Edit filter log

'[[File:Subnetting operation.svg|thumb|300px|right|Creating a subnet by dividing the host identifier]] A '''subnetwork''', or '''subnet''', is a logically visible subdivision of an [[IP network]].<ref>RFC 950, ''Internet Standard Subnetting Procedure'', J. Mogul, J. Postel (August 1985), page 1, 16</ref> The practice of dividing a network into two or more networks is called '''subnetting'''. All computers that belong to a subnet are addressed with a common, identical, most-significant bit-group in their [[IP address]]. This results in the logical division of an IP address into two fields, a network or routing prefix and the rest field or host identifier. The rest field is an identifier for a specific [[Host (network)|host]] or network interface. The routing prefix is expressed in [[CIDR notation]]. It is written as the first address of a network, followed by a slash character (''/''), and ending with the bit-length of the prefix. For example, <tt>192.168.1.0/24</tt> is the prefix of the [[IPv4|Internet Protocol Version 4]] network starting at the given address, having 24 bits allocated for the network prefix, and the remaining 8 bits reserved for host addressing. The [[IPv6]] address specification <tt>2001:db8::/32</tt> is a large network with 2⁹⁶ addresses, having a 32-bit routing prefix. In IPv4 the routing prefix is also specified in the form of the '''subnet mask''', which is expressed in [[Dot-decimal notation|quad-dotted decimal representation]] like an address. For example, <tt>255.255.255.0</tt> is the network mask for the <tt>192.168.1.0/24</tt> prefix. Traffic between subnetworks is exchanged or ''routed'' with special gateways called [[router (computing)|routers]] which constitute the logical or physical boundaries between the subnets. The benefits of subnetting vary with each deployment scenario. In the address allocation architecture of the Internet using [[Classless Inter-Domain Routing]] (CIDR) and in large organizations, it is necessary to allocate address space efficiently. It may also enhance routing efficiency, or have advantages in network management when subnetworks are administratively controlled by different entities in a larger organization. Subnets may be arranged logically in a hierarchical architecture, partitioning an organization's network address space into a tree-like routing structure. ==Network addressing and routing== Computers participating in a network such as the [[Internet]] each have at least one logical address. Usually this address is unique to each device and can either be configured [[Dynamic Host Configuration Protocol|dynamically]] from a network server, statically by an administrator, or automatically by [[stateless address autoconfiguration]]. An address fulfills the functions of identifying the host and locating it on the network. The most common network addressing architecture is [[Internet Protocol]] version 4 ([[IPv4]]), but its successor, [[IPv6]], is in early [[IPv6 deployment|deployment]] stages. An IPv4 address consists of 32 bits, for human readability written in a form consisting of four decimal [[Octet (computing)|octets]] separated by [[full stop]]s (dots), called [[dot-decimal notation]]. An [[IPv6 address]] consists of 128 bits written in a hexadecimal notation and grouping 16 bits separated by colons. For the purpose of network management, an IP address is logically divided into two logical parts, the network prefix and the host identifier or ''rest field''. All hosts on a subnetwork have the same network prefix. This routing prefix occupies the most-significant bits of the address. The number of bits allocated within a network to the internal routing prefix may vary between subnets, depending on the network architecture. The host part is a unique local identification and is either a host number on the local network or an interface identifier. This logical addressing structure permits the selective [[routing]] of IP packets across multiple networks via special gateway computers, called [[Router (computing)|router]]s, to a destination host if the network prefixes of origination and destination hosts differ, or sent directly to a target host on the local network if they are the same. Routers constitute logical or physical borders between the subnets, and manage traffic between them. Each subnet is served by a designated default router, but may consist internally of multiple physical [[Ethernet]] segments interconnected by [[network switch]]es or [[network bridge]]s. The routing prefix of an address is written in a form identical to that of the address itself. This is called the network mask, or ''netmask'', of the address. For example, a specification of the most-significant 18 bits of an IPv4 address, <code>11111111.11111111.11000000.00000000</code>, is written as <code>255.255.192.0</code>. If this mask designates a subnet within a larger network, it is also called the ''subnet mask''. This form of denoting the network mask, however, is only used for IPv4 networks. While in IPv6 the mask must consist of a set of contiguous 1-bits, in IPv4 this is not enforced, albeit no efficiency is gained. The modern standard form of specification of the network prefix is [[CIDR notation]], used for both IPv4 and IPv6. It counts the number of bits in the prefix and appends that number to the address after a ''slash'' (/) character separator: *<tt>192.168.0.0</tt>, netmask <tt>255.255.255.0<tt> is written as <tt>192.168.0.0/24</tt> *In IPv6, <tt>2001:db8::/32</tt> designates the address <tt>2001:db8::</tt> and its network prefix consisting of the most significant 32 bits. This notation was introduced with [[Classless Inter-Domain Routing]] (CIDR) in RFC 4632. In IPv6 this is the only acceptable form to denote network or routing prefixes. In [[classful network]]ing in IPv4, prior to the introduction of CIDR, the network prefix could be directly obtained from the IP address, based on its highest order bit sequence. This determined the class (A, B, C) of the address and therefore the network mask. Since the introduction of CIDR, however, assignment of an IP address to a network interface requires two parameters, the address and its network mask. In IPv4, on-link determination for an IP address is given simply by the address and netmask configuration, as the address cannot be disassociated from the on-link prefix.<ref>RFC 1122, ''Requirements for Internet Hosts -- Communication Layers'', Section 3.3.1, R. Braden, IETF (October 1989)</ref> For IPv6, however, on-link determination is different in detail and requires the [[Neighbor Discovery Protocol]] (NDP).<ref>RFC 4861, ''Neighbor Discovery for IP version 6 (IPv6)'', T. Narten et al. (September 2007)</ref><ref>RFC 5942, '' IPv6 Subnet Model: The Relationship between Links and Subnet Prefixes'', H. Singh, W. Beebee, E. Nordmark (July 2010)</ref> IPv6 address assignment to an interface carries no requirement of a matching on-link prefix and vice versa, with the exception of [[link-local address]]es. While subnetting may improve network performance in an organizational network, it increases routing complexity, since each locally connected subnet must be represented by a separate entry in the [[routing table]]s of each connected router. However, by careful design of the network, routes to collections of more distant subnets within the branches of a tree-hierarchy can be aggregated by single routes. [[Variable-length subnet masking]] (VLSM) functionality in commercial routers made the introduction of CIDR seamless across the Internet and in enterprise networks. ==IPv4 subnetting== The process of subnetting involves the separation of the network and subnet portion of an address from the host identifier. This is performed by a [[Binary and|bitwise AND]] operation between the IP address and the (sub)network mask. The result yields the network address or prefix, and the remainder is the host identifier. ===Determining the network prefix=== An IPv4 network mask consists of 32 bits, a sequence of ones (1) followed by a block of 0s. The trailing block of zeros (0) designates that part as being the host identifier. The following example shows the separation of the network prefix and the host identifier from an address (192.168.5.130) and its associated /24 network mask (255.255.255.0). The operation is visualized in a table using [[Binary numeral system|binary]] address formats. {| class="wikitable" style="margin:left;" ! ! Binary form ! Dot-decimal notation |- | IP address | <code>11000000.10101000.00000101.10000010</code> | <code>192.168.5.130</code> |- | Subnet mask | <code>11111111.11111111.11111111.00000000</code> | <code>255.255.255.0</code> |- | Network prefix | <code>11000000.10101000.00000101.00000000</code> | <code> 192.168.5.0</code> |- | Host part | <code>00000000.00000000.00000000.10000010</code> | <code> 0.0.0.130</code> |} The mathematical operation for calculating the network prefix is the [[binary and]]. The result of the operation yields the network prefix 192.168.5.0 and the host number 130. ===Subnetting=== Subnetting is the process of designating some high-order bits from the host part and grouping them with the network mask to form the '''subnet mask'''. This divides a network into smaller subnets. The following diagram modifies the example by moving 2 bits from the host part to the subnet mask to form a smaller subnet one quarter the previous size: {| class="wikitable" style="margin:left;" ! ! Binary form ! Dot-decimal notation |- | IP address | <code>11000000.10101000.00000101.10000010</code> | <code> 192.168.5.130</code> |- | Subnet mask | <code>11111111.11111111.11111111.'''11'''000000</code> | <code>255.255.255.192</code> |- | Network prefix | <code>11000000.10101000.00000101.10000000</code> | <code> 192.168.5.128</code> |- | Host part | <code>00000000.00000000.00000000.00000010</code> | <code> 0.0.0.2</code> |} ===Special addresses and subnets=== Internet Protocol version 4 uses specially designated address formats to facilitate recognition of special address functionality. The first and the last subnets obtained by subnetting have traditionally had a special designation and, early on, special usage implications.<ref>{{cite web |url = http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080093f18.shtml |title = Document ID 13711 - Subnet Zero and the All-Ones Subnet |publisher = [[Cisco Systems]] |date = 2005-08-10 |accessdate = 2010-04-25 |quote = Traditionally, it was strongly recommended that subnet zero and the all-ones subnet not be used for addressing. [...] Today, the use of subnet zero and the all-ones subnet is generally accepted and most vendors support their use. }}</ref> In addition, IPv4 uses the ''all ones'' host address, i.e. the last address within a network, for broadcast transmission to all hosts on the link. {{anchor|subnet zero}}{{anchor|all-ones subnet}} ====Subnet zero and the all-ones subnet==== The first subnet obtained from subnetting has all bits in the subnet bit group set to zero (0). It is therefore called ''subnet zero''.<ref> {{cite web | url = http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080093f18.shtml | title = Document ID 13711 - Subnet Zero and the All-Ones Subnet | publisher = [[Cisco Systems]] | date = 2005-08-10 | accessdate = 2010-04-23 | quote = the first [...] subnet[...], known as subnet zero }} </ref> The last subnet obtained from subnetting has all bits in the subnet bit group set to one (1). It is therefore called the ''all-ones subnet''.<ref> {{cite web | url = http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080093f18.shtml | title = Document ID 13711 - Subnet Zero and the All-Ones Subnet | publisher = [[Cisco Systems]] | date = 2005-08-10 | accessdate = 2010-04-23 | quote = [...] the last subnet[...], known as [...] the all-ones subnet }} </ref> The IETF originally discouraged the production use of these two subnets due to possible confusion of having a network and subnet with the same address.<ref> {{cite web | url = RFC 950 | publisher = Internet Engineering Task Force (IETF) | author = Jeffrey Mogul | coauthors = [[Jon Postel]] | title = Internet Standard Subnetting Procedure | page = 6 | month = August | year = 1985 | accessdate = 2010-04-23 | quote = It is useful to preserve and extend the interpretation of these special addresses in subnetted networks. This means the values of all zeros and all ones in the subnet field should not be assigned to actual (physical) subnets. }} </ref> The practice of avoiding subnet zero and the all-ones subnet was declared obsolete in 1995 by RFC 1878, an informational, but now historical document.<ref> {{cite web | url = RFC 1878 | title = Variable Length Subnet Table For IPv4 | author = Troy Pummill | coauthors = Bill Manning | month = December | year = 1995 | quote = This practice is obsolete! Modern software will be able to utilize all definable networks. }} Note: <nowiki>RFC 1878</nowiki> is an Informational RFC, and has been demoted to category ''Historic''. </ref> ===Subnet and host counts=== The number of subnetworks available, and the number of possible hosts in a network may be readily calculated. In the example (above) two bits were borrowed to create subnetworks, thus creating 4 (2²) possible subnets. {| class="wikitable" ! Network ! Network (binary) ! Broadcast address |- | <code>192.168.5.0/26</code> | <code>11000000.10101000.00000101.'''00'''000000</code> | <code>192.168.5.63</code> |- | <code>192.168.5.64/26</code> | <code>11000000.10101000.00000101.'''01'''000000</code> | <code>192.168.5.127</code> |- | <code>192.168.5.128/26</code> | <code>11000000.10101000.00000101.'''10'''000000</code> | <code>192.168.5.191</code> |- | <code>192.168.5.192/26</code> | <code>11000000.10101000.00000101.'''11'''000000</code> | <code>192.168.5.255</code> |} The RFC 950 specification reserves the subnet values consisting of all zeros ([[#subnet zero|see above]]) and all ones ([[Broadcasting (computing)|broadcast]]), reducing the number of available subnets by two. However, due to the inefficiencies introduced by this convention it was abandoned for use on the public Internet, and is only relevant when dealing with legacy equipment that does not implement CIDR. The only reason not to use the all-zeroes subnet is that it is ambiguous when the prefix length is not available. All CIDR-compliant routing protocols transmit both length and suffix. RFC 1878 provides a subnetting table with examples. The remaining bits after the subnet are used for addressing hosts within the subnet. In the above example the subnet mask consists of 26 bits, leaving 6 bits for the host identifier. This allows for 64 combinations (2⁶), however the all zeros value and all ones value are reserved for the network ID and broadcast address respectively, leaving 62 addresses. In general the number of available hosts on a subnet is 2ⁿ−2, where n is the number of bits used for the host portion of the address. RFC 3021 specifies an exception to this rule when dealing with 31-bit subnet masks (i.e. 1-bit host identifiers). In such networks, usually [[Point-to-point (telecommunications)|point-to-point links]], only two hosts (the end points) may be connected and a specification of network and broadcast addresses is not necessary. A /24 network may be divided into the following subnets by increasing the subnet mask successively by one bit. This affects the total number of hosts that can be addressed in the /24 network (last column). {| class="wikitable" ! Prefix size ! Network mask ! Available<br>subnets ! Usable hosts<br> per subnet ! Total<br>usable hosts |- | /24 | <code>255.255.255.0</code> | 1 | 254 | 254 |- | /25 | <code>255.255.255.128</code> | 2 | 126 | 252 |- | /26 | <code>255.255.255.192</code> | 4 | 62 | 248 |- | /27 | <code>255.255.255.224</code> | 8 | 30 | 240 |- | /28 | <code>255.255.255.240</code> | 16 | 14 | 224 |- | /29 | <code>255.255.255.248</code> | 32 | 6 | 192 |- | /30 | <code>255.255.255.252</code> | 64 | 2 | 128 |- | /31 | <code>255.255.255.254</code> | 128 | 2 ^* | 256 |} ''*only applicable for point-to-point links ==IPv6 subnetting==<!--[[IPv6 subnetting]] redirects here--> The design of the [[IPv6]] address space differs significantly from IPv4. The primary reason for subnetting in IPv4 is to improve efficiency in the utilization of the relatively small address space available, particularly to enterprises. No such limitations exist in IPv6, as the large address space available, even to end-users, is not a limiting factor. An RFC 4291 compliant subnet always uses IPv6 addresses with 64 bits for the host portion.<ref>{{cite web | title = IP Version 6 Addressing Architecture - section 2.5.1. Interface Identifiers | publisher = Internet Engineering Task Force | url = http://tools.ietf.org/html/rfc4291#section-2.5.1 | quote = For all unicast addresses, except those that start with the binary value 000, Interface IDs are required to be 64 bits long and to be constructed in Modified EUI-64 format. | accessdate = 2011-02-13 }}</ref> It therefore has a /64 routing prefix (128&minus;64 = the 64 most significant bits). Although it is technically possible to use smaller subnets,<ref>{{cite web | title = IPv6 Stateless Address Autoconfiguration - section 5.5.3.(d) Router Advertisement Processing | publisher = Internet Engineering Task Force | url = http://tools.ietf.org/html/rfc4862#section-5.5.3 | quote = It is the responsibility of the system administrator to ensure that the lengths of prefixes contained in Router Advertisements are consistent with the length of interface identifiers for that link type. [...] an implementation should not assume a particular constant. Rather, it should expect any lengths of interface identifiers. | accessdate = 2011-02-13 }}</ref> they are impractical for local area networks based on Ethernet technology, because 64 bits are required for stateless address auto configuration.<ref>{{cite web | title = Transmission of IPv6 Packets over Ethernet Networks - section 4 Stateless Autoconfiguration | publisher = Internet Engineering Task Force | url = http://tools.ietf.org/html/rfc2464#section-4 | quote =The Interface Identifier [AARCH] for an Ethernet interface is based on the EUI-64 identifier [EUI64] derived from the interface's built-in 48-bit IEEE 802 address. [...] An IPv6 address prefix used for stateless autoconfiguration [ACONF] of an Ethernet interface must have a length of 64 bits. }}</ref> The [[Internet Engineering Task Force]] recommends the use of /64 subnets even for point-to-point links, which consist of only two hosts.<ref>{{cite web | title = Use of /127 Prefix Length Between Routers Considered Harmful | publisher = Internet Engineering Task Force | url = http://tools.ietf.org/html/rfc3627#section-4 | quote = One could use /64 for subnets, including point-to-point links. [...] Failing that, /126 does not have this problem, and it can be used safely on a point-to-point link }}</ref> IPv6 does not implement special address formats for broadcast traffic or network numbers,<ref>{{cite web | title = IP Version 6 Addressing Architecture - section 2 IPv6 Addressing | publisher = Internet Engineering Task Force | url = http://tools.ietf.org/html/rfc4291#section-2 | quote = There are no broadcast addresses in IPv6, their function being superseded by multicast addresses. [...] In IPv6, all zeros and all ones are legal values for any field, unless specifically excluded. }}</ref> and thus all addresses in a subnet are valid host addresses. The all-zeroes address is reserved as the Subnet-Router anycast address.<ref>{{cite web | title = IP Version 6 Addressing Architecture - section 2.6.1 Required Anycast Address | publisher = Internet Engineering Task Force | url = http://tools.ietf.org/html/rfc4291#section-2.6.1 | quote = This anycast address is syntactically the same as a unicast address for an interface on the link with the interface identifier set to zero. }}</ref> The recommended allocation for an IPv6 customer site is an address space with an 80-bit (/48) prefix.<ref>{{cite web | title = IPv6 Addressing Plans | publisher = ARIN IPv6 Wiki | url = http://www.getipv6.info/index.php?title=IPv6_Addressing_Plans&oldid=2998 | quote = All customers get one /48 unless they can show that they need more than 65k subnets. [...] If you have lots of consumer customers you may want to assign /56s to private residence sites. | accessdate = 2010-04-25 }}</ref> This provides {{gaps|65|536}} subnets for a site. Despite this recommendation, other common allocations are /56 (72 bits) as well as /64 prefixes for a residential customer network. Subnetting in IPv6 is based on the concepts of variable-length subnet masking (VLSM) and the [[Classless Inter-Domain Routing]] methodology. It is used to route traffic between the global allocation spaces and within customer networks between subnets and the Internet at large. ==See also== *[[IPv4 subnetting reference]] *[[IPv6 subnetting reference]] *[[autonomous system (Internet)|Autonomous System]] ==References== {{Reflist}} ==Further reading== *RFC 1812 Requirements for IPv4 Routers *RFC 917 Utility of subnets of Internet networks *RFC 1101 DNS Encodings of Network Names and Other Type *Blank, Andrew G. ''TCP/IP Foundations Technology Fundamentals for IT Success''. San Francisco, London: Sybex, Copyright 2004. *Lammle, Todd. ''CCNA Cisco Certified Network Associate Study Guide 5th Edition''. San Francisco, London: Sybex, Copyright 2005. *Groth, David and Toby Skandier. ''Network + Study Guide'', 4th Edition. San Francisco, London: Wiley Publishing, Inc., Copyright 2005. ==External links== *[http://www.ralphb.net/IPSubnet/ IP Address Subnetting Tutorial] *[http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml Cisco-IP Addressing and Subnetting for New Users] *[http://techrepublic.com.com/5100-1035_11-6089187.html?tag=fdpop IP subnetting made easy] *{{dmoz|Computers/Internet/Protocols/IP/Addressing/|Subnetworking}} *[http://studygroup.theodorezuckerman.com/subnetting_and_ip_addressing.html IPv4 Addressing and Subnetting, Why, How] *[http://unixwiz.net/techtips/netmask-ref.html Netmask Quick Reference Chart] [[Category:Routing]] [[Category:Network addressing]] [[Category:Internet architecture]] [[de:Subnetz]] [[es:Subred]] [[fr:Sous-réseau]] [[ko:부분망]] [[id:Subnetwork]] [[it:Sottorete]] [[nl:Subnet]] [[pl:Podsieć]] [[pt:Sub-rede]] [[fi:Aliverkko]] [[sv:Subnät]] [[ta:உள்பிணையம்]] [[zh:子网]]'