Introduction to IP subnetting using CIDR and VLSM

Introduction

When you want to monitor a complex network, it is important to know how IP subnet, IP subnetting, IP addresses, routers, and default gateways work. This document helps you understand IP subnetting basics, TCP/IP subnets, subnet masks, and usage of IP subnets. Introducing and using CIDR and VLSM protocols, this document breaks down subnet addressing structure, helping you calculate TCP/IP subnets on your own.

Additional information

To get you started, here is a list of terms that you need to know to understand IP subnetting better:

IP - Internet Protocol (IP) defines a set of rules and standards to be followed to enable communication between the devices in a network. IP address versions (IPv4 and IPv6) aid in uniquely addressing network resources.

TCP/IP - This communications protocol specifies how data should be packetized, addressed, transmitted, routed, and received. It consists of the Transmission Control Protocol (TCP), and the internet protocol (IP).

Address - A dotted bit/numeric expression that uniquely identifies a device/host in a TCP/IP network.

For example: A computer connecting to a network can be assigned an IP address 192.168.10.21, which uniquely identifies it on the network.

IP subnet - Large TCP/IP networks can be partitioned into small logical groups, or smaller networks called IP subnet. These sub portions of the network have the same network ID.

Subnet mask - A 32-bit representation used by a TCP/IP network to define the range of IP addresses available within a subnet.

CIDR - Classless Inter Domain Routing (CIDR) is an internet protocol for efficiently allocating IP addresses, and for IP routing without exhausting the IP address space.

VLSM - Variable Length Subnet Mask (VLSM) supports IP subnets of different sizes as per the requirement within the same network.

FLSM - Fixed Length Subnet Mask (FLSM) requires network to have subnets of equal size and equal number of hosts.

Decimal representation - When an address is represented with decimals, it is written using the 10 base numbers - 0,1,2,3,4,5,6,7,8,9.

Binary representation - When an address is represented in binary, it is written using the 2 base numbers (or bits) - 0,1.

IP address and its structure

The Internet Protocol (IP) Address is a 32-bit numeric label assigned to devices or hosts in a network. With the growth of networking, the 32-bit IPv4 address resources were depleting, paving the way for the deployment of the 128-bit IPv6 addresses. Despite the ongoing deployment of IPv6 addresses, IPv4 is still one of the core protocols used in TCP/IP networking and other packet-switched networks.

The IP address is represented in a dotted-decimal format with four octets each having an 8-bit number (0-255) separated with a period ( '.' ). The IP address is made up of two parts. The IP address is made up of two parts, a network ID and a host ID. Based on the classes used, or subnet mask applied, the octets from left to right represent the network ID and from right to left represent the host ID.

For example: The IP address 192.168.10.8 is represented as shown below.

IP Subnetting - ManageEngine OpUtils

Based on the classes used, or subnet mask applied, the octets from left to right represent the network ID and from right to left represent the host ID.

IP classes and subnets

Subnetting Analogy

As an analogy to explain IP Subnet, subnetting address, and subnet mask, say you are going to conduct a summer camp, teaching students music, art, dance, and drama. Imagine you want to identify each student uniquely so that a student ID number tells you the student's class, and roll number. If you have rented a large seminar hall for your camp, you will have to set up partitions to separate this large hall into four different rooms because we don't want classes to interfere with each other, and it is simpler to create unique IDs within a class than in the four classes combined.

Now, each student is assigned a class for the rest of the camp. Lets assign each class a class ID. For arts class it is 01, for music it is 02, for dance 03, and for drama it is 04. There are 20 students enrolled in each class. So we have the roll numbers of 1-20 in every class room. In order to identify which student belongs to what class, we give each student an ID card with their class ID and roll number.

A student with the roll number 13 enrolled in music class has an ID card that says 0213.

Similarly, an ID 0109 indicates a student has enrolled in the arts class, and their roll number is 09.

Say, someone has found four lost ID cards and wants to return them to the students. They can easily find which class the student belongs to by simply placing a mask over the last two digits; the first two digits will give them the class ID.

IP Subnet - ManageEngine OpUtils

Similarly, a network may consist of several hosts. To assign addresses for these hosts efficiently, we partition the network (hall) in to subnets (class rooms). In monitored IP subnets, each have a network ID (class ID). The hosts in the subnet have a host ID (roll number). To identify which host belongs to which subnet, we use the subnet mask (paper mask).

Network IP classes

The IPv4 is broadly classified into five different classes. These classes are called class A,B,C,D, and E. Classes D and E reserved for multi casting, and experimental research. The TCP/IP classes that a IP address belongs to is identified based on the values in the octets on the left side.

IPv4 Subnetting - ManageEngine OpUtils

For instance, class A has an IP range of 1-126 in its first octet (leftmost octet). The other three octets are allocated for host ID. Similarly, in class B, the first 2 octets (from the left) with the IP range of 128-191are allocated for the network ID and the remaining two octets are allocated for the host ID.

The network classes, their IP ranges and the number of host addresses supported are given below.

Class IP Range Network ID (N) and Host ID (H) allocation Number of Hosts
A   1-126* N.H.H.H 16,777,214
B 128-191 N.N.H.H 65,534
C 192-223 N.N.N.H 254
D 224-239 - -
E 240-255 - -

*Any IP address starting with the range of 127, is Loop back IP.

For example: 255.0.0.0 represents the default subnet mask for class A in decimal. This when represented in binary is,

11111111. 00000000. 00000000. 00000000
Network ID Host ID

Thus, the subnet mask masks the network ID of an IP address with 1s and has the host ID part as all 0s.

If the IP subnetting is not performed, then one network class should be fully used, which is unrealistic, as each data link in the network should have a unique network ID.

Issues with classful IP subnets

Classful IP subnetting does not provide the flexibility of having a fewer number of hosts per network, or more networks per IP class. This wastes millions of class A addresses and many of class B, whereas the number of addresses available in class C is insufficient.

For example: Say you have to perform IP subnetting for a network with 1500 devices. Choosing to use class B subnetting, you will waste 64,034 IP address. Whereas, using class C leads to using six class C networks. This is not an optimal solution for large networks.

Classful subnets following FLSM becomes an inefficient subnetting technique.
Solution: Use CIDR with VLSM for IP subnetting.

CIDR and VLSM

Classless subnets - CIDR

CIDR provides classless IP subnetting of IPv4 and IPv6 address into individual IP subnet. Developed in 1993 by the Internet Engineering Task Force, this process involves placing a mask over the network address to specify the router which of the address is the network ID, and which part is the host ID, without following the bit allocations for either. This process abandons classful addressing, and allows subnetting a network to manage logical divisions with the required number of hosts.

Subnetting a subnet - VLSM

One of the important aspects of IP subnetting is dividing a subnet into smaller networks, which is made possible by VLSM. As discussed earlier, in FLSM subnetting, all subnets are of equal number of host IDs and equal size. In VLSM subnetting, different subnets can be of different sizes. This technique is known as subnetting a subnet.

FLSM vs. VLSM

With FLSM, all subnets are of equal sizes and equal number of hosts, and is preferred for private IP addressing. Whereas in VLSM, through advanced IP subnetting, subnets and hosts are of variable sizes and numbers to suit the network requirement are calculated, and are used in public IP addressing.

CIDR with VLSM

CIDR encompasses many network concepts, which includes VLSM. VLSM allows subnets and subnet masks to be realized in variable lengths—not constrained to the classes. VLSM enables subnetting a subnet by applying a subnet mask within a subnet, as VLSM uses block size based on this requirement. This increases the usability of the subnets.

For example, while using class A subnets, there are 16,777,214 host addresses that can be used as three octets are used to assign hosts. To use this optimally, bits from the host part are borrowed and added to the subnet mask. This can create various class A subnets with various number of hosts, which can be employed as per requirement. The same principle can be used to subnet class B subnets and class C subnets. Examples of some of the combinations of class A subnets using VLSM are shown in the table below:

Network bits Subnet mask Bits moved Subnets Hosts
8 255.0.0.0 0 1 16,77,214
9 255.128.0.0 1 2 8,388,606
16 255.255.0.0 8 256 65,534
25 255.255.255.128 17 131,072 126
30 255.255.255.252 22 4,194,304 2

Note: To calculate available IP subnets and hosts,

(i) Number of subnets = 2n where, n is the number of 1s in the subnet ID.
(ii) Number of available hosts = 2n-2 where, n is the number of 0s in the host ID.

For example:

As said earlier,

In classful subnetting, for a class C IP 192.182.21.103, the subnet mask 255.255.255.0 in binary is as follows.

IP :
11000000 . 10110110 . 00010101 . 1100111
11111111 . 11111111 . 11111111 | 00000000 (Applying subnet)

Here, to the left of '|' is the network ID (which is masked by the subnet mask) and to its right is the bits allocated for the host address (8 bits). Therefore, the possible number of hosts is 254 (2^8 - 2 hosts).

With CIDR and VLSM, the subnetting is independent of classes. So, an IP address 192.182.21.3 with the subnet mask 255.255.255.248 in binary is represented as,

IP :
11000000 . 10110110 . 00010101 . 1100111
11111111 . 11111111. 11111111 . 11111000 (Applying subnet mask)

Here, with CIDR and VLSM, we get that:

11000000 . 10110110 . 00010101 . 1100 111
Network ID Subnet ID Host ID

Since, while using a subnet masks, the host ID can not be all 0s (that represents the network address), or all 1s (that represents the network broadcast address), the above IP is not a host IP, but a broadcast IP of the IP subnet address.

CIDR notation

Traditionally, an IP address represented the class it belonged to, based on its range in the first octet—for example, 192.138.27.9 belonged to class C. Applying subnet masks made it possible to view the host address part of the IP address. In CIDR notation, this information is suffixed to the IP address itself.

For example:

Without CIDR notation, we specify as,
IP : 192.168.10.1
Subnet Mask: 255.255.255.248
With CIDR notation, this is written as,
IP: 192.168.10.1/29
Where, 29 is the number of bits allocated for the network ID.

The advantages of using CIDR

  • Reduces the number of routing table entries.
  • Ensures efficient use of the available IP address space.
  • Provides similar subnetting for intranet and internet, without any special requirements.
  • Eliminates the disadvantages of classful IP addressing and subnetting.

How to calculate IP subnets?

Sample IP subnetting example:

Consider a network with three LANs: LAN A with 25 Hosts, LAN B with 12 Hosts, and LAN C with 55 Hosts. These LANs are connected with three serial links, Link X, Link Y, and Link Z.

For a network range of 192.168.4.0/24, a IP plan for subnetting using CIDR and VLSM has to be calculated.

IPv6 Subnetting - ManageEngine OpUtils

Step 1: Arrange the network from the largest to the smallest in respect to the number of hosts.

  1. LAN C (55 hosts)
  2. LAN A (25 hosts)
  3. LAN B (12 Hosts)
  4. Link X,Y,Z

Step 2: Pick a subnet for the largest network to use.

For the largest network LAN C with 55 hosts, we know that a subnet with CIDR /26 provides four subnets, which can support 64 hosts each. Any of these four subnets can be assigned to LAN C.

So, we assign the subnet 192.168.4.0/26 to LAN C in which the first host ID is the network ID, and the last host ID is the broadcast ID. Any of the remaining 62 IDs can be assigned to the 55 hosts in LAN C.

Network ID Subnet Mask Hosts Network
192.168.4.0 /26 64 LAN C
192.168.4.64 /26 64 Future use
192.168.4.128 /26 64 Future use
192.168.4.192 /26 64 Future use

Step 3: Repeat the process of step two for the next largest network by subnetting the subnets.

A subnetting of CIDR /27 would provide 32 host IDs. So, for LAN A with 25 hosts, we subnet 192.168.4.64/26, with 64 host IDs into two subnets containing 32 host IDs each. This gives us subnets 192.168.4.64/27 and 192.168.4.96/27 within a subnet 192.168.4.64/26, any of which can be used for LAN A.

Network ID Subnet Mask Hosts Network
192.168.4.0 /26 64 LAN C
192.168.4.64 /27 32 LAN A
192.168.4.96 /27 32 Future use
192.168.4.128 /26 64 Future use
192.168.4.192 /26 64 Future use

Applying step 3 for the next largest Network LAN B with 12 hosts, we further subnet 192.168.4.96/27 into 192.168.4.96/28 and 192.168.4.112/28 which will give us 16 host IDs each.

Network ID Subnet Mask Hosts Network
192.168.4.0 /26 64 LAN C
192.168.4.64 /27 32 LAN A
192.168.4.96 /28 16 LAN B
192.168.4.112 /28 16 Future use
192.168.4.128 /26 64 Future use
192.168.4.192 /26 64 Future use

Now for the three links (Link X,Y,Z), each link requires two host IDs. Therefore, we need a subnetting that could provide four host IDs, two each for the network and broadcast IDs. Repeating step three, we get:

Network ID Subnet Mask Hosts Network
192.168.4.0 /26 64 LAN C
192.168.4.64 /27 32 LAN A
192.168.4.96 /28 16 LAN B
192.168.4.112 /30 4 LAN X
192.168.4.116 /30 4 LAN Y
192.168.4.120 /30 4 LAN Z
192.168.4.124 /30 4 Future use
192.168.4.128 /26 64 Future use
192.168.4.192 /26 64 Future use

Step 4: Assign the calculated subnets

On subnetting the given network with CIDR and VLSM, we have acquired six subnets with variable number of hosts to suit our network requirement. The calculated subnets can be assigned to the logical divisions in the network, reserving the remaining addresses for future use. IP subnet scanner can now scan subnet for IP addresses.

Monitoring IP subnets

Subnetting networks results in multiple subnets that have to be monitored and managed in order to maintain network stability. This makes it important to have an efficient network monitoring solution like ManageEngine OpUtils in place, as manually managing these subnets is extremely time-consuming and inefficient. OpUtils' IP subnet tool makes it easier for network admins to scan IP subnet for IP addresses, calculate IP subnet, and assists in advanced IP subnetting.

OpUtils is an IP address and switch port manager offers IP subnet tool, that can scan, monitor, and manage multiple subnets.

OpUtils IP subnetting software

  • Displays real-time subnet utilization and availability with regular IP subnet scans.
  • Provides a comprehensive subnet summary which includes the number of reserved IPs, subnet usage percentage, IP subnetting address, DNS status, address lookup, and more.
  • Supports a hierarchical view of IPv4 and IPv6 subnets.
  • Generates granular subnet specific reports that helps audit the subnet IP addresses and hosts.
  • Provides historical data of IPs, their users, devices, and connected ports in a subnet.
  • Helps measure subnet performance metrics with widgets such as top 10 subnets with occupied IPs and more.

All of these comprehensive features is provided by OpUtils in an intuitive, code-free UI. Download a 30-day free trial or sign-up for a free live demo with a product expert to discover how OpUtils' network scanning abilities, and 30+ network tools can help you efficiently monitor your network.