When didviding up a netblock into subnets of different sizes to fit different groups of hosts it is important to be sure that if a particular subnet space is being used by one network, that it can not be used by another. An example. You have 64.64.4.0/22 (which is 1024 ip addresses from 64.64.4.0 to 64.64.7.255). You want to subnet it into 2 subnets which can support 200 hosts, and 3 subnets which can support 100 hosts, and 7 point to point subnets that can support 2 hosts each.
So we build a tree. We know we can split the /22 into to /23 networks.
64.64.4.0/22 / \ 64.64.4.0/23 64.64.6.0/23 Original netblock 64 64 4 0 01000000 . 01000000 . 000001 | 00 . 00000000 = 64.64.4.0/22 Split into two subnets each half the size. old -\ /- new netmask 01000000 . 01000000 . 000001 | 0 | 0 . 00000000 = 64.64.4.0/23 01000000 . 01000000 . 000001 | 1 | 0 . 00000000 = 64.64.6.0/23 So at /22 level /23 level 64.64.4.0/22 <- original address space 64.64.4.0/23 <- usable subnet 64.64.6.0/23 <- usable subnetBut /23 is still too big. A /23 supports 512 addresses, so we split each /23 into /24's
64.64.4.0/22
/ \
64.64.4.0/23 64.64.6.0/23
/ \ / \
64.64.4.0/24 64.64.5.0/24 64.64.6.0/24 64.64.7.0/24
Original netblock
64 64 4 0
01000000 . 01000000 . 0000010 | 0 . 00000000 = 64.64.4.0/23
Split into two subnets each half the size.
old -\ /- new netmask
01000000 . 01000000 . 0000010 | 0 | . 00000000 = 64.64.4.0/24
01000000 . 01000000 . 0000010 | 1 | . 00000000 = 64.64.5.0/24
Original netblock
64 64 6 0
01000000 . 01000000 . 0000011 | 0 . 00000000 = 64.64.6.0/23
Split into two subnets each half the size.
old -\ /- new netmask
01000000 . 01000000 . 0000011 | 0 | . 00000000 = 64.64.6.0/24
01000000 . 01000000 . 0000011 | 1 | . 00000000 = 64.64.7.0/24
/22 level /23 level /24 level
64.64.4.0/22 <- original address space
64.64.4.0/23 <- not usable since it is parent of the 2 /24's below
64.64.4.0/24 <- we will use this one
64.64.5.0/24 <- we will use this one
64.64.6.0/23 <- STILL USABLE
64.64.6.0/24
64.64.7.0/24
Now we have 4 /24's. We need two assign to the two subnets we need
that support 200 hosts. Lets choose 64.64.4.0/24 and 64.64.5.0/24.
From our original requirements:
2 networks of 200 hosts (/24's) 64.64.4.0/24 64.64.5.0/24 3 networks of 100 hosts (/25's) ? ? ? 7 point to point networks of two hosts (/30's) ? ? ? ? ? ? ? Available space 64.64.6.0/23So we no longer can subnet these /24s. But we can still subnet 64.64.6.0/24 and 64.64.7.0/24. We need still need three subnets that can support 100 hosts (those would be /25's) So lets split 64.64.6.0/23 into 4 /25's by spilting it into two /24's first, and then each /24 into two /25's. We already (on the right hand side of the tree above) have split 64.64.6.0/23 into two /24's, so lets continue:
64.64.6.0 /23
/ \
64.64.6.0 64.64.7.0 /24
/ \ / \
64.64.6.0 64.64.6.128 64.64.7.0 64.64.7.128 /25
Original netblock
64 64 6 0
01000000 . 01000000 . 00000110 . | 00000000 = 64.64.6.0/24
Split into two subnets each half the size.
old -\ /- new netmask
01000000 . 01000000 . 00000110 . | 0 | 0000000 = 64.64.6.0/25
01000000 . 01000000 . 00000111 . | 1 | 0000000 = 64.64.6.128/25
64 64 7 0
01000000 . 01000000 . 00000111 . | 00000000 = 64.64.7.0/24
Split into two subnets each half the size.
old -\ /- new netmask
01000000 . 01000000 . 00000111 . | 0 | 0000000 = 64.64.7.0/25
01000000 . 01000000 . 00000111 . | 1 | 0000000 = 64.64.7.128/25
/23 level /24 level /25 level
64.64.6.0/23
64.64.6.0/24 <- Not usable since it is parent of two below
64.64.6.0/25 <- we will use this one
64.64.6.128/25 <- we will use this one
64.64.7.0/24 <- Not usable since it is parent of one of two below
64.64.7.0/25 <- we will use this one
64.64.7.128/25 STILL USABLE
Now we assign 64.64.6.0, 64.64.6.128, and 64.64.7.0 as our /25's.
The only unassigned space in the tree is now 64.64.7.128/25.
Our assigned space looks like
2 networks of 200 hosts (/24's) 64.64.4.0/24 64.64.5.0/24 3 networks of 100 hosts (/25's) 64.64.6.0 64.64.6.128 64.64.7.0 7 point to point networks of two hosts (/30's) ? ? ? ? ? ? ? Available space 64.64.7.128/25Here we would continue the tree, spliting the remaining /25 into two /26's, then 4 /27's, then 8 /28's then 16 /29's, then 32 /30's.
/25 level /26 level /27 level /28 level /29 level /30 level 64.64.7.128/25 64.64.7.128/26 <- not usable 64.64.7.128/27 <- not usable 64.64.7.128/28 <- not usable 64.64.7.128/29 <- not usable 64.64.7.128/30 <- use 64.64.7.132/30 <- use 64.64.7.136/29 <- not usable 64.64.7.136/30 <- use 64.64.7.140/30 <- use 64.64.7.144/28 <- not usable 64.64.7.144/29 <- not usable 64.64.7.144/30 <- use 64.64.7.148/30 <- use 64.64.7.152/29 <- not usable 64.64.7.152/30 <- use 64.64.7.156/30 <- USABLE 64.64.7.160/27 <- USABLE 64.64.7.160/28 64.64.7.160/29 64.64.7.160/30 64.64.7.164/30 64.64.7.168/29 64.64.7.168/30 64.64.7.172/30 64.64.7.176/28 64.64.7.176/29 64.64.7.176/30 64.64.7.180/30 64.64.7.184/29 64.64.7.184/30 64.64.7.188/30 64.64.7.192/26 USABLE 64.64.7.192/27 64.64.7.192/28 64.64.7.192/29 64.64.7.192/30 64.64.7.196/30 64.64.7.200/29 64.64.7.200/30 64.64.7.204/30 64.64.7.208/28 64.64.7.208/29 64.64.7.208/30 64.64.7.212/30 64.64.7.216/29 64.64.7.216/30 64.64.7.220/30 64.64.7.224/27 64.64.7.224/28 64.64.7.224/29 64.64.7.224/30 64.64.7.228/30 64.64.7.232/29 64.64.7.232/30 64.64.7.236/30 64.64.7.240/28 64.64.7.240/29 64.64.7.240/30 64.64.7.244/30 64.64.7.248/29 64.64.7.248/30 64.64.7.252/30Since we have assigned these 7 /30's we can not use any of the /29's or /28's or /27's or /26's that contain them. If we want to account for remaining usable IP address space we have to choose the largest subnets that are not parents of the used space.
That would be 64.64.7.156/30, 64.64.7.160/27 and 64.64.7.192/26.
Special IP networks and addresses: 127.0.0.0/8 - loopback network. All datagrams sent to hosts on this network should immediately show up back at the sending host 255.255.255.255 - non- directed broadcast address, to all hosts on the network whatever the network might be.
IP and IP addressing
Some links
As you review the above links, do remember that the old class A is the same as /8 and the old class B is the same as /16 and the old class C is the same as /24
review of ip addressing for each of these addresses figure out what network is it on what is the dotted quad netmask what is the range of available addresses on this network what is the directed broadcast address 131.94.135.34/27 - address decimal 131 . 94 . 135 . 34 netmask - 27 ones 11111111 11111111 11111111 11100000 netmask dotted quad decimal 255 . 255 . 255 . 224 address binary 10000011 . 01011110 . 10000111 . 00100010 netmask 11111111 11111111 11111111 11100000 network 131.94.135.32/27 10000011 . 01011110 . 10000111 . 00100000 broadcast 131.94.135.63/27 10000011 . 01011110 . 10000111 . 00111111 hosts range 131.94.135.33-62 10000011 . 01011110 . 10000111 . 001xxxxx 64.18.209.45/20 address decimal 64 . 18 . 209 . 45 netmask - 20 ones 11111111 11111111 11110000 00000000 netmask dotted quad decimal 255 . 255 . 240 . 0 address binary 01000000 . 00010010 . 11010001 . 00101101 netmask - 11111111 11111111 11110000 00000000 network 64.18.208.0/20 01000000 . 00010010 . 11010000 . 00000000 broadcast 64.18.223.255 01000000 . 00010010 . 11011111 . 11111111 host range 64.18.208-223.X 01000000 . 00010010 . 1101xxxx . xxxxxxxx 200.45.61.79/22 address decimal 200 . 45 . 61 . 79 netmask - 22 ones 11111111 11111111 11111100 00000000 netmask dotted quad decimal 255 . 255 . 252 . 0 address binary 11001000 . 00101101 . 00111101 . 01001111 netmask - 11111111 11111111 11111100 00000000 network 200.45.60.0 11001000 . 00101101 . 00111100 . 00000000 broadcast 200.45.63.255 11001000 . 00101101 . 00111111 . 11111111 host range 200.45.60-63.X 11001000 . 00101101 . 001111xx . xxxxxxxx
A station on an IP network can have 1 or more physical interfaces. These can be Ethernet, or other types of layer 2 interfaces.
Each interface has the following properties
1. An IP address 2. A netmask which defines the network vs the host portion of the IP addressWhen the station wants to send a IP datagram, it pays attention to the destination address (and only the destination address).
For each interface the the hosts has:
It will determine the network that the interface connects to. This will tell it the range of ip addresses that can be reached directly from each interface
It will then look to see if the destination address is is within the networks that are available via directly connected interfaces. If so, then it will send the IP packet out that interface. If not, it will refer to the routing table. If there is a route for a network which contains the destination IP address it will send it to the specified next hop. If there is no route the the network it will look for a default route and deliver the packet to the next hop of the default route. Example:
you have a station with 3 interfaces: Interface 1: Address 131.94.1.1/24 (ie netmask = 255.255.255.0) Interface 2: Address 131.94.2.129/26 (ie netmask = 255.255.255.192) Interface 3: Address 131.94.2.1/26 (ie netmask = 255.255.255.192) If the station wants to send a packet to 131.94.2.2 it will: 1. See if 131.94.2.2 is on the network connected to interface 1 (131.94.1.1/24) It is not. 2. See if 131.94.2.2 is on the network connected to interface 2 (131.94.2.129/26) It is not. 3. See if 131.94.2.2 is on the network connected to interface 3 (131.94.2.1/26) It is. So it will send it out that interface. for interface 1 range of addresses is 131.94.1.0-255 destination 131.94.2.2 is not in that range for interface 2 range of addresses is 131.94.2.128-191 destination 131.94.2.2 is not in that range interface 3 range of addresses is 131.94.2.0-63 destination 131.94.2.2 is that range If the destination address does not match any of the networks directly connected to the station then the station will refer to its routing table. The routing table contains destination networks/netmasks, and the IP address of a host which is on a connected network to deliver the datagram to, to reach the destination. This is the NEXT HOP. The datagram is sent to the next hop. If no address range defined by a destination/netmask is found in the routing table, then we look for a default route. If we find one, the packet is delivered to the default router. If there is not default route at this point... Then the packet can not be delivered. Example: You have a station with 3 interfaces Interface name Address and netmask eth0 192.168.1.1/24 eth1 192.168.2.1/25 eth2 192.168.2.129/25 And a routing table of Network netmask nexthop 192.168.3.0 255.255.255.0 192.168.1.100 192.168.4.128 255.255.255.128 192.168.2.50 default 192.168.2.150 You will want to compute the ranges for each interface as above eth0 = network 192.168.1.0/24 directed broadcast = 192.168.1.255/24 host range = 192.168.1.1-254 eth1 = network 192.168.2.0/25 directed broadcast = 192.168.2.127/25 host range = 192.168.2.1-126 eth2 = network 192.168.2.128/25 directed broadcast = 192.168.2.255/25 host range = 192.168.2.129-254 Then also compute the range for each network in the routing table: 192.168.3.0 255.255.255.0 = 192.168.3.0/24 network 192.168.3.0/24 directed broadcast = 192.168.3.255/24 range = 192.168.3.1-254 host in this range go to nexthop 192.168.1.100 which falls into the range for eth0 (host range = 192.168.1-254) so to send to this network you would go out eth0 192.168.4.128 255.255.255.128 = 192.168.4.0/25 network 192.168.4.128/25 directed broadcast = 192.168.4.255/25 range = 192.168.4.129-254 host in this range go to nexthop 192.168.2.50 which falls into the range for eth1 (host range = 192.168.2.1-126) so to send to this network you would go out eth1 Any other address will go out the default route, 192.168.2.150 which falls in the range of eth2 (192.168.2.129-254) so all others go out eth2 Which interface would a packet going to 192.168.1.77 go out? eth0 Which interface would a packet going to 192.168.4.200 go out? eth1 Which interface would a packet going to 67.32.1.1 go out? eth2
ARP protocol
ARP protocol RFC 826 Kind of a layer 3 protocol. But really used to tie layer 3 (IP) addresses to layer 2 (Ethernet addresses) Ethernet II type field of 0x0806 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | hardware type (0001=ethernet) | protocol type (0x0800=IP) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | hw size | proto size | arp type (1=request 0=reply) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | sender hardware address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | sender hardware address (cont)| sender protocol address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | sender protocol address (cont)| target hardware address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | target hardware address (cont) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | target protocol address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+When a station determines that an an IP destination address is on a directly connected Ethernet network it will:1. Check to see if it has the IP address to Ethernet address stored in its ARP cache. If so, if puts the IP packet into a appropriately addressed Ethernet frame and sends it.
2. If it is not in the arp cache, it will send out a ARP request to the broadcast Ethernet address asking all hosts what is the Ethernet address of the destination IP address.
3. The host with the destination IP address should see the broadcast ARP and send back a ARP reply to the station that made the request. The reply will contain the Ethernet address of the destination
4. The sending station will put this information into its arp cache and then use it just like in step 1 above.
The information in the ARP cache should time out (operating system dependent on how long data remains in cache, usually 5 minutes or less.)
You can use the arp command on windows or linux to view and manipulate the arp table.
Hosts can lie about their IP<->Ethernet mapping
On some systems you can use the publish option which allows the system to answer ARP requests for IP addresses other than their own. This is called Proxy ARP.
A station can have destination IP<->Ethernet mapping manually entered to force the stations to always think that IP is at a specific MAC address. arp -s hostname hw_addr
If a station wants to send a packet to a IP address that is not on a directly connected network it will have to review its routing table to find the next hop to the destination address (and it may be the default route) The next hop will be on a directly connected network.
Once it has found the next hop it will then proceed with step one above (check the arp cache, and issue an arp request for the next hop if needed)