In this article, I provide an overview of what network administrators need to know about IP addressing and subnetting. I believe this overview will be beneficial to the seasoned administrator who hasn't worked with IP in a while, as well as to novice network administrators who need to know what they should learn without having to spend a long time doing it.
1. What do you need to know about addresses?
You probably know what an IP address is: a number that identifies that device on the network. But what else do you need to know? IP addresses are made up of 32 bits (IPv4 addresses, that is). We normally think of an IP address as something like 18.104.22.168, but really this can be translated into eight binary bits (see
Traditionally, IP addresses were broken up into classes, but those classes aren't used much any more unless you are taking a certification exam. We will learn more about classes below.
Most importantly, IP addresses must be unique on your network. If two devices have the exact same IP address, you have an IP address conflict. When that happens, either device or both devices will not work on the network. Commonly, DHCP is used to dynamically allocate IP addresses in hopes of preventing address duplication and easing the administrative burden of static IP addressing.
2. What is a subnet mask?
A subnet mask is what tells your computer (or other network device) what portion of the IP address is used to represent your network and what part is used to represent hosts (other computers) on your network. For example, if you have an IP address of 22.214.171.124 and a subnet mask of 255.255.255.0, the 255s mask off the first three 1s. If you did the logical "AND" (the calculation your computer does -- see Binary-to-Decimal Conversion for more information), you would find out that the network ID for this network is 126.96.36.199. Where the 0 is located, you could fill in hosts numbered 1 to 254. For example, the first host on your network is 188.8.131.52 and the last host is 184.108.40.206.
"Subnetting" is breaking up a single network into smaller networks. To do this, you add more bits (more numbers) to the subnet mask. Traditionally, we are used to seeing subnet masks that look like 255.0.0.0, 255.255.0.0, or 255.255.255.0. However, a subnet mask might also look like 255.255.128.0 or 255.255.255.224. In both of these cases, it is obvious that the network has been subnetted to break a single network into smaller networks.
3. What is the difference between "classful" and "classless" IP addressing?
When the concept of IP addressing was first thought up, it was decided that IP addresses would be put into classes. These classes are:
|Class||IP address range||Default subnet mask|
|A||220.127.116.11 to 127.255.255.255||255.0.0.0|
|B||18.104.22.168 to 22.214.171.124||255.255.0.0|
|C||192.0.0.0 to 126.96.36.199||255.255.255.0|
Today, these default subnet masks aren't much used except as a point of reference and trivia. For example, if I said that your IP address was 192.168.1.1 but didn't tell you the subnet mask, it would be safe to assume that your subnet mask is 255.255.255.0 because that IP address falls into the Class C range. This is also important when you take some certification tests.
In real life, an IP address today could have any legal subnet mask. For example, you may have an IP address of 188.8.131.52 with a subnet mask of 255.255.255.240. Or you may have an IP address of 184.108.40.206 with a subnet mask of 255.0.0.0. Sometimes, people will say things like "I need an entire Class C block of addresses." This just means that they want 254 contiguous and usable IP addresses.
The term "classful" means that the IP address or software is assuming that IP addresses fall into these classes and uses the default subnet mask shown. If a routing protocol, like RIP, is classful, it has trouble with the IP addresses that don't use the default subnet masks.
On the other hand, a "classless" routing protocol, like RIP version 2, doesn't assume that IP addresses have their default subnet masks. Today, you should assume that all network devices are classless unless you find that they are not (like routing protocols RIP or IGRP, or a very old computer operating system).
4. What is a default gateway?
Contrary to popular belief, a default gateway is not a required piece of IP address configuration on any computer. However, if you want to access devices outside of your local network (such as devices on the Internet), a default gateway is required.
A default gateway is where a computer sends requests to IP addresses that are not on its local network. How does the computer know what is and what is not on its local network? As discussed above, the subnet mask is what the computer uses to know what is and what is not on its local network. Say, for example, your IP address is 220.127.116.11 and your subnet mask is 255.255.255.0, and you make a Web request to 18.104.22.168. Because of your subnet mask, your local area network is the 22.214.171.124 network. Meaning anything that is 126.96.36.199 through 254 is on your local network. Because you are requesting 188.8.131.52, which is not on your local network, that packet would be sent to your default gateway.
5. What are private IP addresses?
The private IP address space is defined by RFC1918. In this RFC, it says that no public (take that as "no Internet") devices will use or recognize the following IP addresses:
- 10.0.0.0 to 10.255.255.255 (10/8 prefix)
- 172.16.0.0 to 172.31.255.255 (172.16/12 prefix)
- 192.168.0.0 to 192.168.255.255 (192.168/16 prefix)
Your IP address may be the same on your PC as someone else's if you have a private IP address. These ranges of IP addresses are available for anyone to use on their own internal (private) network. There is no need to keep them unique. I can have IP address 192.168.1.1 on my home network and so can everyone else in the world! When I go to make a request to the Internet, however, that private IP address must be converted into a public IP address or else the Internet router I make the request to will just throw my request away (because I have a private IP address). Network Address Translation (NAT) is what performs this public-to-private translation (see RFC1631 and RFC2663 for more information on NAT).
Private IP addresses are there to reduce the need for more public IP addresses. An unintentional consequence is that they provide a tiny bit of security.
So, if I am trying to FTP to your computer on the Internet and you tell me that your IP address is 192.168.3.3, I will tell you "No, I need your public IP address, not your private IP address."
About the author:
David Davis (CCIE #9369, CWNA, MCSE, CISSP, Linux+, CEH) has been in the IT industry for 15 years. Currently, he manages a group of systems/network administrators for a privately owned retail company and authors IT-related material in his spare time. He has written more than 50 articles, eight practice tests and three video courses and has co-authored one book. His Web site is HappyRouter.com.
This was first published in October 2006