Simplified IP Addressing
We need to discuss netmasking, but first, let's digress for a moment. A Boolean AND is just like an “and” in English. You tell Johnny you will buy him an ice cream cone if he puts out the trash “and” makes his bed. If he does neither or only one of them, he doesn't get an ice cream cone. If he does both, he gets the cone.
Bitwise ANDs work bit by bit. So, if you AND a 1 with a 1, you get a 1. If you AND two 0s, a 1 and a 0, or a 0 and a 1, however, you get a 0. Table 4 illustrates this operation.
Now let's take a whole byte and do a Logical AND with another byte. Suppose the first byte is 10110010 and the second byte is 01100111. Working from the right, note that the first byte has a decimal value of
0*1 + 1*2 + 0*4 + 0*8 + 1*16 + 1*32 + 0*64 + 1*128 = 178
while the second byte has a decimal value of
1*1 + 1*2 + 1*4 + 0*8 + 0*16 + 1*32 + 1*64 + 0*128 = 103.Now, AND the two bytes:
1 0 1 1 0 0 1 0 178 decimal, ANDed with 0 1 1 0 0 1 1 1 103 decimal --------------- gives 0 0 1 0 0 0 1 0 34 decimalAs a second example, let's AND 178 with 255.
1 0 1 1 0 0 1 0 178 decimal, ANDed with 1 1 1 1 1 1 1 1 255 decimal --------------- gives 1 0 1 1 0 0 1 0 178 decimalWe know, then, that when you bit-wise AND any byte (number) with 255, you get the number dropping through, i.e., the result is merely the number again.
The default netmasks for the various classes are shown in Table 5 with some sample host IP addresses. Simply put, a host is anything that has an IP address. This includes servers, workstations, routers, etc.
So, what does this mean and what do we do with it? Let's work through Table 5. If we take the sample Class A address, 10.0.1.23 and bit-wise AND it with its default netmask, we obtain 10.0.0.0. What is 10.0.0.0? It's the network address—look at the last column.
Notice that the first byte gives the network address when ANDing a Class A network with its default netmask, while the first two bytes give the network address when ANDing a Class B IP address with the default Class B netmask. Hence, we say that the first byte of a Class A IP address gives the network address, and the three remaining bytes give the host addresses, i.e., a Class A address has the form N.H.H.H where N stands for Network and H stands for Host. Likewise, the first two bytes of a Class B IP address pertain to the network, and the last two bytes pertain to the host address, i.e., N.N.H.H. Finally, the first three bytes of a Class C IP address pertain to the network, while the last byte pertains to the host, i.e., N.N.N.H.
Let's illustrate this with a Class B IP address such as 188.8.131.52. From Table 5, we know that the default netmask for a Class B network is 255.255.0.0. Hence, ANDing the default mask with the IP address yields the address of the network that particular host is on, i.e., 184.108.40.206. So, a host with an IP address of 220.127.116.11 finds itself on a network with an IP address of 18.104.22.168 if a default Class B net-mask is used.
If you are granted a full Class B suite of addresses with a network address of 22.214.171.124, what do you do with them? Remember, a Class B network has the form of N.N.H.H, i.e., the last two bytes can be used for assigning host IP addresses. This yields a network with 2<+>16<+> - 2 host addresses. The -2 comes from the fact that 126.96.36.199 is the network address, so it can't be assigned to a host; the last address on the network, 188.8.131.52, is used for broadcasts, so it also can't be assigned to a host.
This would be a very big network (65,534 host addresses), far too big to be practical. A very simple approach is to “borrow” one byte's worth of host addresses and assign them as network addresses. That would yield 2<+>8<+> = 256 networks with 254 hosts on each. Even here, these are large networks. This process of borrowing host addresses and using them for networks is called subnetting. We accomplish this by using a sub-netmask (SNM). In this case, we would use a sub-netmask of 255.255.255.0, which is the default Class C netmask. Hence, we have taken one Class B network and turned it into 256 Class C networks.
If we AND 184.108.40.206 with 255.255.255.0, we get a network address of 220.127.116.11 with the first available host address of 18.104.22.168 and the last of 22.214.171.124, since 126.96.36.199 is reserved for broadcasts. Another way of doing this is to start with the network address (188.8.131.52 in this case), turn all host bits into 1s, and obtain the broadcast address. Here, the last byte is used for host addresses, so turning them to ones gives 184.108.40.206. This type of broadcast is called a directed broadcast, meaning that it jumps routers while a local broadcast (which doesn't jump routers) has the form 255.255.255.255 no matter which class of network is involved.
If you're not too stunned at this point, you may wonder if you can subnet only on byte boundaries or if you can subnet a Class C network. The answers are “no” and “yes”, respectively; i.e., you can work in the middle of a byte.
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems
Join editor Bill Childers and Bit9's Paul Riegle on April 27 at 12pm Central to learn how to keep your Linux systems secure.
Free to Linux Journal readers.Register Now!
- Python Scripts as a Replacement for Bash Utility Scripts
- Considering Legacy UNIX/Linux Issues
- [<Megashare>] Watch Mrs Brown's Boys Movie Online Full Movie HD 2014
- Cluetrain at Fifteen
- Memory Ordering in Modern Microprocessors, Part I
- New Products
- Getting Good Vibrations with Linux
- RSS Feeds
- Security Hardening with Ansible
- diff -u: What's New in Kernel Development