Subnetwork

Creating a subnet by dividing the host identifier

A subnetwork, or subnet, is a logically visible, distinctly addressed part of a single Internet Protocol network.^[1] The process of subnetting is the division of a computer network into groups of computers that have a common, designated IP address routing prefix.

Subnetting breaks a network into smaller realms that may use existing address space more efficiently, and, when physically separated, may prevent excessive rates of Ethernet packet collision in a larger network. The subnets may be arranged logically in a hierarchical architecture, partitioning the organization's network address space (see also Autonomous System) into a tree-like routing structure. Routers are used to interchange traffic between subnetworks and constitute logical or physical borders between the subnets. They manage traffic between subnets based on the high-order bit sequence (routing prefix) of the addresses.

A routing prefix is the sequence of leading (most-significant) bits of an IP address that precede the portion of the address used as host identifier and, if applicable, the set of bits that designate the subnet number. Routing prefixes are expressed in CIDR notation, which uses the first address of a network followed by the bit-length of the prefix, separated by a slash (/) character. For example, 192.168.1.0/24 is the prefix of the IPv4 network starting at the given address, having 24 bits allocated for the network number, and the rest (8 bits) reserved for host addressing. The IPv6 address specification 2001:db8::/32 is a large network for 2⁹⁶ hosts, having a 32-bit routing prefix.

In IPv4 networks, the routing prefix is traditionally often expressed as a subnet mask, which is the prefix bit mask expressed in quad-dotted decimal representation. For example, 255.255.255.0 is the subnet mask for the 192.168.1.0/24 prefix.

All hosts within a subnet can be reached in one routing hop, implying that all hosts in a subnet are connected to the same link.

A typical subnet is a physical network served by one router, for instance an Ethernet network, possibly consisting of one or several Ethernet segments or local area networks, interconnected by network switches and network bridges) or a Virtual Local Area Network (VLAN). However, subnetting allows the network to be logically divided regardless of the physical layout of a network, since it is possible to divide a physical network into several subnets by configuring different host computers to use different routers.

While improving network performance, subnetting increases routing complexity, since each locally connected subnet must be represented by a separate entry in the routing tables of each connected router. However, by careful design of the network, routes to collections of more distant subnets within the branches of a tree-hierarchy can be aggregated by single routes. Existing subnetting functionality in routers made the introduction of Classless Inter-Domain Routing seamless.

Subnetting an IPv4 /24 CIDR block

Network addressing

Computers and devices that are participating in a network, such as the Internet each have a logical address. Usually this address is unique to each device and can either be dynamically (from a network server) or statically (by an administrator) configured. An address fulfills the functions of identifying the host and locating it on the network. It allows a device to communicate with other devices connected to the network. The most common network addressing scheme is Internet Protocol version 4 (IPv4), but its successor, IPv6 is in early deployment stages. An IPv4 address consists of 32 bits, for human readability written in a form consisting of four octets separated by full stops (dots), called dot-decimal notation. An IPv6 address consists of 128 bits.

In order to facilitate routing a data packet across multiple networks, the address is divided into two parts:

• Network prefix: A contiguous group of high-order bits that are common among all hosts within a network.
• Host identifier: The remaining low-order bits of the address that are not designated in the network prefix. This part specifies a particular device in the local network.

The network prefix may be written in a form identical to that of the address itself. In IPv4, this is called the subnet mask of the address. For example, to specify the most-significant 18 bits of an address, i.e. in binary, 11111111.11111111.11000000.00000000, one writes this as 255.255.192.0.

An alternate form of specification of the routing prefix, is to simply count the number of bits in the routing prefix and append that number to the address with a slash (/) separator:

• 192.168.0.0, netmask 255.255.0.0
• 192.168.0.0/16

This latter notation is used preferentially in Classless Inter-Domain Routing and is called CIDR notation. In IPv6 this is the only acceptable form to denote routing prefixes.

The subnetting operation

The process of subnetting involves the separation of the network and subnet portion of an address from the host identifier. This is performed by a bitwise AND operation between the IP address and the subnet prefix or bit mask. The result yields the network address, and the remainder is the host identifier.

The following example is based on IPv4 networking. The operation may be visualized in a table using binary address formats.

In IPv4, subnet masks consist of 32 bits, usually a sequence of ones (1) followed by a block of 0s. The last block of zeros (0) designate that part as being the host identifier.

Subnetting is the process of designating bits from the host portion and grouping them with the network portion. This divides a network into smaller subnets. The following diagram modifies the example by moving two bits from the host portion to the subnet number to form a smaller subnet:

Subnetting in IPv4 networks

Internet Protocol version 4 uses specially designated address formats to facilitate recognition of special address functionality. The first and the last subnets obtained by subnetting have traditionally had a special designation and, early on, special usage implications.^[2] In addition, IPv4 uses the all ones host address, i.e. the last address within a network, for broadcast transmission to all hosts on the link.

Subnet zero and the all-ones subnet

The first subnet obtained from subnetting has all bits in the subnet bit group set to zero (0). It is therefore called subnet zero. Using subnet zero for addressing was discouraged at one point due to the confusion created by having a network and subnet with the same address. According to RFC 950, "It is useful to preserve and extend the interpretation of these special (network and broadcast) addresses in subnetted networks. This means the values of all zeros and all ones in the subnet field should not be assigned to actual (physical) subnets."

The last subnet obtained from subnetting has all bits in the subnet bit group set to one (1). This is therefore called the all-ones subnet. Although it was always possible to use this subnet, RFC 950 also discouraged its use due to possible confusion with the broadcast address.

The practice of avoiding subnet zero and the all-ones subnet eventually became obsolete with RFC 1878,^[3] published in 1995. It explicitly states: "This practice is obsolete! Modern software will be able to utilize all definable networks."

Subnet and host counts

The number of subnetworks available, and the number of possible hosts in a network may be readily calculated. In the example (above) two bits were borrowed to create subnetworks, thus creating 4 (2²) possible subnets.

The RFC 950 specification reserves the subnet values consisting of all zeros (see above) and all ones (broadcast), reducing the number of available subnets by two. However, due to the inefficiencies introduced by this convention it was abandoned for use on the public Internet, and is only relevant when dealing with legacy equipment that does not implement CIDR. The only reason not to use the all-zeroes subnet is that it is ambiguous when the prefix length is not available. All CIDR-compliant routing protocols transmit both length and suffix. RFC 1878 provides a subnetting table with examples.

The remaining bits after the subnet are used for addressing hosts within the subnet. In the above example the subnet mask consists of 26 bits, leaving 6 bits for the host identifier. This allows for 64 combinations (2⁶), however the all zeros value and all ones value are reserved for the network ID and broadcast address respectively, leaving 62 addresses.

In general the number of available hosts on a subnet is 2ⁿ-2, where n is the number of bits used for the host portion of the address.

RFC 3021 specifies an exception to this rule when dealing with 31-bit subnet masks (i.e. 1-bit host identifiers). In such networks, usually point-to-point links, only two hosts (the end points) may be connected and a specification of network and broadcast addresses is not necessary.

Possible subnets within a /24 (traditional Class C) block are:

* only applicable on point-to-point links

Subnetting in IPv6 networks

The IPv6 address space design differs significantly from IPv4. The primary reason for subnetting in IPv4 was to improve efficiency in the utilization of the relatively small address space available, particularly to enterprises. No such limitations exist in IPv6, as the address space available even to end-users is large.

An IPv6 subnet always has 64 bits in its host portion. It therefore has a /64 routing prefix (the 64 most-significant bits). Although it is technically possible to use smaller subnets, they are impractical for local area networks because stateless address autoconfiguration of network interfaces (RFC 4862) requires a /64 address. IPv6 does not implement special address formats for broadcast traffic or network numbers, and thus all addresses in a subnet are valid host addresses.

The recommended allocation for an IPv6 customer site is an address space of 80 address bits (prefix /48), but it may be as small as 72 bits (/56 allocation) for a residential customer network.^[4] This provides 65,536 subnets for a site, or at least a minimum of 256 subnets for a residential network. Subnetting in IPv6 is used to route traffic between the global allocation spaces and within customer network between subnets and the larger Internet. Subnetting in IPv6 is also based on the concepts of Classless Inter-Domain Routing and the standard CIDR notation is used with IPv6 addresses.

See also

• IPv4 subnetting reference
• Classless Inter-Domain Routing
• Classful network
• Autonomous System

References

• RFC 1812 Requirements for IPv4 Routers
• RFC 917 Utility of subnets of Internet networks
• RFC 1101 DNS Encodings of Network Names and Other Type
• Blank, Andrew G. TCP/IP Foundations Technology Fundamentals for IT Success. San Francisco, London: Sybex, Copyright 2004.
• Lammle, Todd. CCNA Cisco Certified Network Associate Study Guide 5th Edition. San Francisco, London: Sybex, Copyright 2005.
• Groth, David and Toby Skandier. Network + Study Guide, 4th Edition. San Francisco, London: Wiley Publishing, Inc., Copyright 2005.

External links

• "Understanding IP Addressing - Everything You Ever Wanted To Know" (PDF). 3COM. May 2001. pp. 76 pages. http://www.3com.com/other/pdfs/infra/corpinfo/en_US/501302.pdf. "1.08 MB" 
• How to Subnet a Network
• IP Address Subnetting Tutorial
• Cisco-IP Addressing and Subnetting for New Users
• IP subnetting made easy
• Subnetworking at the Open Directory Project
• Free online program to Graphically Display IP Subnetworks