CSIS 3723. We need to create some logic to the environment We want to keep like devices together We want to make money leasing the use of the space.

CSIS 3723

We need to create some logic to the environment

We want to keep like devices together We want to make money leasing the use of

the space Security

When designing the Internet it was decided that not all devices would need or want to be addressable from the Internet but the will still need to communicate using the network

Because of this private address space was created

These addresses are not accessible from the Internet without the network administrator doing something to give them a Internet address (NAT)

These addresses can be accessible in your intranet (corporate space)

RFC 1918 defines these◦ 10.0.0.0 - 10.255.255.255 (10.0.0.0/8)◦ 172.16.0.0 – 172.31.255.255 (172.16.0.0/12)◦ 192.168.0.0 – 192.168.255.255 (192.168.0.0/16)

These are the IP address spaces that can be used internally in an enterprise

RFC states a “link local” block◦ 169.254.0.0 – 169.254.255.255 (169.254.0.0/16)◦ To be used when a device can not get an IP address

through DHCP Also reserves lowest Class B

◦ 128.0.0.0 -128.0.255.255 (128.0.0.0/16)◦ Not able to be used under old class system but can be

assigned to someone Also defines loop back space (RFC 1700)

◦ 127.0.0.0 – 127.255.255.255 (127.0.0.0/8)◦ Used for a machine to communicate internally

Also defines multicast address space (RFC 5771)◦ 224.0.0.0 – 239.255.255.255 (224.0.0.0/4)

So you should never use these IP address spaces!

150.134.10.0/24

150.134.10.0/24

150.134.10.10

150.134.10.30 192.168.1.12

Internet

192.168.1.0/24

What are the IP addresses for the subnet 192.168.0.0/24?

192.168.0.0 through 192.168.0.255 Anything after the 24th most significant bit

can change and be in the same subnet

11000000 10101000 00000000 00000000

11000000 10101000 00000000 11111111

We use the CIDR as a binary number Every most significant bit is a one the rest

are zero So a /24 would be:

11111111 11111111 11111111 00000000

SubnetMask

255 255 255 00000000

What would subnet mask be for /20?

11111111 11111111 11110000 00000000

255 255 240 00000000

11111111128 64 32 16 8 4 2 1

128 + 64 + 32 + 16 + 8 + 4 + 2 + 1 = 255

192 168 0 0

11000000 10101000 00000000 10001010

/24

11111111 11111111 11111111 00000000

IP Address

SubnetMask

Logical AND

11000000 10101000 00000000 00000000

Logical AND

0 00 11 01 1

0001

Bitwise AND is used. Logical AND is done on each bit between the IP address and the subnet mask. If the result matches the network it is in the same subnet

192 168 0 138

Network

DestinationAddress

Network 11000000 10101000 00000000 00000000

192 168 0 0

10010110 10000110 00001010 00011100

/24

11111111 11111111 11111111 00000000

IP Address

SubnetMask

Logical AND

10010110 10000110 00001010 00000000

150 134 10 28

11000000 10101000 00000000 00000000

Network

DestinationAddress

Network

No match different subnet

If we look at just one octet we see a pattern

Mask Binary Ratio

0 0000 0000 1:256

128 1000 0000 2:128

192 1100 0000 4:64

224 1110 0000 8:32

240 1111 0000 16:16

248 1111 1000 32:8

252 1111 1100 64:4

254 1111 1110 128:2

255 1111 1111 256:1

192 168 10 0 /24If I start with:

This is the last octet:

128 1000 0000 2:128

0 0000 0000 1:256

If we change it to:

We would get two networks:

192 168 10 0 /25

192 168 10 128 /25

Lets look at what happens when the number change in the last octet

10000000 00000001

Mask Last Octet of IP address

00010010

01011010

10010100

As long as this bit does not become a one in the IP address it is in the first subnet

First Subnet

Second Subnet

10010100

10010100

What if an ISP owns a block of IP addresses like:

ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20

If I had 8 customers that want to buy subnets how could I change the subnet mask to get 8 subnets?

11001000 00010111 00010000 00000000 200.23.16.0/20

11001000 00010111 00010000 00000000

Each place I move I get a multiple of two

11001000 00010111 00010000 00000000

To get 8 in binary I would need 3 binary numbers

1114 2 1

4 + 2 + 1 = 7 ???

We start count from zero

ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20

Organization 0 11001000 00010111 00010000 00000000 200.23.16.0/23 Organization 1 11001000 00010111 00010010 00000000 200.23.18.0/23 Organization 2 11001000 00010111 00010100 00000000 200.23.20.0/23 ... ….. …. ….

Organization 7 11001000 00010111 00011110 00000000 200.23.30.0/23

Organization 0 11001000 00010111 00010000 00000000 200.23.16.0/24 Organization 1 11001000 00010111 00010001 00000000 200.23.17.0/24 Organization 2 11001000 00010111 00010010 00000000 200.23.18.0/24 ... ….. …. ….

Organization 16 11001000 00010111 00011111 00000000 200.23.31.0/24

What if I needed 11 subnets???

ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20

We need to create 16 subnets to get 11

What if I needed subnets that can have 56 hosts???

ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20

Where can we move from the right to get a number larger the 56 ???

11111111128 64 32 16 8 4 2 1

32 + 16 + 8 + 4 + 2 + 1 = 63 (plus one for zero) is 64

Organization 0 11001000 00010111 00010000 00000000 200.23.16.0/26 Organization 1 11001000 00010111 00010000 01000000 200.23.16.64/26 Organization 2 11001000 00010111 00010000 10000000 200.23.16.128/26 ... ….. …. ….

Organization 64 11001000 00010111 00011111 11000000 200.23.31.192/26

What if I needed subnets that can have 56 hosts???

ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20

We need to create 64 subnets each having 64 IP addresses

On the subnet 200.23.16.0/26 We only get 61 usable IP address One is used for the network

◦ 200.23.16.0 not used One must be used for the router interface

on the subnet◦ 200.23.16.1 is usual used as the router IP address

but does not have to (could be 200.23.16.62 or any other host IP address)

One must be used for the broadcast address◦ Is always the last IP address in the subnet

(200.23.16.63)