Introduction to Subnetting 

Intro to Subnetting by Aaron G. Rombaut

Introduction: Subnetting is a way for network administrators to use available network address space without waste. A general rule of thumb in networking is to remember a subnet = broadcast domain = vlan.

Discussion: An IPv4  address consists of four octets in dotted decimal notation. Each octet contains eight bits ranging in value from 0 to 255. A common IPv4 address many home users may be familiar with is 192.168.1.1. This by itself is called a host or node address. This address is given to a network node on a network and identifies it. It is a made up number given by a network administrator and resides at layer 3 of the OSI model. With the information given, however, we don’t know the network it resides on.

In order to find out the network the host address is on, we need to know the subnet mask. A common subnet mask home users may be familiar with is 255.255.255.0. Once we have the IP address and the subnet mask, it’s simply a matter of performing a binary calculation.

Tip: When you see a ‘255’ in a subnet mask, you carry the octet value from the IP address

Tip: When you see a ‘0’ in a subnet mask, you mark that octet with a ‘0’

Example: Using the 192.168.1.1 IP address and 255.255.255.0 subnet mask, I will demonstrate the tips given.

IP Address: 192.168.1.1
Subnet Mask: 255.255.255.0
Network Address: 192.168.1.0

A more difficult example would be as follows:

IP Address: 192.168.1.45
Subnet Mask: 255.255.255.248

The subnet mask given here is a subnet of the previous example. Notice that the last octet of the subnet mask has increased from 0 to 248. This increase indicates that the network administrator has borrowed host bits to make the network smaller.

A visual representation of 255.255.255.0 is nnnnnnnn.nnnnnnnn.nnnnnnnn.hhhhhhhh where ‘n’ represents network bits and ‘h’ represents host bits. A visual representation of the subnetted network’s subnet mask is nnnnnnnn.nnnnnnnn.nnnnnnnn.nnnnnhhh. Notice that in the fourth octet, there are five ‘n’ bits and only three ‘h’ bits? This indicates that the administrator ‘borrowed’ host bits to make a smaller network.

To calculate the Network Address here, the first tip still applies, you still carry the 192.168.1 part of the address since the subnet mask in those lined up octets are 255. Where it gets interesting is the fourth octet. This is actually called the interesting octet.

As mentioned in the beginning, an IP address is made up of four octets in dotted decimal notation. Each octet contains eight bits ranging from 0 to 255. I will break this up to illustrate.

First layout your eight bit placeholders.

_  _  _  _  _  _  _  _

The value of each of these placeholders is as follows, 128 64 32 16 8 4 2 1. Since bits are binary, you can only use a ‘1’ or a ‘0’. In order to convert the decimal number 45 given in the example to binary, you simply mark the appropriate value in the placeholder that gives you the sum. For instance, 128 does not go in 45, so you would mark a ‘0’ in the ‘128’ placeholder. 64 also does not go in 45, so again, you would mark a ‘0’. 32 does go into 45, so in this case, you would place a ‘1’ in the 32 placeholder. You continue doing this until you have met the decimal number. If there are any open placeholders to the right, you finish them with ‘0’.

The binary representation for decimal 45 is 00101101. This is the hardest part of learning how to subnet.

For subnet masks, it’s much easier as the bits have to be contiguous. This means that you will not have an octet consisting of 1, 0, and then more ones. Remember the range for an octet is 0 to 255. A ‘0’ octet is where all binary bits are turned off. So, the binary representation of decimal ‘0’ is 00000000. A ‘255’ octet is where all binary bits are turned on. So, the binary representation of decimal ‘255’ is 11111111. Since subnet masks consist of contiguous ‘1’, then there is a finite number of addresses to remember.

Tip: remember the eight permutations for subnet masks

128.0.0.0 (128 + 0 + 0 + 0 + 0 + 0 + 0 + 0)
192.0.0.0 (128 + 64 + 0 + 0 + 0 + 0 + 0 + 0)
224.0.0.0 (128 + 64 + 32 + 0 + 0 + 0 + 0 + 0)
240.0.0.0 (128 + 64 + 32 + 16 + 0 + 0 + 0 + 0)
248.0.0.0 (128 + 64 + 32 + 16 + 8 + 0 + 0 + 0)
252.0.0.0 (128 + 64 + 32 + 16 + 8 + 4 + 0 + 0)
254.0.0.0 (128 + 64 + 32 + 16 + 8 + 4 + 2 + 0)
255.0.0.0 (128 + 64 + 32 + 16 + 8 + 4 +2 + 1 )

Putting it all together: So now that we know our binary representation for decimal 45, we also know our binary representation for the subnet mask. Place the binary 45 above the binary 248. From here, you will apply binary AND rules to get the result. The result of this operation is the network (or subnet) address.

00101101 – 48
11111000 – 248

Tip: When you see a ‘1’ and a ‘1’, the result is ‘1’
Tip: When you see a ‘1’ and a ‘0’, the result is ‘0’
Tip: When you see a ‘0’ and a ‘0’, the result is ‘0’

The result of the above calculation is 00101000. Now you convert this back to decimal. 0 + 0 + 32 + 0 + 8 + 0 + 0 + 0 = 40, therefore, the network address is 192.168.1.40 for the IP Address 192.168.1.45 with a subnet mask of 255.255.255.248. Easy, right?

Learning the Magic Number Method

Remember when I said to learn the eight subnet mask permutations? It’s going to be very important for quickly finding subnetting answers. This method does not require you to convert decimal to binary and then back to decimal.

Let’s use the following example:
IP Address: 192.168.20.34
Subnet Mask: 255.255.255.224

First, lay out the eight permutations again:
128 192 224 240 248 252 254 255

Next, lay out the octet placeholder values:
128 64 32 16 8 4 2 1

Let me also mention that the tips regarding ‘255’ or ‘0’ in the subnet mask still apply to figuring out the network address.

So, with what we know up to this point, we have the network address as 192.168.20.something. The something in this case is our interesting octet as well. The subnet mask is where we will focus our attention. Notice that the fourth octet in the subnet mask is ‘224’? Now look at what place this is in with regards to an octet, in this case the third place from the left. We always work from left to right, the most significant bit (MSB) to least significant bit (LSB). The third value of the octet is ’32’, so in a zero-based network (the router uses the ‘0’ subnet), you would have:

0
32
64
96

256

Basically, you start with ‘0’ and count in intervals from your ‘magic number’. The magic number is the value of the placeholder where your subnet mask is. You are looking for the number before the interesting octet value of the IP Address, in this case ’34’, and the value after. So in this case, ’34’ is between ’32’ and ’64’, therefore our Network Address is 192.168.20.32.
If you are on a test and forget your octet values, you can simply deduct the value of the subnet octet from 256. The reason you use 256 is because there are 256 possible values including zero. In our example, 256 – subnet octet value of 224 = 32. This is our magic number and also the number you increment by. See, the magic number method is tons easier and much faster, especially when you are sitting for a networking certification!

Practice Questions

Decimal to Binary Conversions
23
223
255
123
12

Binary to Decimal Conversions
00100010
11111111
10101010
11010110
11001100

Binary AND Operations
11010110
11101010

10101010
11110101

10100111
11010110

11010101
10111011

11000011
11111100

Find the Network Address

IP Address: 192.168.1.234
Subnet Mask: 255.255.255.0

192.168.168.23
255.255.255.128

172.10.10.123
255.255.0.0

10.25.123.47
255.0.0.0

10.10.20.30
255.255.255.252

Using Local SPAN to Troubleshoot and Resolve Problems

A Switched Port Analyzer, or SPAN, is a way that you can monitor traffic. Back when networks used hubs, all traffic was visible because a hub just repeated the traffic out every port except the one it came in on. When switches were introduced, SPAN functionality was introduced to accommodate.

It is common to set a SPAN port up to a device with Wireshark to analyze network traffic. If you are going to monitor the traffic from a single management workstation, you will need two network interfaces cards (NIC) since SPAN traffic is not able traverse the same line as data. If you are only using the management station to monitor the traffic, you can use the single NIC. SPAN actually copies the data from one port to another that you specify. You can monitor egress traffic, ingress traffic, or a combination of the two.

Configure

When you configure a SPAN session, your source and destination ports cannot be the same. You will configure the source, what you want to monitor, to a destination interface, where you will monitor. The following is an example of the syntax you would use to configure a SPAN session.

Switch#configure terminal
Switch(config)#monitor session session-id source interface-id
Switch(config)#monitor session session-id destination interface-id

Verify

Switch#show monitor

ICMP Echo-Based IP SLA

Internet Control Message Protocol (ICMP) is a commonly used utility to test Layer 3 connectivity between devices. A Service Level Agreement (SLA) is a target that must be met; there is no set criteria for an SLA. ICMP echo-based IP SLA is a way to monitor end-to-end response time between Cisco devices using IPv4 or IPv6. According to Cisco, “Response time is computed by measuring the time taken between sending an ICMP Echo request message to the destination and receiving an ICMP Echo reply.” Using IP SLA ICMP echo to test far-end devices is much more practical than pinging manually.

Configure

Router#configure terminal
Router(config)#ip sla operation-number
Router(config-ip-sla)#icmp-echo {destination-ip-address | destination-hostname} [source-ip {ip-address | hostname} | source-interface interface-name
Router(config-ip-sla-echo)#frequency 300
Router(config-ip-sla-echo)#end

The ‘ip sla operation-number’ begins configuration for an IP SLA operation and enters IP SLA configuration mode. Icmp-echo defines an ICMP Echo operation and enters IP SLA ICMP Echo configuration mode.  The frequesncy sets the rate at which a specified IP SLAs operation repeats.

Verify

You can verify the IP SLA configuration with the following show commands.

show ip sla configuration
show ip sla statistics

Reference


https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipsla/configuration/15-mt/sla-15-mt-book/sla_icmp_echo.html

CCNA ICND2 Study Guide, 3rd Edition by Todd Lammle