Finding what's after the slash

Harold Pritchett harold at uga.edu
Thu May 11 21:29:26 UTC 2000 

augusto bott wrote:
> 
> Hi Gurus!
> 
> I've seen lots of messages, texts and pages around and was trying to figure
> out how one can know what to write after a slash ("/") on a subnet...

Let me take a shot at this.  If I'm wrong, I'm sure someone will let me
know.  

First, the number after the slash is the number of 1 bits in the subnet
mask.  This tells us how many bits of the IP address must match exactly
to be considered to be in this subnet.  These bits must be consecutive
and start from the left end of the address.

An IP address is 32 bits long.  It is usually written as four decimal
numbers between 0 and 255 separated by dots, but really its a 32 
bit binary number.  In my examples below, I'll write each of the
four decimal numbers as an eight bit binary number.

The number of addresses in the particular subnet can be obtained by
subtracting the number of bits in the subnet mask from 32.  So, for
a standard class B network, with a subnet mask of 16, there are 16 bits
in the address part as well.  For the example below of 10.1.1.0/26, 
there are 32 - 26 or 6 bits in the subnet address part.  This gives us
2**6 or 64 unique addresses in this subnet.  

We can also see that the number of addresses in a subnet MUST be a power
of two.  
 
> like, for instance, 10.1.1.0/26 meaning ip's from 10.1.1.1 untill 10.1.1.50
> (is this statement correct?)

Actually, the addresses are as follows:

write the IP address and Subnet mask (26 bits) as binary numbers:

     00001010 00000001 00000001 00000000  or 10.1.1.0
     11111111 11111111 11111111 11000000  26 consecutive 1 bits

now, where there is a 1 on the second line, we must use the value
from the first line.  Where there is a zero, it doesn't matter
Therefore, the possible low and high addresses are:

     00001010 00000001 00000001 00000000  or 10.1.1.0
and  00001010 00000001 00000001 00111111  or 10.1.1.63
 
> i.e., for a net like 192.168.2.45 untill 192.168.2.221 it would be what?
> Thanks...

First, lets write these two numbers as binary

     11000000 11100000 00000010 00101101  or 192.168.2.45
     11000000 11100000 00000010 11011101  or 192.168.2.221

as you can see above, the last place the two addresses match
exactly is at the 24th bit.  The only subnet mask you can use
which will put these two addresses in the same subnet is
192.168.2.0/24 and this will include all addresses from 192.168.2.0
through 192.168.2.255.

A final example might be of value.  What addresses are in the subnet
172.18.248.160/28?  First, we know there must be 2**(32-28) = 16 addresses
in this subnet.  The addresses look like this:

     10101100 00010010 11111000 10100000 = 172.18.248.160
     11111111 11111111 11111111 11110000 = 28 1 bits

so our valid addresses are:

     10101100 00010010 11111000 10100000 = 172.18.248.160
     10101100 00010010 11111000 10101111 = 172.18.248.175

for a total of 16 addresses.

Finally, you can't just put any address you want in this network mask.
The network number (the part covered by the mask) must be a number
which can be written using only those bits, with the unmasked part
of the address written as zeros.

So,  172.18.248.160/28 is valid, but
     172.18.248.4/28 is not since it uses one bits in the last four
binary places...

I hope this is correct (at least it's my understanding about how this
works,) and I hope it helps...

Harold

More information about the bind-users mailing list