Variable length sub_net masks


 

 

 

 

 

Introduction

The previous web page on IP addressing describes how a large organisation can utilise the techniques of subnetting and supernetting, in order to create a number of subnetworks of different sizes.

This web page describes the creation of these subnetworks in a different way, but with the same results.

 

VLSM - the first step

As in the previous page, consider an organisation that has been allocated the class B network address of

134.36.0.0

As with all class B networks, this provides for the unique identification of 65,534 computers.

On earlier web pages, it was also shown how a class B network address appeared, when shown in classless dotted decimal notation.

So in classless notation, the network IP address is

134.36.0.0/16

with the /16 showing that the bit mask has 16 1`s in it, ie,

11111111 11111111 00000000 00000000

Now consider what is the size required for the largest subnetwork required within the same organisation as before.

It was seen that the Central Administration sub-net is typical of the largest size required, and this size of sub-net is required to provide 1022 unique computer id`s.

The sub-net mask for this is

11111111 11111111 11111100 00000000

and expressing this in classless notation, this is

255.255.252.0/22

So as a first step, the incoming address 134.36.0.0/16 is divided up into sub-network addresses of 134.36.xxx.0/22, and in fact there are 64 valid addresses of this type.

To see how these are produced, it is neccessary to look at the various addresses in binary form, so as a start, the network class B address of 134.36.0.0/16 is

10000110 00100100 00000000 00000000

Now apply the bit mask corresponding to /22

11111111 11111111 11111100 00000000

The result is the series of network addresses

10000110 00100100 000000-----00 00000000

10000110 00100100 000001-----00 00000000

10000110 00100100 000010-----00 00000000

10000110 00100100 000011-----00 00000000

10000110 00100100 000100-----00 00000000

etc, up to

10000110 00100100 111110-----00 00000000

10000110 00100100 111111-----00 00000000

The network addresses in classless dotted decimal notation produced by this process are

134.36.0.0/22

134.36.4.0/22

134.36.8.0/22

134.36.12.0/22

134.36.16.0/22

etc, up to

134.36.248.0/22

134.36.252.0/22

So now the original class B network address has been divided up in to 64 of /22 type sub-networks, each of which can uniquely identify 1022 computers.

 

VLSM - the next step

So now having produced these 64 sub-networks, a decision has to be made as to how many of them are required, and how many can be divided up into smaller sub-networks.

If the descision is made that only three sub-networks are required that can provide up to 1022 unique computer id`s, then the other 61 can each be sub-divided up into smaller sub-networks.

So for example, it could be decided that the following sub-networks

134.36.4.0/22

134.36.64.0/22

134.36.80.0/22

are to be left as they are. All the others are to be divided up to form sub-networks capable of providing 254 unique computer id`s.

So using the sub-network with the address 134.36.8.0/22 as an example, this sub-division is done as follows -

The binary address for this sub-network is

10000110 00100100 000010-----00 00000000

and the bit mask for a sub-network to provide 254 unique conputer id`s is

11111111 11111111 11111111 00000000

Now combine the two, and the result is the series of addresses

10000110 00100100 00001000 00000000

10000110 00100100 00001001 00000000

10000110 00100100 00001010 00000000

10000110 00100100 00001011 00000000

or in classless dotted decimal notation

134.36.8.0/24

134.36.9.0/24

134.36.10.0/24

134.36.11.0/24

And since the bit mask of

11111111 11111111 11111111 00000000

is in dotted decimal notation

255.255.255.0

these are actually class C sub-networks, so the /24 suffix can be dropped, leaving the sub-networks with the addresses of

134.36.8.0

134.36.9.0

134.36.10.0

134.36.11.0

And this applies to all the other sub-networks which are divided up in the same way, so the organisation ends up with

  • 3 of subnetworks that can specify 1022 unique computer id`s

  • 244 of subnetworks that can specify 254 unique computer id`s

Finally, this process of dividing up a network into sub-networks, and then dividing up the sub-networks into smaller sub-networks is called Recursive Division.

And it can be done more than twice, in theory there can be up to 29 successive divisions done, depending on what type of network was originally allocated. However more than two or three layers is unlikely to be required in practice.

 

Forbidden sub-network addresses

There is some documentation around that suggests that there are two sub-network addresses that should not be used - they are

  • sub-network number zero - this is because this address is the same as the address of the parent network, and so is not distinguishable from it. This can cause problems in some devices.

  • the sub-network with all 1`s in the address portion of the least significant octet - this is because some devices confuse this address with broadcast messages.

However more recent documentation suggests this problem no longer exists, so it appears to depend on the age of the devices attached to the network.

 


© 2001 Ron Turner


Return to the IP protocol home page