0;
x.y.z.0 and x.y.z.255 are generally not because of the way IP
routing works). If you up the last number of the subnet mask you
lower the number of clients permitted on your LAN. For instance,
if you set it to 255.255.255.252 only three LAN clients and the
gateway (four IP addresses) will be permitted to communicate with
one another on that particular subnet. To route properly, the
router should be one of the IP addresses in the same subnet as
the clients.
If you understand binary operations the above will make more
sense since the number of clients on a subnet is limited by performing
a binary AND operation between the subnet mask and a given IP
address.
Using the Subnet Calculator Tool
Using the Subnet Calculator tool in IPNetRouter or IPNetMonitor,
you can see how many clients can be supported on an IP subnet
based on a particular subnet mask. The prefix length set in the
subnet calculator is equivalent to the shorthand value in the
following table:
By experimenting with the last IP address in the example, you
can see how the subnet and client ID can change by altering the
mask while the IP address remains constant. It is the network
number that is used to determine whether a client is on the same
or a different subnet when determining whether to broadcast an
IP packet to the local network or not.
For each increase in the shorthand mask number by one, halve
the number of available clients for your local LAN. For each decrease
of one in the mask (again, using the "/" syntax), the
number of permitted clients on the LAN is doubled. This is a simplistic
explanation, good enough for handling a subnet like 192.168.0.1
with a mask short hand value of /24 thru /32 (long hand 255.255.255.0
thru 255). The subnet calculator can determine the range of the
clients local network by its IP address and network mask. Shorthand
"/30" represents a sublan of four machines (hosts) with
a network number determined by the machines IP address; shorthand
"/31" is for a subnet of two clients; shorthand "/29"
is for a network of eight clients, etc.
Some of the interfaces in IPNetRouter support the "/"
syntax for masks, others support the "255.255.255.0"
type syntax. Using the Subnet Calculator, you can automatically
do the conversion between the two without much hassle.
For filtering of IP packets,
the net mask is used to designate a range of IP addresses to apply
the filter to. In the last example, 192.168.73.80 through .83
would be filtered if a "/30" mask was applied to 192.168.73.82.
If you want to know more about network masks, RFC-950
is a good starting point. See the help text for the Subnet Calculator
for more information on how it works.
Binary Subnet Masks and Routing--the Short Version
(The Internet was designed by mathematician's and people with
strong mathematics backgrounds. If you are not well-versed in
binary number theory but are interested in how routing really
works, the best thing to find an easy guide to the Internet--your
local librarian or bookstore may be able to recommend such a
book (we hope). Maybe someday it will be easier. For now...)
If any 32-bit IP address is ANDed with 255.255.255.0 (the equivalent
of 24 "1" bits followed by eight "0" bits),
you are left with only 255 valid client IDs in a given subnet
(actually 254 since the all 1s and all 0s client host numbers
are typically reserved). ANDing 255.255.255.252 with an IP address,
only four addresses will be valid for the local subnet. Doesn't
make sense? Well, think of it this way. The destination address
and the origination IP address are each ANDed with the origination
IPs mask for any packet sent. The results of the two operations
are then compared. The masks obliterate the client IDs (still
kept in the packet header) and then are compared with one another.
The following two examples take place on the originating host.
Destination of an IP datagram is on the same LAN
Origination is 192.168.2.4, mask is 255.255.255.0, the AND operation
gives 192.168.2.0
Destination is 192.168.2.17, mask is 255.255.255.0, the AND
operation gives 192.168.2.0
Since the packets originate on the same subnet, the machine
sends the packet out on the LAN without asking the router what
to do--its a local neighborhood destination (Yep, you don't
need a router if you use the same network and masks for a local
LAN when using straight IP addressing.)
Destination and originating hosts are on different LANs
Origination is 192.168.14.3, mask is 255.255.255.0, the AND
operation gives 192.168.14.0
Destination is 24.156.22.45, mask is 255.0.0.0, the AND operation
gives 24.156.22.0*
Since the source and destination networks are different the
packet is sent to the router for further handling. (*NOTE: the
origination mask is used for mask calculations to avoid problems
when using different masks on the same subnetwork; if the sending
host determines that the IP packet it is about to send is not
on its subnet, it should send the packet to a router/gateway
for handling.)
In the instance of an address with a mask of 255.255.255.252,
there are only four local host IPs that are within the same
subnetwork. All other addresses will result in the packet being
sent to the local router for handling. The last number, 252,
is equivalent to 11111100 in binary.
Top