This post provides information concerning the following topics:
Before we can start to subnet IPv4 address spaces, we need to look at what an IPv4 address is used for, how it looks, how to write one down correctly through the use of network masks, and what role address classes formerly served.
What Are IPv4 Addresses Used For?
IPv4 addressing was created to allow one specific digital device to communicate directly with another specific digital device. This is called unicast communication. But the designers of IPv4 addressing also wanted a way for one device to communicate with all of the devices within its network at the same time with the same message. If there are ten devices on your network, and one of them wants to send the same message to every other device, using unicast communication would require that the first device send out nine copies of the same message to the other devices. That is a waste of bandwidth. But by using broadcast communication, the first device sends out the message once and all nine other hosts receive it. This is a much more efficient use of your bandwidth. Devices designed to use IPv4 addresses are programmed to accept incoming messages to both their unicast and broadcast addresses.
An IPv4 address is known as a hierarchical address because it can be divided into multiple, smaller domains, each of which then defines a specific aspect of the device. An IPv4 address, in conjunction with a subnet mask, tells you two pieces of information: the network in which a device is located, and the unique identifier of the device itself.
This is different from a MAC address, which is called a flat address; it only tells you about the device itself. A MAC address gives you the unique identifier of the device, but it cannot tell you where in the network this device is located. An IPv4 address is able to tell you both where in the network a device is located and the unique identity of the device itself.
What Does an IPv4 Address Look Like?
The way that a computer or other digital device sees an IPv4 address and the way humans see an IPv4 address are different. A digital device sees an IPv4 address as a 32-bit number. But humans have devised a way to convert this 32-bit number into something easier to look at and work with. For humans, an IPv4 address is a 32-bit number that is broken down in four groups of 8 bits each. Each group of 8 bits is called an octet (or a byte), and the four octets are separated by periods:
11000000.10101000.00000001.00000001
Because we are more comfortable working with the decimal number system, these binary octets are then converted into decimal for ease of use:
192.168.1.1
Network and Subnetwork Masks
Because IPv4 addresses are hierarchical, there needs to be some way of distinguishing between the network portion of the address and the host portion. To accomplish this, an IPv4 address must be paired with a network mask, which is also sometimes called a subnetwork mask or simply a subnet mask or mask. A network mask is a 32-bit string of binary characters that defines which portion of the address represents the network and which portion of the address represents the specific host.
The rules for creating a network mask are as follows:
A 1 in the subnet mask defines a network bit.
A 0 in the subnet mask defines a host bit.
So an IPv4 address by itself really tells us nothing. We can make some guesses based on other information that will come later in this blog, but for now we need to have a subnet mask paired with an IPv4 address in order for us to know where the device is located and what its unique identity is.
Note
Historically, networks were broken down and divided up for use through the use of address classes (which will be discussed later in this post). This was accomplished through the use of network masks. When people starting breaking down larger networks into smaller network known as subnetworks, the term subnetwork mask came into use. All of these terms are now used interchangeably.
Ways to Write a Network or Subnet Mask
There are three ways to denote a subnet mask:
In binary: 11111111.11111111.11111111.00000000
In decimal: 255.255.255.0
In slash notation: /24
Each of these says the same thing: the first 24 bits of the 32-bit mask are 1, and the last 8 bits of the mask are 0. This tells us that when compared to an IPv4 address, the first 24 bits define the network portion of the address, and the last 8 bits define the host portion. If we look back at the address from the beginning of this blog and add to it this subnet mask, we get the following:
11000000.10101000.00000001.00000001 (address)
11111111.11111111.11111111.00000000 (subnet mask)
192.168.1.1 255.255.255.0 (address and then mask separated by a single space)
192.168.1.1/24 (address and mask using the / to separate address from mask)
In all three cases we can say that the network portion of the address 192.168.1.1/24 is 192.168.1 and that the host portion is .1.
Network, Node, and Broadcast Addresses
When IPv4 addressing was first designed, there needed to be a way for devices and people to recognize whether an address referred to a specific device or to a group of devices. Some rules were created to help determine the difference between a network address and a node (or host) address:
In an IP address:
A host portion of all binary 0s refers to the network itself.
A host portion with a combination of binary 0s and 1s refers to a specific host.
A host portion of all binary 1s refers to the broadcast address of the network.
So what is the difference between these three?
A network address defines the entire network and all of the hosts inside it. This address cannot be assigned to a specific device.
A host address defines one specific device inside of that network. This address can be assigned to a single device.
A broadcast address represents all of the hosts within a specific network. All devices within the network are programmed to accept messages sent to this address.
Going back to our original example of 192.168.1.1/24, what information can we determine now about this address? We already know that based on the mask of /24, the network portion is 192.168.1 and the host portion is .1. We know that the last 8 bits are host bits. Knowing what we now know about network, host, and broadcast addresses:
All 0s in the host portion of the address is 00000000 and that equals 0 in decimal, so the network address of this specific network is 192.168.1.0.
The host portion in binary is 00000001, which equals 1 in decimal, so this host is the first host in the network.
The range of hosts in this network runs from 00000001 to 11111110 in binary, or from 1 to 254 in decimal. There are 254 unique addresses in this network for devices.
The broadcast address of this network is 11111111, or all 1s in the host portion. This means that the broadcast address for this network is .255.
In chart form this network would look like:
| Network Address | Range of Valid Hosts | Broadcast Address |
| 192.168.1.0 | 192.168.1.1–192.168.1.254 | 192.168.1.255 |
Classes of IPv4 Addresses
IPv4 addresses were originally divided into five different classes according to size. These classes are no longer officially used because concepts such as classless interdomain routing (CIDR) and the mere fact that no more addresses are left to hand out have made address classes a moot point. But the terminology still remains out there and many IT professionals learned using this system, so it is a good starting point for understanding networks and, ultimately, subnetting of networks.
Address classes were broken down based on a concept called the leading bit pattern of the first octet of an IPv4 address. Remember that a machine reads IPv4 addressing as a single 32-bit number, so the patterns that were developed were all based in binary. This makes for some not-so-obvious decimal groupings of addresses.
Classes were named A through E and had the characteristics described in Table 1-1.
Table 1-1 IPv4 Address Classes
| Class | Leading Bit Pattern (First Octet) (in Binary) | First Octet (in Decimal) | Notes |
| A | 0xxxxxxx (x refers to the remaining bits in the octet and can be either 0 or 1) | 0–127 | 0 is invalid 10.0.0.0/8 is reserved for private, internal routing only (RFC 1918) 127 is reserved for loopback testing |
| B | 10xxxxxx | 128–191 | 172.16.0.0/12 is reserved for private, internal routing only (RFC 1918) |
| C | 110xxxxx | 192–223 | 192.168.0.0/16 is reserved for private, internal routing only (RFC 1918) |
| D | 1110xxxx | 224–239 | Reserved for multicasting; cannot be assigned to unicast hosts |
| E | 1111xxxx | 240–255 | Reserved for future use/testing |
Classes A, B, and C are the only classes that can be used for unicast communication. Class D is used for multicast communication, which means that one device can communicate with a specific group of hosts within a network (unlike broadcast communication, which is one device communicating with all hosts within a network). Class E is reserved for future use and/or testing. Class E addresses will never be released for unicast communication.
Network vs. Node (Host) Bits
Within Classes A to C, the four octets of an IPv4 address were broken down to either network octets or node (or host) octets. The following chart shows how the classes were broken down into network bits, called N bits, or node (host) bits, called H bits. The default subnet mask is also shown as well:
| Address Class | Octet 1 | Octet 2 | Octet 3 | Octet 4 | Default Network Mask |
| A | NNNNNNNN | HHHHHHHH | HHHHHHHH | HHHHHHHH | /8 or 255.0.0.0 |
| B | NNNNNNNN | NNNNNNNN | HHHHHHHH | HHHHHHHH | /16 or 255.255.0.0 |
| C | NNNNNNNN | NNNNNNNN | NNNNNNNN | HHHHHHHH | /24 or 255.255.255.0 |
This chart tells us more about the sizing of the different classes of addresses:
A Class A network has 24 bits that are used for assigning to hosts. 224 = 16,777,216 addresses. Removing two hosts for network identification (all 0s in the host portion) and broadcast communication (all 1s in the host portion), that means that every class A network can host 16,777,214 unique devices in a single network.
A Class B network has 16 bits available for host assignment. 216 = 65,536 hosts. Subtract the two addresses reserved for network and broadcast and you have 65,534 valid hosts per Class B network.
A Class C network has 8 bits available for hosts. 28 = 256 hosts. Subtracting the two addresses reserved for network and broadcast leaves you with 254 valid hosts per Class C network.
Combining this knowledge with the information from the IPv4 address class chart, we can make the following conclusions as well:
There are 126 valid Class A networks of 16,777,214 valid hosts each.
There are 16,384 valid Class B networks of 65,534 valid hosts each.
We get 16,384 from the fact that the first 16 bits of the address are network bits, but the first two of them are fixed in the pattern of 10. This means that we have 14 bits left of valid network bits ranging from 10000000.00000000 (which is 128.0) to 10111111.11111111 (which is 191.255). That is 16,384 different networks.
There are 2,097,152 Class C networks of 254 valid hosts each.
Again, we take the chart that says there are 24 N bits (network bits) and three of those bits are fixed to the pattern of 110. That means we have 21 bits left to assign to networks in the range of 11000000.00000000.00000000 (192.0.0) to 11011111.11111111.11111111 (223.255.255). That is 2,097,152 individual networks.
Looking back at our original example in this article of 192.168.1.1/24, we now know more information:
The network is a Class C network.
The network is in an RFC 1918 network, which means that it is private, and can only be routed internally within the network.
RFC (Private) 1918 Addresses
RFC 1918 addresses were created to help slow down the depletion of IPv4 addresses. Addresses that are part of RFC 1918 are to be used on private, internal networks only. They can be routed within the network, but they are not allowed out onto the public Internet. Most companies and homes today use private, internal RFC 1918 addresses in their networks. In order for a device that is using an RFC 1918 address to get out onto the public Internet, that address has to go through a device that uses Network Address Translation (NAT) and have its private address translated into an acceptable public address.
Note
When originally designed, the use of 32-bit numbers was chosen because it was felt that 232 number of unique addresses was so large that it would never be reached. This is why an entire Class A network (127) was reserved for loopback testing. You only need one address to test your loopback, but over 16 million addresses were reserved for this test—24 host bits means 224 addresses were reserved when only one was needed. 16,777,216 addresses may seem like a lot, but remember that two of those addresses are reserved for the network and broadcast addresses, so you only have 16,777,214 addresses reserved for loopback testing. Feel better?
Note
The original design of address classes had a network of all binary 0s or all binary 1s as invalid. Early devices used a string of 0s or 1s as internal communication codes so they could not be used. Therefore, network 0.0.0.0 and network 255.x.x.x are invalid. The 255 network is part of the reserved Class E network space, so we never had a chance to use it, but the 0 network is part of the assignable Class A address space. Another 16,777,214 addresses lost.
Note
We originally thought that 232 bit addressing space would be impossible to reach, but the advent of the public Internet and then mobile devices led to the need for a new addressing scheme. IPv6 is a 128-bit-wide addressing space. Reaching the limit of 2128 addresses might seem impossible, but with the Internet of Things (IoT) becoming a reality, is it impossible?
Local vs. Remote Addresses
When two addresses are in the same network, they are said to be local to each other. When two addresses are in different networks, they are said to be remote to each other. Why is this distinction important? Local devices can communicate directly with each other. Remote devices will need a Layer 3 device (such as a router or a Layer 3 switch) to facilitate communication between the two endpoints. A common mistake that occurs in networks once they are subnetted down to smaller networks is that devices that were once local to each other are now remote, and without that Layer 3 device to assist, communication no longer occurs. Being able to tell if two devices are local or remote is a valuable tool to assist in troubleshooting communication problems.
Classless Addressing
Although classful addressing was originally used in the early days of IPv4 usage, it was quickly discovered that there were inefficiencies in this rigid scheme—who really needs 16 million hosts in a single network? Concepts such as CIDR and variable-length subnet masking (VLSM) were created to allow for a more efficient distribution of IPv4 addresses and networks.
In classless addressing, the rules all stay the same except for one: the size of the default network mask. With classless addressing, the network mask can be changed from the default sizes of /8, /16, or /24 in order to accommodate whatever size of network is required. For example, a common practice is to take a Class A network, such as the RFC 1918 10.0.0.0 network, and break that one large network into smaller, more manageable networks. So instead of a single network of 16.7 million hosts, we can use a /16 mask and create 256 networks of 65,534 hosts each:
| 10.0.0.0/8 (8 N bits 24 H bits) | = | One network of 16,777, 214 hosts (224 bits for hosts) | 10.0.0.1–10.255.255.254 |
| 10.0.0.0/16 (16 N bits and 16 H bits) | = | One network of 65,534 hosts (216 bits for hosts) | 10.0.0.1–10.0.255.254 |
| 10.1.0.0/16 | = | One network of 65,534 hosts | 10.1.0.1–10.1.255.254 |
| 10.2.0.0/16 | = | One network of 65,534 hosts | 10.2.0.1–10.2.255.254 |
| … | |||
| 10.254.0.0/16 | = | One network of 65,534 hosts | 10.254.0.1–10.254.255.254 |
| 10.255.0.0/16 | = | One network of 65,534 hosts | 10.255.0.1–10.255.255.255 |
We can prove this using binary to show that no other rules of IP addressing have changed:
| N/H Bits | N Bits | H Bits | ||
| 10.0.0.0/8 | = | 8 N and 24 H bits | 00001010 | 00000000 00000000 00000000 |
| 10.0.0.0/16 | = | 16 N and 16 H bits | 00001010 00000000 | 00000000 00000000 |
| 10.1.0.0/16 | = | 16 N and 16 H bits | 00001010 00000001 | 00000000 00000000 |
| 10.2.0.0/16 | = | 16 N and 16 H bits | 00001010 00000010 | 00000000 00000000 |
| … | ||||
| 10.254.0.0/16 | = | 16 N and 16 H bits | 00001010 11111110 | 00000000 00000000 |
| 10.255.0.0/16 | = | 16 N and 16 H bits | 00001010 11111111 | 00000000 00000000 |
The rules for network, valid host, and broadcast addresses have also not changed. If we take the column of H bits above and break it down further we get the following:
| Host Bit Portion of Address | |||
| Address | Network Address (All 0s in H bits) | Range of Valid Hosts | Broadcast Address (All 1s in H bits) |
| 10.0.0.0/16 | 00000000 00000000 (10.0.0.0) | 00000000 00000001–11111111 11111110 (10.0.0.1–10.0.255.254) | 11111111 11111111 (10.0.255.255) |
| 10.1.0.0/16 | 00000000 00000000 (10.1.0.0) | 00000000 00000001–11111111 11111110 (10.1.0.1–10.1.255.254) | 11111111 11111111 (10.1.255.255) |
Another common occurrence is to take a Class A network and use the Class C default mask to create 65,536 networks of 254 hosts per network:
| 10.0.0.0/8 (8 N bits and 24 H bits) | = | One network of 16,777, 214 hosts (224 bits for hosts) | 10.0.0.1–10.255.255.254 |
| 10.0.0.0/24 (16 N and 16 H bits) | = | One network of 254 hosts (216 bits for hosts) | 10.0.0.1–10.0.0.254 |
| 10.0.1.0/24 | = | One network of 254 hosts | 10.0.1.1–10.0.1.254 |
| 10.0.2.0/24 | = | One network of 254 hosts | 10.0.2.1–10.0.2.254 |
| … | |||
| 10.255.254.0/24 | = | One network of 254 hosts | 10.255.254.1–10.255.255.254 |
| 10.255.255.0/24 | = | One network of 254 hosts | 10.255.255.1–10.255.255.254 |
A third common occurrence is to take a Class B network and use the Class C default Mask to create 256 networks of 254 hosts per network:
| 172.16.0.0/16 (16 N bits and 16 H bits) | = | One network of 65,534 hosts (216 bits for hosts) | 10.0.0.1–10.255.255.254 |
| 172.16.0.0/24 (16 N and 16 H bits) | = | One network of 254 hosts (28 bits for hosts) | 172.16.0.1–172.16.0.254 |
| 172.16.1.0/24 | = | One network of 254 hosts | 172.16.1.1–172.16.1.254 |
| 172.16.2.0/24 | = | One network of 254 hosts | 172.16.2.1–172.16.2.254 |
| … | |||
| 172.16.254.0/24 | = | One network of 254 hosts | 172.16.254.1–172.16.255.254 |
| 172.16.255.0/24 | = | One network of 254 hosts | 172.16.255.1–172.16.255.254 |
What we have done in all of these examples is to break down one large network into many smaller, more manageable networks. This is known as subnetting. The next section will show you how to do this for any size of subnet that you may require.
Lessons Learned
You’ve learned that a simple IPv4 address and network mask tells us a lot of information.
192.168.1.1/24 tells us:
The network portion of this address is 192.168.1.
We denote this as 192.168.1.0/24.
The host portion of this address is .1.
There are 254 valid hosts on this network ranging from .1 to .254.
This is the first valid host in this network.
Hosts with addresses of .2 to .254 in this network would be local to this device and therefore able to communicate directly with .1.
The broadcast address for this network is 192.168.1.255/24.
All 1s in the host portion is 11111111 or .255.
This is a Class C address.
First octet has a number of 192.
This is a valid address that can be assigned to a device for unicast communication.
It is not reserved for other use like a Class D multicasting address.
It is not reserved for testing/future use like a Class E address.
It is not reserved for loopback testing.
It is not invalid like the 0 or 255 networks.
It is not a network address or a broadcast address.
