Embedded Files
Subnet addressing is a technique used to divide a larger IP network into smaller, manageable sub-networks (subnets).
This method was developed to make better use of IP address space and improve network organization.
As the Internet expanded, it became cumbersome to allocate a new network number for each new segment attached to the Internet, particularly with the increasing use of Local Area Networks (LANs) in the early 1980s.
Network administrators needed a way to manage IP addresses locally without affecting the global Internet routing infrastructure.
An IP address consists of two parts: the network portion and the host portion.
Subnetting allows network administrators to further divide the host portion into a subnet portion and a host portion (Image from the html file subnetting1.html).
Each subnet is essentially a smaller network that operates within the larger network.
Reasons for Subnetting
Efficient IP Address Use: By dividing networks into smaller subnets, we can allocate IP addresses more precisely, reducing waste.
Improved Network Performance: Subnetting can help optimize network traffic by separating different types of traffic onto different subnets. For example, separating high-bandwidth applications like video conferencing from low-bandwidth applications like email can help prevent congestion.
Enhanced Security: By creating isolated subnets, we can implement specific security measures for different network segments, enhancing overall security. For example, we can create separate subnets for different departments or functions within an organization, and then apply different security policies to each.
Simplified Network Management: Subnetting makes network management easier by breaking down large networks into smaller, more manageable units. Admins can focus their troubleshooting efforts on that specific subnet, rather than having to examine the entire network.
Scalability: Subnetting allows networks to grow and adapt to changing needs, making them more flexible and future-proof. As an organization grows, it can create new subnets to accommodate new departments, applications, or users, without having to redesign the entire network. So, no downtimes at all.
While subnetting provides flexibility, it also increases complexity and requires site-specific configurations for routers and hosts.
Historical Context of Subnetting
Initially, IP addresses were divided into classes (A, B, and C) based on the first few bits, limiting how much IP address space could be divided without manual adjustments.
Subnetting arose to address this inflexibility, allowing administrators to create subnets within an existing class-based IP address without requiring new global IP allocations.
Subnet Mask
A subnet mask is essential in subnetting, as it specifies which portion of the IP address represents the network, subnet, and host.
This mask is a 32-bit number that, when applied to an IP address, identifies the network and subnet portions by setting bits to 1.
Without the mask, routers and hosts wouldn't know how to interpret the subnet structure.
RFC 950
The concept of subnetting was formalized in RFC 950, which outlined how to implement subnetting without modifying IP address length and standardized how networks could partition their address space.
Classless Addressing
Subnetting was a precursor to Classless Inter-Domain Routing (CIDR), which allows further division of IP space beyond the original class-based limits, making IP address allocation more flexible across networks.
Implementation Cost
Subnetting requires site-specific configurations, adding complexity to local network management.
Since routers and hosts need to interpret subnet boundaries independently, administrators have to ensure correct configurations across devices.
In subnetting, particularly with a Class B address, the network administrator has flexibility over how many bits to allocate for subnetting versus hosts, as long as they stay within the limits of the address space.
When we talk about a subnetted Class B address, it originally uses the first 16 bits as the network ID. By adding an extra 8 bits to create the subnet ID, you effectively split the address into:
16 bits for the network portion.
8 bits for the subnet portion (allowing up to 28=256 subnets).
And 8 bits for the host portion (giving 28−2= 254 usable hosts per subnet).
However, this division is flexible. If the administrator needs more or fewer subnets, they can adjust the number of bits dedicated to the subnet portion. For instance:
If they allocate 9 bits for the subnet ID instead of 8, they could have up to 512 subnets (with fewer hosts per subnet).
If they use only 6 bits for the subnet ID, they would have fewer subnets (64 subnets), but more hosts per subnet.
The beauty of subnetting is that it allows the administrator to customize the address layout to meet specific requirements.
OVERVIEW OF THE NETWORK DIAGRAM IN SUBNETTING
The diagram represents a Class B IP network subdivided into smaller subnets, connected to the internet through a site border router.
Here, the network administrator has created two distinct internal subnets, which are 128.32.1.x and 128.32.2.x, within the larger 128.32.x.x address space.
This design is an example of subnetting, where a larger network is split into smaller, more manageable segments. Let’s explore the key components and their functions:
IP Address Range (128.32.x.x):
The IP range 128.32.x.x belongs to a Class B network.
In a Class B setup, the default subnet mask is 255.255.0.0, meaning the network portion typically occupies the first two octets (128.32), and the last two octets are available for host addresses.
Subnet Mask (255.255.255.0):
Here, a more restrictive subnet mask of 255.255.255.0 is used.
This makes the first three octets (128.32.1 or 128.32.2) the network portion, leaving only the fourth octet for host addresses.
This change effectively breaks down the larger network into smaller subnets. Each subnet can host up to 254 devices (since two addresses are reserved for network and broadcast purposes).
Two Subnets: 128.32.1.x and 128.32.2.x:
Subnet 128.32.1.x: This subnet includes all addresses from 128.32.1.1 to 128.32.1.254.
It is assigned to the left-hand LAN segment in the diagram ABOVE.
Devices in this subnet can communicate within it and with other subnets via the router.
Subnet 128.32.2.x: This subnet contains addresses ranging from 128.32.2.1 to 128.32.2.254. It is assigned to the right-hand LAN segment.
This separation can be useful for logical organization or security reasons, as traffic between these two subnets can be managed and controlled.
SITE BORDER ROUTER
Interfaces and IP Assignments
The site border router has multiple interfaces that connect to both the internet and the internal subnets.
Internet Interface (137.164.23.30): The router connects to the internet through this external IP. This address allows outbound and inbound traffic for the entire 128.32.x.x network.
Internal Subnet Interfaces (128.32.1.1 and 128.32.2.9): Internally, the router uses 128.32.1.1 to connect to subnet 128.32.1.x and 128.32.2.9 to connect to subnet 128.32.2.x.
These IPs act as gateways for each subnet, enabling devices in each segment to communicate with each other and with external networks.
Traffic Management
The site border router directs all traffic between the internal network and the internet.
For example, if a device in subnet 128.32.1.x needs to access the internet, it sends the request to 128.32.1.1, which then forwards it through the internet interface (137.164.23.30).
The router also manages traffic between subnets.
If a device on 128.32.1.x needs to communicate with a device on 128.32.2.x, the data goes through the router, which forwards it appropriately.
This setup allows the administrator to control and monitor traffic flow between subnets.
KEY BENEFITS OF THIS SETUP
Efficient IP Addressing
Using 255.255.255.0 as the subnet mask allows the Class B network 128.32.x.x to be split into 256 smaller subnets, with each subnet capable of hosting up to 254 devices. This avoids IP wastage and allows for a structured, hierarchical IP address allocation.
Traffic Isolation and Security
Each subnet operates as a distinct network segment. This isolation can improve security, as policies can be applied at the router to limit or monitor traffic between subnets. For example, departments or teams can be assigned different subnets, with access controls applied as needed.
Centralized Management
The site border router provides centralized management of all internal and external traffic, acting as a gatekeeper. This allows the network administrator to enforce security policies, control bandwidth usage, and monitor data flows more effectively.
SUMMARY
This network architecture represents a scalable and efficient design using subnetting within a Class B address space.
The subnet mask 255.255.255.0 allows for multiple smaller networks under 128.32.x.x, each managed by a centralized site border router.
By splitting the network into smaller subnets, the administrator achieves efficient IP usage, improves traffic control, and enhances security, making this setup suitable for large organizations with various departments or security needs.
SUBNET MASKS
A subnet mask is a 32-bit number that divides an IP address into a network portion and a host portion.
This is essential for routing traffic within a network or across networks.
Binary Structure: A subnet mask consists of a sequence of 1 bits followed by 0 bits. The 1 bits represent the network portion, while the 0 bits represent the host portion.
For example, in 255.255.255.0, the first 24 bits are 1s, signifying the network portion, and the remaining 8 bits are 0s, signifying the host portion.
Representation
Dotted-Decimal Notation: The subnet mask is often represented in the same dotted-decimal format as an IPv4 address (e.g., 255.255.255.0).
Prefix Length (CIDR Notation): The shorthand or CIDR (Classless Inter-Domain Routing) notation represents the number of 1-bits in the subnet mask. For example, /24 corresponds to the subnet mask 255.255.255.0.
To understand how we get to /24, we break down the subnet mask into its binary representation:
255.255.255.0 is written as 11111111.11111111.11111111.00000000 in binary.
The bits with a value 1 (meaning the first 24 bits) represent the network portion of the address, and the remaining bits with value 0(the last 8 bits) represent the host portion.
The /24 in CIDR notation simply counts the number of 1-bits in the subnet mask, which is 24, giving us the /24 shorthand.
This concise format is commonly used in networking because it clearly indicates how many bits are allocated for the network portion of the address, helping to quickly determine the size of the network and the range of available host IPs.
Subnetting and Address Allocation
Network Portion: The 1-bits in the subnet mask lock down the network part of the IP address, ensuring all addresses in that network share this section.
Host Portion: The 0-bits leave space for unique addresses for each device within that subnet. The more 0 bits, the more hosts a subnet can accommodate.
Different subnet masks enable administrators to create subnets with varying sizes, optimizing IP address usage and organizing network traffic more efficiently.
How Masks are Applied
A subnet mask is often assigned to routers and hosts to define their respective network boundaries.
When devices communicate within the same subnet, they interact directly.
Communication outside the subnet goes through a router to be forwarded appropriately.
Configuration: Subnet masks can be assigned dynamically (using DHCP):
Or manually (static configuration on your computer after joining the network):
Improved Table with Detailed Annotations
Here’s a more detailed table showing examples of subnet masks in various formats, with explanations of each prefix length and its implications for network and host portions:
If that image is not clear, here's the html:
Let’s break down each row of the table, which illustrates Classless Inter-Domain Routing (CIDR).
Row 1: /1
Dotted-Decimal Representation: 128.0.0.0
Shorthand (Prefix Length): /1
Binary Representation: 10000000 00000000 00000000 00000000
The first bit of the 32-bit IP address is used as the network portion, and the remaining 31 bits are used for the host portion.
Number of Hosts per Subnet: ~2 billion
This row represents a very large network with only one network bit and 31 host bits. It can accommodate a massive number of hosts, making it suitable for large-scale networks.
Row 2: /8
Dotted-Decimal Representation: 255.0.0.0
Shorthand (Prefix Length): /8
Binary Representation: 11111111 00000000 00000000 00000000
Network Bits: 8
Host Bits: 24
Number of Hosts per Subnet: 16,777,214
This row represents a smaller network with 8 network bits and 24 host bits. It can accommodate a significant number of hosts, making it suitable for medium-sized networks.
Row 3: /10
Dotted-Decimal Representation: 255.192.0.0
Shorthand (Prefix Length): /10
Binary Representation: 11111111 11000000 00000000 00000000
Network Bits: 10
Host Bits: 22
Number of Hosts per Subnet: 4,194,302
This row represents a network with 10 network bits and 22 host bits.
It can accommodate a large number of hosts, making it suitable for medium to large-sized networks.
Row 4: /16
Dotted-Decimal Representation: 255.255.0.0
Shorthand (Prefix Length): /16
Binary Representation: 11111111 11111111 00000000 00000000
Network Bits: 16
Host Bits: 16
Number of Hosts per Subnet: 65,534
This row represents a network with 16 network bits and 16 host bits. It can accommodate a moderate number of hosts, making it suitable for smaller networks.
Row 5: /23
Dotted-Decimal Representation: 255.255.254.0
Shorthand (Prefix Length): /23
Binary Representation: 11111111 11111111 11111110 00000000
Network Bits: 23
Host Bits: 9
Number of Hosts per Subnet: 510
This row represents a small network with 23 network bits and 9 host bits. It can accommodate a limited number of hosts, making it suitable for very small networks or specific use cases.
Row 6: /26
Dotted-Decimal Representation: 255.255.255.192
Shorthand (Prefix Length): /26
Binary Representation: 11111111 11111111 11111111 11000000
Network Bits: 26
Host Bits: 6
Number of Hosts per Subnet: 62
This row represents a very small network with 26 network bits and 6 host bits. It can accommodate a very limited number of hosts, making it suitable for specific use cases with minimal host requirements.
Row 7: /32
Dotted-Decimal Representation: 255.255.255.255
Shorthand (Prefix Length): /32
Binary Representation: 11111111 11111111 11111111 11111111
Network Bits: 32
Host Bits: 0
Number of Hosts per Subnet: 1 (only the specified address)
This row represents an individual host with all 32 bits used for the network address. It's used for specific scenarios where only a single IP address is needed.
Subnet masks are used by routers and hosts to divide an IP address into two parts: the network/subnetwork portion and the host portion.
The network/subnetwork portion helps identify which network or subnetwork the IP address belongs to.
The host portion identifies a specific device (host) on that network or subnetwork.
A bit set to 1 in the subnet mask indicates that the corresponding bit in the IP address is part of the network/subnetwork portion.
A bit set to 0 in the subnet mask means that the corresponding bit in the IP address is part of the host portion.
For example:
IP Address: 128.32.1.14
Subnet Mask: 255.255.255.0
When you're subnetting an IP address, the /24 (known as CIDR notation) refers to the number of bits in the subnet mask that are set to 1, which defines the network portion of the address.
When the subnet mask 255.255.255.0 is applied to the IP address:
The first three octets (128.32.1) are considered the network portion.
The last octet (14) represents the host portion.
This separation helps routers decide how to forward datagrams across networks.
Key Points on IP Addressing and Subnet Masks
Bitwise AND with Subnet Mask
When an IP address is combined with a subnet mask, each bit in the address is ANDed (compared) with the corresponding bit in the subnet mask.
For the result to be 1, both bits must be 1 in the address and the mask.
Example
In the example, the IP address 128.32.1.14 is in the subnet 128.32.1.0/24. The subnet mask /24 means the first 24 bits are used for the network portion. The AND operation shows that 128.32.1.14 belongs to the network 128.32.1.0.
Role of the Border Router
The border router uses the subnet mask to determine which subnet the destination address belongs to. In this case, it checks that the IP 128.32.1.14 belongs to the subnet 128.32.1.0/24.
Routing Outside the Site
Routers outside the local network (Internet routers) only use the network portion of the address to make routing decisions.
They don't need to know about subnets or subnet masks because they only route based on the network part of the address (before the /24 part).
Subnet Masks are Local
Subnet masks are important only within a local network.
They are used to define subnets within a site.
Routers outside the site don't use the subnet mask to route packets; they only need the main network address.
Let’s see my local network:
I have several interfaces, 2 from VMWare’s installation and the 1st one is my ethernet network interface.
Remember network interfaces from chapter 1??
In my case, I personally see no subnetting. Let’s explain this…
The IP 192.168.110.154 with a 255.255.255.0 subnet mask belongs to the Class C range of IP addresses.
In traditional class-based addressing, Class C networks use a /24 prefix, which corresponds to the 255.255.255.0 subnet mask.
This mask divides the network and host portions of the IP address without additional subnetting—meaning it doesn’t divide further into smaller subnets.
Class C IP ranges are from 192.0.0.0 to 223.255.255.255, and 192.168.x.x is a private Class C range.
A 255.255.255.0 subnet mask keeps the entire 192.168.136.0 network together, making 192.168.136.1 simply part of this single network without dividing it further into smaller subnets.
If you had 192.168.136.1 with a different subnet mask (like 255.255.255.192 or /26), then it would be considered subnetted, as it would break the network into smaller segments.
Here, though, we're using the default /24 mask, which means no additional subnetting beyond the original Class C division.
Summary
Subnet masks help devices within a local network identify which subnet an IP address belongs to.
Routers outside the local network don't need the subnet mask, only the network portion of the address.
Subnetting is a local matter and doesn't affect global routing decisions.
Next Chapter: Moving on to Variable Length Subnet Masks…(VSLM)
TCP/IP CHAPTER 2.3 - VARIABLE LENGTH SUBNET MASKS
Variable-Length Subnet Masks (VLSM) is a method of dividing a network into smaller subnets of different sizes.
This is unlike traditional subnetting where all subnets are the same size.
VLSM offers more flexibility by allowing you to assign a specific number of IP addresses to each subnet, depending on its needs.
This is especially useful in today's networks where conserving IP addresses is important.
By using VLSM, you can efficiently allocate IP addresses to different parts of your network, ensuring that you have enough for each subnet without wasting any.
This helps you make the most of your available IP address space.
In the provided network example, the VLSM approach is used to divide the 128.32.0.0/16 network into subnets with different subnet masks: /24, /25, and /26.
Each mask length represents a different number of available host addresses.
Let's break down each part of the network, how VLSM is applied, and the implications for host capacity and routing.
Breakdown of Subnet Masks and Host Capacity
/24 Subnet Mask (255.255.255.0):
With a /24 mask, 8 bits remain for host addresses, allowing up to 256 IP addresses (254 usable for hosts after excluding network and broadcast addresses).
Example from the figure: the 128.32.1.0/24 subnet, which can support up to 256 devices in that particular subnet.
This subnet is connected to various devices, possibly workstations or general host devices.
/25 Subnet Mask (255.255.255.128):
A /25 mask leaves 7 bits for host addresses, resulting in 128 IP addresses (126 usable for hosts).
Example from the figure: the 128.32.2.128/25 subnet.
This subnet likely serves areas where fewer IP addresses are needed compared to the /24 subnet.
The internal router, which connects different subnetworks, uses this subnet mask.
/26 Subnet Mask (255.255.255.192):
With a /26 mask, 6 bits remain for host addresses, allowing for 64 IP addresses (62 usable for hosts).
Example from the figure: the 128.32.230.128/26 subnet.
This is the smallest subnet in the topology, likely used for specific network segments or devices requiring a limited number of IP addresses, such as connections between routers or small departments.
💥💥💥💥💥💥💥💥💥
Each time you subnet a network, you reduce the number of available host addresses.
The choice of subnet mask depends on the number of hosts needed in each subnetwork.
Hierarchical subnetting can be useful for large networks where you need to create multiple smaller subnetworks.
💥💥💥💥💥💥💥💥💥
When subnetting, you need to configure your routers to route traffic between the different subnets.
If you are using DHCP to assign IP addresses, you need to configure it to assign addresses within the appropriate subnets.
💥💥💥💥💥💥💥💥💥
So, when I subnet /16 it becomes subnetted to /24, /25 and /26, we only look at the hosts bits, and are not interested in knowing how many networks the new subnets support, coz this is not classful addressing stuff, but CIDR subnetting, which means we just divide the network /16, into its subdivisions, then we look at the host bits and count the number of hosts the new subnets support?
Yes, when you subnet a /16 network into smaller subnets, such as /24, /25, and /26, the focus shifts from counting how many networks each new subnet can support to determining the number of usable host addresses in each subnet.
💥💥💥💥💥💥💥💥💥
In modern CIDR (Classless Inter-Domain Routing) subnetting, we're no longer concerned with classful addressing rules.
Instead, we simply divide the original /16 network into smaller subnets based on the specific number of host addresses needed.
Each subnet’s host capacity is determined by the remaining host bits in the subnet mask.
The number of usable IP addresses in each subnet can be calculated based on these remaining bits, without considering how many additional subnets or networks might be created.
Essentially, we treat the process as dividing a larger network into smaller, more manageable portions, with the primary goal of efficiently allocating IP addresses (main goal of subnetting), based on the required number of hosts in each subnet.
This method of subnetting allows for greater flexibility and efficiency in IP address allocation, free from the constraints of traditional class-based addressing.
Explanation of the Diagram
The diagram shows a network with multiple subnet masks used within the same IP range (128.32.0.0/16), managed by a Site Border Router that connects to the Internet and distributes traffic among internal networks. Here’s how each part works:
A Site Border Router (SBR) is the primary device that connects an internal network to external networks, such as the Internet.
Located at the network's edge, the SBR routes all incoming and outgoing traffic, including handling the 128.32.x.x address range.
It also plays a crucial role in managing traffic within the internal network using Variable Length Subnet Masking (VLSM) to optimize address allocation.
In a data center, the SBR serves as a boundary between the internal network and external networks, acting as a security gateway. It filters traffic and enforces security policies, ensuring controlled access to and from the network.
Internal Router: This router further divides the internal network and handles routing between subnets like 128.32.2.128/25 and 128.32.2.0/24.
Subnet Segments: Each subnet serves different parts of the network:
128.32.1.0/24: Supports general user devices and likely has a larger capacity for hosts.
128.32.2.0/24: Another large subnet, possibly serving another section of the organization.
128.32.2.128/25: A mid-sized subnet for hosts that require fewer addresses.
128.32.230.128/26: A smaller subnet, perhaps for specialized equipment or administrative use.
Use of Smaller Subnets for Point-to-Point Links
In certain network configurations, particularly for point-to-point links between routers, it’s common to use a subnet that supports only two IP addresses (one for each end of the link).
This conserves IP address space by avoiding the allocation of unnecessary addresses.
In IPv4, this is achieved using a /31 prefix, while in IPv6, a /127 prefix serves the same purpose.
Sure, let's break this down more clearly…
Point-to-Point Links
A point-to-point link is a network connection between two devices (typically routers or switches) that communicate directly with each other over a dedicated link. This is different from a more complex network where multiple devices might share the same subnet.
Why Use Smaller Subnets like /31?
When setting up these point-to-point links, we only need two IP addresses: one for each router or device at either end of the link.
This is because each device needs a unique IP to communicate, but there’s no need for additional IP addresses, since there are no other devices involved on the link.
If we used a larger subnet (for example, a /30 or /29), we would be wasting IP addresses, because those larger subnets provide more IP addresses than we actually need.
For example:
A /30 subnet provides 4 IP addresses (2 usable IP addresses, 1 network address, and 1 broadcast address). However, for a point-to-point link, you only need 2 IP addresses. The other 2 are wasted.
A /29 subnet provides 8 IP addresses (6 usable), which is even more wasteful.
Efficient Use of IP Addresses
To avoid wasting IPs, we can use smaller subnets that give us exactly 2 usable IP addresses.
In IPv4, this is done with a /31 prefix. In IPv6, the equivalent is a /127 prefix.
In IPv4, a /31 prefix gives exactly 2 usable IP addresses (1 for each end of the point-to-point link).
This means that there are no wasted addresses.
The network address and broadcast address are treated as usable IPs in this specific case, which works because a point-to-point link doesn’t need the concept of a broadcast address (since there's only one device at each end).
In IPv6, a /127 prefix achieves the same goal: it gives exactly 2 usable IP addresses for the point-to-point link.
Why is this Important?
This approach conserves IP address space, which is particularly valuable in networks with limited IPv4 addresses.
Although IPv6 provides a much larger address space, it’s still good practice to use the smallest subnets possible to avoid wasting addresses, even in large IPv6 networks.
By using a /31 (IPv4) or /127 (IPv6), you're allocating just what’s needed for direct router-to-router communication, making your address assignments more efficient.
Example?
Let’s say you have two routers connected via a point-to-point link. You can assign the following IPs using a /31 subnet:
Router 1: 192.168.1.1
Router 2: 192.168.1.2
The subnet mask would be 255.255.255.254 (for a /31). This allows exactly 2 addresses (192.168.1.1 and 192.168.1.2) to be used, and nothing more.
This is especially helpful in large networks where you're trying to preserve address space as much as possible.
Finally
Using smaller subnets for point-to-point links, like the /31 (IPv4) or /127 (IPv6), is a highly efficient way to allocate IP addresses.
It avoids the waste of extra addresses that would come with larger subnets, making better use of available address space.
This practice is recommended for direct router-to-router communication, where only two addresses are needed.
Routing and Protocols
For traffic to move smoothly between these subnets and out to the Internet, the network relies on routing protocols that support VLSM e.g.
OSPF (Open Shortest Path First).
IS-IS (Intermediate System to Intermediate System.
RIPv2 (Routing Information Protocol version 2).
These protocols can handle networks with varying subnet masks and dynamically route traffic based on the current network structure.
Older protocols, like RIP version 1, lack VLSM support, making them unsuitable for networks with variable-length subnetting.
Summary of Key Benefits of VLSM
Optimized IP Address Usage: By tailoring the subnet mask length to match the required number of hosts, VLSM helps avoid wasting IP addresses.
Flexibility: Network administrators can adjust subnet sizes to fit departmental or functional requirements, making network design adaptable.
Efficient Routing: When combined with modern routing protocols, VLSM supports complex networks while maintaining efficient traffic flow.
In essence, VLSM enables a more granular and efficient approach to network design, accommodating a wide range of subnet sizes within the same IP address space, as illustrated in this network topology.
TCP/IP CHAPTER 2.4 – BROADCAST ADDRESSING
What is a Broadcast Address?
A broadcast address in IPv4 is a special address used to send messages to all devices within a specific subnet.
Think of it like a public announcement within a local network segment where all devices can hear the message.
This address is crucial for various network functions, including network discovery, updates, and time synchronization, where every device needs to receive the same information.
The image shows the process of calculating a subnet broadcast address, specifically for the IP address 128.32.1.14 with a /24 subnet mask.
Address (128.32.1.14) in Binary:
In IPv4, each address has 32 bits, divided into four groups (octets) of 8 bits. Here, each octet is separated by spaces to help identify each group.
Let me remind you how to convert, I know someone here forgot:
Choose an IP Address in the Subnet:
In this case, 128.32.1.14 is used. Any address within the subnet (e.g., 128.32.1.0/24) could be used for this purpose, as long as it belongs to the subnet range.
Identify the Subnet Mask and Network/Host Portions:
The /24 subnet mask means that the first 24 bits are for the network portion, and the last 8 bits are for the host portion. This mask is commonly represented in binary as:
Complement of the Subnet Mask:
The subnet mask determines which bits of an IP address belong to the network portion and which belong to the host portion.
In this example, a /24 subnet mask, 255.255.255.0, means the first 24 bits are for the network, and the last 8 bits are for the host.
The complement of this subnet mask is:
This complement (0.0.0.255 in dotted-decimal form) is created by inverting the subnet mask, flipping each 0 to 1 and each 1 to 0. It sets all the host bits to 1, which is needed to calculate the broadcast address.
This binary mask shows the division between the network and host portions of the IP address.
Bitwise OR Result (128.32.1.255):
The broadcast address is calculated by performing a bitwise OR operation between the IP address (128.32.1.14) and the complement of the subnet mask (0.0.0.255). The OR operation sets a bit to 1 if either input bit is 1.
In decimal, this binary result translates to 128.32.1.255, which is the broadcast address for the subnet 128.32.1.0/24.
Purpose
Broadcast addresses allow communication to all devices on a subnet. Any message sent to the broadcast address will reach all devices in that subnet, making it ideal for network-wide announcements or configuration updates.
Location in the Subnet
The broadcast address is always the last address in the subnet range. For a subnet 128.32.1.0/24, the address range runs from 128.32.1.0 to 128.32.1.255, with 128.32.1.255 serving as the broadcast address.
Calculation Summary
The broadcast address is calculated by setting all the bits in the host portion to 1, while keeping the network portion unchanged. This results in the highest possible address within the subnet range.
Practical Implications
Network-wide Communication: Broadcast addresses are used for protocols that need to reach multiple devices simultaneously, such as DHCP (for assigning IP addresses) or ARP (for finding the MAC address of a device).
Check the how-arp-works.gif and Simple-DHCP.gif in the folder number 4 ... IP conversion
Troubleshooting: Knowing how to calculate broadcast addresses is essential for network troubleshooting, as it helps identify the range of addresses within each subnet.
Reserved Nature: Broadcast addresses cannot be assigned to individual devices. They are reserved solely for broadcasting purposes.
Security and Network Design Considerations
Broadcast Traffic Load: Excessive broadcast traffic can strain network performance, as every device on the subnet processes broadcast messages. This can lead to network slowdowns, particularly in large networks.
Security Risks: Broadcast addresses can be exploited by malicious actors for network attacks, like broadcast storms. Network administrators often configure devices to limit or filter broadcast traffic.
IPv6 and Broadcasts: IPv6 does not use broadcast addresses. Instead, it relies on multicast addresses, which are more efficient for group communication because they only reach intended devices rather than all devices on the subnet.
Unlike IPv4, which uses broadcast messages to send data to all devices on a network, IPv6 uses multicast (We already discussed it). This makes IPv6 more efficient and scalable than IPv4.
However, there are some limitations to multicast:
Not all devices support multicast.
Multicast traffic can be blocked by firewalls.
Some applications that rely on broadcasting may not work properly with IPv6.
Overall, IPv6 is a more efficient and scalable protocol than IPv4, but it does have some limitations.
📌📌📌
The broadcast address is an essential feature in IPv4 networking that enables communication with all devices within a subnet. Calculating it involves taking an IP address within the subnet, identifying the subnet mask, and performing a bitwise OR operation with the complement of the subnet mask.
This address is always the highest address within the subnet, achieved by setting all host bits to 1. Although powerful for certain applications, broadcast addresses are generally controlled or minimized due to their potential to impact performance and security. With IPv6, networks are shifting toward multicast for efficiency, reducing the need for traditional broadcast addresses.
📌📌📌
IPv6 ADDRESSES AND INTERFACE IDENTIFIERS
Let's break down the concepts of EUI-48 and EUI-64 identifiers, their relationship with IPv6 interface identifiers (IIDs), and how these formats apply in networking.
I. Understanding EUI-48 and EUI-64 Identifiers
Extended Unique Identifiers (EUI) are standardized by the IEEE and serve as unique addresses for network interfaces.
Originally, most network interfaces, such as Ethernet cards, used the EUI-48 format, which is 48 bits long (6 bytes). This is also commonly known as a MAC address.
EUI-64 is an extended format that is 64 bits long (8 bytes). The primary difference between EUI-48 and EUI-64 is length.
Both are structured similarly, containing a 24-bit Organizationally Unique Identifier (OUI), which represents the manufacturer or organization, followed by bits assigned by that organization.
For example, in an EUI-48 identifier, the last 24 bits are unique to each device produced by that organization. In an EUI-64 identifier, the last 40 bits provide even more room for unique device identification.
II. Structure of EUI-48 and EUI-64
Both EUI-48 and EUI-64 identifiers start with the 24-bit OUI. This OUI is managed by the IEEE Registration Authority, meaning each organization that produces networked devices has its unique OUI to prevent overlap.
In EUI-48, the format is 24 bits for the OUI + 24 bits assigned by the organization.
In EUI-64, the format extends to 24 bits for the OUI + 40 bits assigned by the organization. This 64-bit structure provides more addresses and allows for use in IPv6 networks.
The image provided (Figure 2-7) visually represents these formats:
Top row (EUI-48): Shows a 48-bit format with the OUI (first 24 bits) and an additional 24 bits assigned by the organization.
Bottom row (EUI-64): Shows a 64-bit format with the same OUI and an additional 40 bits assigned by the organization.
My PC uses the EUI-48 format:
Searching for the OUI online brings up HP as my manufacturer:
III. u (Universal/Local) and g (Individual/Group) Bits
Within these EUI formats, there are two important bits within the OUI segment: the u bit and the g bit:
u (Universal/Local): This bit indicates whether the address is universally administered (assigned by a central authority like IEEE, making it globally unique) or locally administered. If the u bit is set to 0, it’s a globally unique address, whereas a 1 indicates it’s a locally administered address.
g (Individual/Group): This bit shows whether the address is intended for an individual device or a group (multicast). When the g bit is set to 0, the address is meant for a single device. If set to 1, it indicates that it’s a group (multicast) address.
This bit, sitting right next to the u bit, determines the intended recipient of a network frame. It's the traffic controller. The image illustrates that when this bit is set to '0' (Individual), the data is destined for a specific, single network card.
If the g bit is set to '1' (Group), the frame is not for one device, but for a group of devices. The graphic cleverly uses a multicast icon to represent this, showing one packet being delivered to multiple nodes simultaneously, which is typical for protocols like service discovery.
EXAMPLE:
Checking if its an Individual or Group Address
Let’s use a random MAC Address: 00-14-22-01-23-45.
In binary: 00000000 00010100 00100010 00000001 00100011 01000101.
To determine if the address is an individual or a group address, we look at the least significant bit (LSB) of the first byte (the most significant byte).
The first byte of the binary MAC address is 00000000.The least significant bit of this byte is 0. If the LSB is 0, it's an Individual address. If the LSB is 1, it's a Group address.
Checking if it's a Global or Local Address
To determine if the MAC address is Global (Universal) or Local, look at the second least significant bit (the 7th bit) of the first byte.
The first byte is 00000000. The 7th bit (from the left) is 0. The 7th bit is 0, the address is Global (Universal). If the 7th bit is 1, the address is Local.
IV. The Role of Interface Identifiers (IIDs) in IPv6 Addressing
IPv6 addresses often incorporate interface identifiers (IIDs), which serve as unique identifiers for each device within a network segment. An IID is usually 64 bits long and is appended to a 64-bit network prefix to create a complete 128-bit IPv6 address.
IPv6 and Modified EUI-64: IPv6 uses a modified version of EUI-64 to derive these IIDs, which involves inverting the u bit of the MAC address (or EUI-64 identifier). This inversion is used to differentiate between the original MAC address and the identifier created for IPv6, ensuring privacy and uniqueness.
Devices with existing EUI-48 MAC addresses can be adapted for IPv6 by expanding the address to EUI-64 format.
This process involves inserting the hexadecimal value 0xFFFE between the OUI and the organization-specific portion of the address, effectively lengthening it from 48 to 64 bits.
V. Practical Use and Privacy Considerations
In IPv4 networks, a single MAC address (EUI-48) uniquely identifies a device on a local network.
However, in IPv6, interface identifiers that use modified EUI-64 have raised privacy concerns.
A static IID derived directly from a device’s MAC address could allow external parties to track the device across different networks.
Privacy Extensions for IPv6
To address these concerns, IPv6 supports privacy extensions, which allow devices to generate random Interface Identifiers(IIDs), rather than relying on the modified EUI-64 format.
This provides a degree of anonymity, as the IID does not directly reveal the device’s underlying hardware address.
For instance, rather than an IPv6 address with an Interface Identifier tied to the device’s MAC address
(e.g., 2001:0db8:85a3:0000:3cD3:72ff:fe2e:8329), a device with privacy extensions enabled might produce 2001:0db8:85a3:0000:67f4:a5c9:82eb:f32c.
In this case, the IID (67f4:a5c9:82eb:f32c) is randomly generated and will periodically change, reducing the risk of tracking.
Suppose a laptop is connected to a Wi-Fi network. Every few hours, it may generate a new IPv6 address, such as starting with 2001:0db8:85a3:0000:4f52:ab1c:8d3a:32f1 in the morning and then switching to 2001:0db8:85a3:0000:3ad6:b7f4:e4d2:6b1a by afternoon.
This change ensures that even if someone were tracking the device earlier, they would not immediately recognize the new address as belonging to the same device.
Mobile devices, which move across networks frequently, can take advantage of privacy extensions to avoid tracking.
When switching from a home Wi-Fi network to a mobile data network, the phone may generate a fresh IID, ensuring that observers from the previous network cannot easily link it to a new location.
These privacy measures are especially beneficial in environments where devices frequently connect to different networks, as they help protect against tracking based on persistent identifiers.
SUMMARY
Assigned by Organization: The 24 bits (the remaining part of the EUI-48) are unique identifiers assigned by the organization itself to differentiate each device they produce. This part is often called the NIC (Network Interface Controller) part.
EUI-48 Format: The EUI-48 format is 48 bits long, divided into a 24-bit OUI and a 24-bit organizational identifier. It is commonly used in MAC addresses for Ethernet.
IPv6 typically takes an existing EUI-48 MAC address and converts it to EUI-64 by inserting 0xFFFE between the OUI and the remaining organization-assigned bits. This results in a 64-bit identifier, which can be used to form IPv6 addresses.
Additionally, IPv6 inverts the u bit in the IID. This inversion is done to distinguish IPv6 IIDs from the actual MAC address, adding a layer of uniqueness and avoiding simple address tracking across networks.
Due to privacy concerns have led to alternatives such as randomized IIDs. This structured addressing plays a crucial role in ensuring globally unique device identification across networks.
Interface Index: The number after the % sign in an IPv6 address identifies the specific network interface.
Windows often automatically assigns IPv6 addresses, including the IID, when a network interface is connected.
You can manually configure IPv6 addresses, but it's generally not recommended, unless you have specific requirements.
CHAPTER 2.5 TCP/IP - ISATAP
We had previously described IPv6 Address now lets move in a bit deeper.
ISATAP (Intra-Site Automatic Tunnel Addressing Protocol) is a transition mechanism that allows IPv6 packets to be transmitted over an IPv4 network.
This is particularly useful in environments where IPv6 is not fully deployed but IPv6-only devices need to communicate.
ISATAP serves as a bridge for interoperability, ensuring IPv6 devices can communicate seamlessly without requiring immediate, network-wide upgrades.
HOW DOES ISATAP PROTOCOL WORK?
IPv4 to IPv6 Mapping:
ISATAP functions by mapping IPv4 addresses to IPv6 addresses.
Each IPv4 address is transformed into a unique IPv6 address by appending the IPv4 address to a predefined prefix, typically fe80::/10.
For example, the IPv4 address 10.153.141.135 would be translated into an IPv6 address by prefixing it with fe80::5efe, resulting in fe80::5efe:10.153.141.135.
The 5efe segment is a constant within ISATAP, designating the address as one generated by the protocol. This unique identifier always remains the same and helps distinguish ISATAP addresses from other types of IPv6 addresses.
The fe80 segment in ISATAP addresses is a constant link-local prefix, indicating that the address is only usable within the same local network segment.
This prefix (fe80::/10) is standardized across IPv6 for link-local addresses, which are reserved specifically for intra-site communication and are not routable on the broader internet. A link-local IPv6 address is designed for communication within the local network.
Tunnel Creation
In my image above, am in a school lab and you can see ISATAP at the bottom i.e. isatap.domain.ac.ke
ISATAP creates a virtual tunnel between two IPv6 nodes.
IPv6 packets are encapsulated within IPv4 packets and sent over the IPv4 network.
When an IPv6 packet is sent across this tunnel, it undergoes encapsulation, where the entire IPv6 packet is placed within an IPv4 packet.
This encapsulated packet can then traverse the IPv4 network without compatibility issues. When it reaches its destination, the IPv4 layer is removed, and the original IPv6 packet is delivered to the recipient.
Tunnel Termination
At the destination, the IPv4 packet is decapsulated, and the original IPv6 packet is delivered.
Breaking Down the ipconfig /all Output:
In an ipconfig /all command output, ISATAP addresses have unique characteristics that make them identifiable.
You might see a physical address like 0A-99-8D-87, which looks similar to a MAC address but isn’t tied to any hardware.
This is from my school network, coz my home network hasn’t been configured to support ISATAP protocol. hidden just represents the domain for my school, I won’t show it.
A zone index is a number that identifies a specific network interface on a device. It's essentially a label that helps the operating system differentiate between multiple network connections (like Wi-Fi, Ethernet, etc.) when assigning IP addresses.
Why Do Zone Indices Matter?
IP Address Uniqueness: Zone indices ensure that each network interface has a unique IP address, even if they have the same IP address type (e.g., IPv6 link-local address).
Routing: The operating system uses zone indices to determine the correct network interface to use for outgoing traffic.
Network Configuration: Network administrators can use zone indices to configure specific settings for different interfaces.
%18: Indicates the primary network interface, which for my PC, is Ethernet.
%9: A secondary interface, such as a virtual network adapter or a less frequently used network connection.
Can the zone index change?
Yes, If you add or remove a network interface.
If the order of network interfaces changes in the system's configuration.
If the network adapter drivers are updated.
However, it should not affect the functionality of the network connection as long as the underlying network configuration remains stable.
In this ipconfig output from the school network, we can see details about the ISATAP tunnel adapter:
Tunnel Adapter Name: The adapter is labeled as isatap.hidden.ac.ke indicating it’s an ISATAP adapter linked to your school’s network with the placeholder domain.
Media State: It shows Media disconnected, meaning the ISATAP adapter is not currently connected to any network. This could happen if there’s no need for IPv6-over-IPv4 tunneling at the moment or if IPv6 isn’t configured on the network.
Connection-Specific DNS Suffix: This is set to hidden.ac.ke, which is a placeholder DNS domain suffix for your school’s network.
Description: The adapter is identified as a Microsoft ISATAP Adapter, which shows that it uses Microsoft’s ISATAP protocol to enable IPv6 communication over an IPv4 network.
Physical Address: The physical address is listed as 00-00-00-00-00-E0. Unlike a traditional MAC address, this is just a placeholder representing the virtual nature of the ISATAP adapter, which doesn’t rely on physical hardware like a network card.
DHCP Enabled: This setting is No, indicating that the ISATAP adapter does not use DHCP for IP address assignment. ISATAP typically uses automatic configuration instead.
Autoconfiguration Enabled: This is set to Yes, which means the adapter can automatically configure its IP address, if it connects to an IPv4 network that supports IPv6 tunneling.
Over here, ISATAP adapter is set up to enable IPv6 communication over the school’s IPv4 network, with automatic IP configuration. However, it’s currently disconnected and not in use.
Why Use ISATAP?
Smooth IPv6 Transition: It allows IPv6 devices to coexist with IPv4 devices on the same network.
Improved Security: IPv6 offers stronger security features than IPv4, like encryption and authentication for IP packets.
Future-Proofing Networks: It prepares networks for a future where IPv6 is the dominant protocol.
Additional Considerations
Configuration: ISATAP configuration can be complex and requires careful planning.
Performance Overhead: Encapsulation and decapsulation can introduce overhead.
Limited Scope: ISATAP is primarily designed for intra-site communication.
If you understand ISATAP as a network admin, you can deploy IPv6 in hybrid environments comfortably.
CIDR AND AGGREGATION: ADDRESSING THE INTERNET'S SCALING CRISIS
In the early 1990s, the burgeoning Internet faced significant scaling challenges.
Three primary issues threatened its growth:
Rapid Depletion of Address Space: The traditional class-based IP addressing system, with its fixed-size address blocks (Class A, B, and C), was becoming inefficient. Many organizations were assigned larger address blocks than they needed, while others ran out quickly.
By 1994, over half of all Class B addresses had been allocated, and it was projected that the entire Class B space would be exhausted within a year.
The 32-bit IPv4 address was deemed insufficient to accommodate the anticipated growth of the Internet in the early 2000s.
Burgeoning Routing Tables: The number of entries in the global routing table, which stores information about network reachability, was rapidly increasing.
As more and more networks were added, routing tables became larger and slower, impacting routing performance.
To address these pressing issues, the Internet Engineering Task Force (IETF) formed the Routing and Addressing (ROAD) working group in 1992. The ROAD group proposed a short-term solution to mitigate problems 1 and 3, while also working on a long-term solution for problem 2 (IPv6).
The short-term solution introduced Classless Inter-Domain Routing (CIDR) and address aggregation.
CIDR revolutionized IP address allocation by allowing for variable-length subnet masks.
Instead of the rigid class-based system, CIDR enabled network administrators to allocate IP addresses more efficiently by assigning blocks of addresses with a specific prefix length.
This flexibility allowed for more precise allocation of address space, avoiding the waste associated with the old class-based system.
ADDRESS AGGREGATION
Address aggregation, also known as route aggregation or supernetting, is a technique that combines multiple contiguous IP address ranges into a single, larger range.
It aggregates multiple smaller networks into a single larger network block, reducing the number of routing table entries and overhead. This improves routing performance and scalability.
If the image isn't clear enough:
SUPERNETTING AND CIDR/CLASSLESS ADDRESSING
CIDR (Classless Inter-Domain Routing) or Classless Addressing
These are essentially the same thing. This is the general concept of breaking free from traditional classful networking (Class A, B, C).
Allows flexible subnet sizes using variable-length subnet masks (VLSM). Example: Being able to create a /23 or /22 network instead of being restricted to class-based sizes.
Supernetting
Is specifically the process of combining multiple smaller networks into a larger one.
It's like the opposite of subnetting.
Example: Combining four /24 networks into one /22 network.
This is done for route aggregation and to reduce routing table size. Also called route summarization or route aggregation
So to directly answer the question:
Supernetting is specifically about combining smaller networks into larger ones.
CIDR/Classless addressing is the broader concept that makes both subnetting AND supernetting possible by removing class restrictions.
Classless addressing itself is not about combining subnets - it's the underlying technology that makes both flexible subnetting and supernetting possible.
Supernetting is one specific use case of classless addressing. A specific technique within CIDR where you combine multiple contiguous IP networks into a larger supernet with a single, larger subnet mask.
Let’s see an examples and close off this subtopic:
I. Classful Addressing (Example of IP Wastage)
Imagine you’re using a Class B network for a company with a single office.
Class B networks are fixed as /16, meaning they provide 65,536 addresses.
With classful addressing, you’re locked into this size, even if you need only a few hundred IP addresses. This results in significant IP wastage.
Network Address: 172.16.0.0/16 (Class B network)
Total Addresses: 65,536
Needed: Let’s say you need 1,000 addresses.
In a classful scheme, you would still use the entire /16, which wastes over 64,000 IP addresses.
II. Classless Addressing (Subnetting Example with VLSM)
With classless addressing, you can create subnets with just the right size for your needs. For example, instead of using a full Class B block, you can use a smaller range.
Let’s say you start with a /22 network (4 Class C blocks combined), giving you 1,024 addresses—much closer to the 1,000 you actually need.
Original Network: 192.168.0.0/22
Subnet Requirements: You want to divide this into smaller subnets for different departments:
Subnet 1 (Finance): Needs 500 IPs
Subnet 2 (Sales): Needs 200 IPs
Subnet 3 (Support): Needs 100 IPs
Subnet 4 (Admin): Needs 100 IPs
You can create custom subnet sizes using classless addressing:
Subnet for Finance: 192.168.0.0/23 (512 addresses)
Subnet for Sales: 192.168.2.0/24 (256 addresses)
Subnet for Support: 192.168.3.0/25 (128 addresses)
Subnet for Admin: 192.168.3.128/25 (128 addresses)
Classless addressing allows you to divide your network into exactly the sizes needed without wasting addresses.
III. Supernetting (Combining Subnets into a Supernet)
Supernetting aggregates multiple smaller networks into a larger one, reducing the number of routing table entries.
Suppose you now have several departments (Finance, Sales, Support, and Admin) each with their own subnet, and you want to combine them into a single larger block for easier routing.
In this case, you can combine the /23, /24, and two /25 networks back into a single supernet:
Supernet: 192.168.0.0/22
Calculating: Let's break down how we combine the networks /23, /24, and two /25 into a single /22 supernet. I'll show the calculations step-by-step to illustrate how the supernet covers the range of all the subnets.
Step 1: List the Subnets with their IP Ranges
Subnet 1 (/23): 192.168.0.0/23
Range: 192.168.0.0 to 192.168.1.255
Total IPs: 512 addresses - 29
Subnet 2 (/24): 192.168.2.0/24
Range: 192.168.2.0 to 192.168.2.255
Total IPs: 256 addresses - 28
Subnet 3 (/25): 192.168.3.0/25
Range: 192.168.3.0 to 192.168.3.127
Total IPs: 128 addresses - 27
Subnet 4 (/25): 192.168.3.128/25
Range: 192.168.3.128 to 192.168.3.255
Total IPs: 128 addresses - 27
Step 2: Calculate the Full Range Covered by These Subnets
Now, let's determine the entire range covered by these subnets:
Starting IP (smallest): 192.168.0.0 (from Subnet 1, 192.168.0.0/23)
Ending IP (largest): 192.168.3.255 (from Subnet 4, 192.168.3.128/25)
So, the range from 192.168.0.0 to 192.168.3.255 needs to be covered by a single network.
Step 3: Determine the CIDR Notation for the Supernet
To cover the range 192.168.0.0 to 192.168.3.255 in a single network, we can use the 192.168.0.0/22 subnet.
Since IPv4 addresses are 32 bits, the /22 means the first 22 bits are 1, and the remaining 10 bits are 0.
A /22 CIDR notation represents a subnet mask of 255.255.252.0, which spans 1024 IP addresses.
This is equivalent to combining 4 Class C blocks, each containing 256 addresses, into one larger block.
For example, with a subnet mask of /22, we can cover the range of IP addresses from 192.168.0.0 to 192.168.3.255.
IP Range:
Starting IP: 192.168.0.0 (network address).
Ending IP: 192.168.3.255 (broadcast address).
This gives us a total of 1024 addresses, including both usable IP addresses and special addresses like network and broadcast.
192.168.0.0/22 covers all the IPs in the previous subnets, making it simpler for routing and management.
Benefits of CIDR and Aggregation
Efficient Address Allocation: CIDR allows for more precise allocation of IP addresses, reducing waste and conserving address space.
Improved Routing Performance: Address aggregation reduces the number of entries in routing tables, leading to faster and more efficient routing.
Scalability: By addressing the issues of address depletion and routing table growth, CIDR and aggregation have enabled the Internet to scale to accommodate increasing numbers of users and devices.
While CIDR and aggregation provided a significant improvement, the long-term solution to the address space exhaustion problem was the development of IPv6, which offers a much larger address space and improved addressing capabilities.
I don’t know where I left off so I will just pick up from page 47.
CIDR AND ADDRESS AGGREGATION
Background: Internet Scaling Problems in the Early 1990s
In the early 1990s, the rapid growth of the Internet started to highlight several scaling problems that needed immediate attention.
These problems became particularly critical as the number of networks and Internet users increased exponentially. Three major issues were identified:
I. Exhaustion of Class B Addresses:
By 1994, over 50% of Class B IP addresses had already been allocated, and it was predicted that the entire Class B address space would be exhausted by 1995.
Class B addresses provided a significant portion of the address space, but the demand for more addresses exceeded the available supply.
II. IPv4 Address Space Limitations:
The 32-bit IPv4 address was thought to be inadequate to accommodate the anticipated size of the Internet by the early 2000s.
This limitation would make it impossible to assign unique IP addresses to all devices, particularly with the rapid growth of connected devices (e.g., smartphones, sensors, etc.).
III. Global Routing Table Growth:
By 1995, the global routing table, which contains entries for each network number, had grown to around 65,000 entries.
As more and more individual Class A, B, and C network addresses were assigned, the global routing table was growing larger, which impacted routing performance.
Each network had to be represented in the table, and as this number grew, routers had to process an increasingly large amount of data, slowing down routing performance.
The Global Routing Table, a collection of all IP network routes known to the Internet's global routers, often managed by BGP, is a critical part of internet infrastructure.
Border Gateway Protocol is the protocol used to exchange routing information between different networks on the internet, ensuring data can find its way from one place to another efficiently.
The ROAD Group and Solutions
To address these pressing issues, the Internet Engineering Task Force (IETF) created a working group called ROAD(ROuting and ADdressing) in 1992.
The group focused on addressing the immediate challenges of address exhaustion and routing table bloat while keeping the long-term issue of IPv4 address space limitations in mind.
IMMEDIATE SOLUTIONS (PROBLEMS 1 AND 3)
The short-term solutions involved removing the rigid class-based address structure and introducing more flexible methods for allocating IP addresses (Classless/CIDR).
Let’s explain:
I. Classless Inter-Domain Routing (CIDR)
CIDR was introduced to replace the traditional classful addressing system (Class A, B, C).
Classless Inter-Domain Routing allows for more efficient allocation of IP address blocks by permitting arbitrary-length network prefixes.
This flexibility allows ISPs and organizations to request precisely the number of IP addresses they need, rather than being constrained to predefined class sizes.
II. Address Aggregation:
CIDR also promoted aggregation of IP address blocks. This means that contiguous blocks of IP addresses could be grouped together into a single routing table entry.
Aggregation reduces the number of individual entries in the global routing table, alleviating the problem of routing table growth and improving routing performance.
With CIDR, network prefixes could be advertised in a way that allows routers to aggregate multiple smaller networks into a single route, reducing the size of routing tables.
To know how we calculated check Aggregated2.html
LONG-TERM SOLUTION (PROBLEM 2):
I. IPv6 (Internet Protocol version 6):
IPv6 was envisioned as the long-term solution to the IPv4 address exhaustion problem.
With 128-bit addresses, IPv6 provides a vastly larger address space, theoretically offering enough unique addresses for every device on the planet (and beyond) for the foreseeable future.
IPv6 adoption is seen as a key strategy for handling the growing number of devices and networks globally, although its widespread deployment has been slow due to compatibility issues with IPv4 and the costs of transitioning.
The ROAD group’s initiatives, particularly the introduction of CIDR and address aggregation, provided a practical and immediate solution to the issues of address exhaustion and routing table growth.
These changes allowed the Internet to scale more effectively in the short to medium term. IPv6, on the other hand, was designed to solve the address space issue for the long term, ensuring that the Internet could continue to grow well into the future.
PREFIXES IN CIDR AND THEIR ROLE IN ADDRESS ALLOCATION
Classless Inter-Domain Routing (CIDR) was introduced to solve a variety of problems in the classful addressing scheme and to better manage the availability of IPv4 addresses.
Below are key points summarizing the concept of prefixes in CIDR and how it extends address allocation.
I. Overview of CIDR (Classless Inter-Domain Routing)
Classful addressing: In the traditional classful addressing system (Class A, B, and C), the address space was divided into predefined blocks or classes. This led to inefficient use of address space.
CIDR (RFC4632): Introduced in the 1990s to overcome the limitations of classful addressing. CIDR allows for more flexible and efficient allocation of IP addresses, using prefixes instead of fixed classes.
CIDR Mask: With CIDR, instead of class-based allocations, addresses are now allocated with a CIDR mask. The CIDR mask defines the network portion of the address and is flexible—meaning that networks of any size can be allocated, not just those predefined by classes A, B, or C.
II. Network Prefixes and CIDR Mask
A network prefix is a combination of an IP address and a CIDR mask. The mask, similar to a subnet mask, defines which portion of the address is the network part and which part can be used for hosts.
Prefix Length: The CIDR prefix is denoted as the IP address followed by a slash (/) and a prefix length (an integer), which indicates how many bits in the address represent the network portion.
Example: 192.168.1.0/24
This means that the first 24 bits of the address 192.168.1.0 are the network part, and the remaining bits are for hosts.
A smaller prefix length (like /8) means more possible IP addresses (larger network).
A larger prefix length (like /32) means fewer IP addresses (smaller network).
III. Benefits of Using CIDR Prefixes
Finer Granular Allocation: Unlike classful addressing, where addresses were divided into rigid classes (e.g., Class A with 16 million hosts, Class B with 65,536 hosts), CIDR allows addresses to be allocated in more granular sizes.
This helps allocate addresses more efficiently and reduces wasted address space.
Address Aggregation: CIDR enables route aggregation or supernetting. Multiple smaller networks can be grouped into one larger network, reducing the size of routing tables and improving routing efficiency on the internet.
More Flexible Addressing: CIDR allows for any number of addresses to be allocated, rather than being constrained by fixed class boundaries.
IV. Prefix Length in IPv4 and IPv6
IPv4: A CIDR prefix length can range from /0 (which represents the entire IPv4 address space) to /32 (which represents a single IP address).
For example:
192.168.0.0/24 represents the range from 192.168.0.0 to 192.168.0.255, i.e., 256 IP addresses.
10.0.0.0/8 represents the range from 10.0.0.0 to 10.255.255.255, i.e., over 16 million addresses.
IPv6: Prefix lengths range from /0 to /128 because IPv6 addresses are 128 bits long. However, common IPv6 network prefixes include /64, which is often used for local networks.
For example: 2001:0db8::/32 represents a large portion of the IPv6 address space, but a /64 prefix is typically used for local networks.
CIDR AND THE ELIMINATION OF CLASS-BASED ADDRESSING
Class A, B, and C Addressing
Before CIDR, IP addresses were classified into three main classes: A, B, and C. These classes were designed to allocate a fixed number of IP addresses, but the allocation was inefficient for many organizations, leading to wasted IP address space.
Class A:
Range: 1.0.0.0 to 127.255.255.255
Default Subnet Mask: /8
Description: Class A addresses were typically allocated to large organizations, with over 16 million addresses in each network. For example, 10.0.0.0/8 provides over 16 million addresses, which could be excessive for many organizations.
Class B:
Range: 128.0.0.0 to 191.255.255.255
Default Subnet Mask: /16
Description: Class B addresses were intended for medium-sized organizations, with 65,536 addresses per network. For example, 172.16.0.0/16 provides 65,536 addresses, which might be more than what many businesses need.
Class C:
Range: 192.0.0.0 to 223.255.255.255
Default Subnet Mask: /24
Description: Class C addresses were for smaller networks, with only 256 addresses per network. For example, 192.168.0.0/24 provides just 256 addresses, which is enough for small businesses or home networks.
CIDR Notation: More Flexible and Efficient Allocation
With CIDR, we no longer rely on rigid class boundaries (A, B, C). Instead, CIDR notation allows us to allocate exactly the number of IP addresses needed, rather than being constrained by the fixed sizes of the traditional classes.
Examples of CIDR in Practice
Class C Example (Old Class-based Addressing):
Traditionally, Class C networks were represented by 192.168.0.0/24, where the /24 means the first 24 bits of the address are reserved for the network portion.
With CIDR, you can more flexibly allocate ranges like 192.125.3.0/24, which provides the same number of IP addresses (256 addresses), but you aren't constrained to use the classful 192.168.x.x network range.
Class B Example (Old Class-based Addressing):
In the traditional Class B system, you would use a network like 172.16.0.0/16, which provides 65,536 addresses.
With CIDR, instead of being limited to the /16 network (which might still be too large), you can more efficiently allocate a range like 192.125.3.0/16. While this still gives 65,536 addresses, CIDR allows you to choose the most appropriate prefix size to match your needs.
CIDR Prefix Length and Address Ranges
The prefix length defines how many bits are allocated to the network portion of the address.
The remaining bits are for hosts within that network.
The number of available host addresses depends on the number of bits left for the host portion.
Smaller Prefix Lengths (Larger Networks)
Example: /8 prefix
The prefix /8 means the first 8 bits are used for the network portion, leaving the remaining 24 bits for the host addresses.
This allows for 16,777,216 addresses in the network.
Example Network: 10.0.0.0/8
Address Range: From 10.0.0.0 to 10.255.255.255 (16,777,216 addresses)
Larger Prefix Lengths (Smaller Networks)
Example: /24 prefix
The prefix /24 means the first 24 bits define the network portion, leaving just 8 bits for the host portion.
This gives you 256 addresses in the network.
Example Network: 192.125.3.0/24
Address Range: From 192.125.3.0 to 192.125.3.255 (256 addresses)
Example with /32:
The /32 prefix indicates a single IP address. It is used to represent a specific host address within a network.
Example Network: 192.125.3.5/32
Address Range: Only 192.125.3.5
CIDR EXAMPLES
IPv4 Example
Network: 192.125.3.0/24
Prefix Length: /24 means the first 24 bits define the network, and the remaining 8 bits are for hosts.
Subnet Mask: 255.255.255.0
Address Range: 192.125.3.0 to 192.125.3.255 (256 addresses)
Network: 10.0.0.0/8
Prefix Length: /8 means the first 8 bits are for the network, and the remaining 24 bits are for hosts.
Subnet Mask: 255.0.0.0
Address Range: 10.0.0.0 to 10.255.255.255 (16,777,216 addresses)
IPv6 Example
Network: 2001:0db8::/32
Prefix Length: /32 means the first 32 bits are the network part.
Subnet Mask: ffff:ffff::
Address Range: This defines a large address space, covering a significant portion of the IPv6 address space.
Network: 2001:0db8::/64
Prefix Length: /64 is commonly used for local IPv6 networks.
Subnet Mask: ffff:ffff:ffff:ffff::
Address Range: Provides 18 quintillion possible addresses for a single local network, far more than IPv4.
Key Takeaways
CIDR (Classless Inter-Domain Routing) eliminates the old Class A, B, C structure, offering much more flexible and efficient IP address allocation.
CIDR Prefix allows for precise control over how many IP addresses are allocated by defining a network prefix that can range from /0 to /32 for IPv4 (and /0 to /128 for IPv6).
Smaller Prefixes (like /8 for IPv4) allocate large blocks of IPs (millions of addresses), while larger prefixes (like /24 or /32) allocate smaller blocks of IPs (256 addresses or a single address, respectively).
CIDR significantly reduces address waste and helps optimize routing by aggregating address blocks.
Examples of CIDR Prefixes and Their Corresponding Address Ranges
AGGREGATION
Let’s discuss this.
Tree Topology and Address Aggregation: Notes and Explanation
The concept of tree topology and address aggregation plays a crucial role in optimizing routing in networks, particularly in reducing the size and complexity of routing tables.
Routing tables are fundamental to network operation, as they guide datagrams (network packets) to their destinations by determining the next hop along the path.
However, as the Internet grew in the 1990s, the size of routing tables became a significant issue, posing challenges to scalability and efficiency. Let's explore this concept in detail, referencing the main diagram.
ROUTING TABLE GROWTH PROBLEM
Routing tables in routers store information about where to send traffic based on destination IP addresses.
As the Internet expanded, the number of unique IP addresses increased, resulting in a proportional growth in the number of entries in these tables.
Each entry essentially represents a signpost at an intersection, directing traffic toward its next hop.
Without aggregation or hierarchy, every unique destination would require a distinct entry, making routing tables excessively large.
This problem compounded with the exponential growth of the Internet, leading to inefficiencies in memory usage, slower lookup times, and increased processing requirements for routers.
Address Aggregation and Classless Addressing
The introduction of classless inter-domain routing (CIDR) removed the rigid structure of classful addressing, allowing IP address blocks to be allocated in various sizes based on need.
While this helped conserve IP address space, it did not inherently solve the problem of large routing tables.
CIDR provided mechanisms for address aggregation, wherein multiple IP addresses could be represented by a single entry in the routing table, reducing redundancy.
However, even with CIDR, achieving optimal aggregation required careful assignment of IP addresses that corresponded to the underlying network topology.
Kleinrock and Kamoun's Hierarchical Routing
In their 1977 study, Kleinrock and Kamoun proposed a method for hierarchical routing, which demonstrated that organizing the network topology as a tree could significantly reduce routing table sizes.
A tree topology is a hierarchical structure where each router (node) connects directly to a parent or child router, with no cycles (redundant paths).
This structure naturally lends itself to efficient routing because there is only one path between any two routers, eliminating ambiguity in route selection.
The effectiveness of hierarchical routing depends heavily on how addresses are assigned within the network. This is illustrated in Figure 2-8 above:
Random Addressing (Location Independent):
On the left-hand side of the figure, addresses are assigned without regard to the topology.
This results in routers needing larger routing tables to store information about every possible destination.
For instance, the top router in this configuration requires nine entries to maintain connectivity with all other routers in the network.
As the tree grows, the routing table size increases proportionally, creating scalability issues.
Topology-Sensitive Addressing (Location Dependent):
On the right-hand side, addresses are assigned based on the position of each router in the tree.
For example, routers closer to the root of the tree are assigned prefixes that aggregate the addresses of their descendants.
In this case, the top router requires only three entries to reach any destination within its subtree.
This approach significantly reduces the size of routing tables, as fewer entries are needed to represent large portions of the network.
Advantages of Topology-Sensitive Addressing
Reduced Routing Table Size: By aggregating addresses, fewer entries are needed, saving memory and processing power in routers.
Scalability: As the network grows, the routing table size remains manageable, enabling efficient handling of larger topologies.
Shortest-Path Routing: Despite the reduced number of entries, shortest-path routes are maintained because the tree structure inherently minimizes path lengths between nodes.
Challenges and Limitations
While topology-sensitive addressing is highly efficient, it requires careful planning and strict adherence to hierarchical principles during address assignment.
Dynamic networks, where links and nodes frequently change, may require frequent reconfiguration of address assignments, making this approach less practical in such scenarios.
Additionally, the assumption of a strict tree structure may not hold in modern networks, which often rely on more complex topologies for redundancy and fault tolerance.
The principle of route aggregation helps significantly reduce the number of entries in a router's routing table by summarizing multiple address prefixes into a single, broader prefix.
Route aggregation, also known as route summarization, involves combining multiple smaller IP address blocks into a single larger address block to simplify routing tables and reduce the number of routes that need to be advertised.
In the image, you can see how the smaller IP address blocks (10.10.3.0/24 and 10.10.4.0/24) are aggregated into a larger address block (10.10.2.0/23) when advertised to another Autonomous System (AS4).
This process helps in managing routing information more efficiently and reduces the complexity of the global routing table.
This is particularly important in networks with hierarchical or tree-based topologies, where efficient management of routing information is critical for scalability. Let's break down the continuation of the notes and explain the remaining key points.
I know you’re wondering, what the hell is even that??
Let’s explain this confused and weird-looking image the author put in their book…
Initial Situation: We start with several /26 blocks (meaning each block has 64 addresses): 190.154.27.0/26, 190.154.27.64/26, and 190.154.27.192/26.
First Aggregation: The first two blocks, 190.154.27.0/26 and 190.154.27.64/26, are numerically adjacent. This means their addresses follow each other sequentially. Therefore, they can be combined into a single /25 block (128 addresses): 190.154.27.0/25.
Adding Another Block: The block 190.154.27.192/26, initially, cannot be directly aggregated with the /25 block because it's not contiguous. However, when the block 190.154.27.128/26 is added, it becomes possible to aggregate further.
Second Aggregation: Now, 190.154.27.128/26 can be combined with 190.154.27.192/26 to form 190.154.27.128/25.
Third Aggregation: The two /25 blocks (190.154.27.0/25 and 190.154.27.128/25) are now contiguous and can be combined into a /24 block (256 addresses): 190.154.27.0/24.
Final Aggregation: Finally, the /24 block 190.154.26.0/24, which is numerically adjacent to 190.154.27.0/24, is added. These two /24 blocks are combined into a /23 block (512 addresses): 190.154.26.0/23.
This image describes a process of Route Aggregation (or summarization), where multiple smaller networks are combined into a larger supernet.
We can also represent it as this, so that it can be more clear:
BENEFITS OF AGGREGATION📦
Aggregation (also called route summarization) is one of the most powerful ideas in IP addressing and routing.
Instead of advertising every single subnet individually, routers can combine contiguous blocks of addresses into a single larger prefix.
🔑 Why Aggregation Matters
Routing Table Efficiency
Effective routing table design prioritizes efficiency through a focused approach, minimizing memory consumption by reducing the number of entries, accelerating lookup times through faster data retrieval, and simplifying routing updates to reduce network churn and overall operational complexity.
Recursive Nature
Hierarchical routing tables are crucial for maintaining scalability as networks expand, allowing for the grouping of subnets into larger aggregates while ensuring that address allocation remains consistent with this hierarchical structure.
Contiguous Blocks Requirement
The design relies on the requirement that IP blocks must be numerically adjacent to form contiguous blocks, exemplified by the case of 192.168.0.0/25 and 192.168.0.128/25, which can be combined into a 192.168.0.0/24 block. Non-adjacent blocks cannot be meaningfully summarized.
Prefix Length Dynamics
Prefix length dynamics dictate that smaller prefix lengths result in larger blocks of addresses, as aggregation reduces the prefix length – for example, /26 combined with /26 results in /25.
📊 Example
Suppose a router has these routes:
192.168.0.0/26
192.168.0.64/26
192.168.0.128/26
192.168.0.192/26
👉 Instead of storing four entries, they can be aggregated into:
Now the router only needs one entry to cover the same range.
✅ Key Takeaway
Aggregation is like compressing routing information:
Saves memory.
Speeds up routing decisions.
Keeps networks scalable as they expand.
It’s one of the fundamental techniques that makes the Internet’s massive routing tables manageable.
HIERARCHICAL ROUTING & ADDRESS ASSIGNMENT 🌐
Hierarchical routing is the secret sauce that makes large-scale Internet routing possible.
Instead of every router needing an entry for every destination, addresses are assigned in a tree-like structure that allows aggregation into broader prefixes.
🔑 Why Hierarchical Assignment Matters
1. Efficient Routing Tables – The Core Benefit
What it is: Imagine you have a huge list of phone numbers (routing tables) for every phone in the world. Traditional routing relies on having a massive, sprawling list.
How it works: Hierarchical routing assigns more detailed information about routes to specific areas. It’s like a tree structure.
2. Why it's better
Faster Lookups: When a router needs to find the best route to a destination, it doesn’t have to search every single entry in the massive table. It can quickly jump to the most relevant, detailed entries. This is because the routing tables are organized.
Less Memory: Because the routing tables are smaller, the routers can handle more destinations at once without running into memory limitations. It's like having fewer phone numbers – it's easier to manage.
Aggregation: The key to this efficiency is aggregation. Hierarchical routing groups related routes together. Instead of having a huge list of all possible routes to a particular network segment, you have a single table that contains multiple routes to the same network.
3. Contrast with Flat Assignment – The Problem with a Simple List
What it is: Think of a flat list – a single, long table listing every possible route to every destination.
The Issue: With flat assignment, each router must maintain a complete record of every possible route to every destination. This means each router has a huge amount of data to store and manage – it’s bloaty and inefficient.
The Consequences:
Bloated Routing Tables: The tables become huge, increasing storage requirements and complexity.
Slower Operations: Looking up routes takes longer because more data needs to be examined.
4. Topology-Sensitive Addressing – The Smart Design
What it is: IP addresses are assigned to devices in a network, but the network itself changes over time. Topology refers to the arrangement of devices and links in the network.
How it works: Hierarchical routing is designed to match the network’s topology. It’s a smart way to allocate IP addresses that makes sense for how the network is structured.
The Importance:
Aligns Address Allocation: The IP address assignment is linked to the physical layout of the network. For example, if you have a highly branched network with many redundant paths, a hierarchical structure allows the IP address to reflect the actual routing paths, rather than a completely random allocation.
Recursive Aggregation: This is a crucial concept. As networks expand (more devices connected), the hierarchical structure allows for recursive aggregation. This means that as you add more devices to a network, existing routes to a particular segment are automatically grouped into larger routes. This significantly reduces the number of routes needed and improves routing efficiency. It's like having a shared, efficient map of the entire network – it can grow and adapt as needed.
In short: Hierarchical routing is a design choice that optimizes network performance by intelligently organizing routes and addressing the dynamic nature of networks. It’s a more efficient and scalable approach compared to a simple, flat list.
⚖️ Trade-Offs
Topology Changes → If subnets are restructured or new links added, addresses may need to be reassigned to preserve hierarchy.
This can be operationally challenging in large or dynamic networks.
Careful planning of address allocation is essential.
📊 Summary of the Approach
Aggregation = condensing multiple smaller prefixes into fewer, broader ones.
Success depends on hierarchical allocation that mirrors topology.
Advantages: smaller routing tables, efficient routing, scalability.
Drawback: reassigning addresses during topology changes.
Foundational Insight: Kleinrock & Kamoun showed that topology-sensitive addressing dramatically reduces routing table sizes.
✅ Key Takeaway
Hierarchical routing + aggregation is a cornerstone of modern Internet routing.
It allows the system to scale to millions of networks while keeping routing tables manageable.
The trade-off is operational complexity when topology changes, but the efficiency gains make it indispensable.
Next sub-topic: Special Use Addresses…
Page updated
Google Sites
Report abuse