[ previous ] [ next ] [ threads ]
 
 From:  Jim Gifford <jim at giffords dot net>
 To:  M0n0wall <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Re: Networking knowledge
 Date:  Mon, 8 Mar 2004 18:10:48 -0500
I'll send this to the list in case others might find it useful

With IPv4, the IP Address space consists of 4 octets (32 bits), which is
basicall in 2 parts.  Part of the address is the network part, and part
is the host part.  IPv4 originally had classes of address that imposed a
rigid set of guidelines on the network part of the address and the host
part of the address.  The reason for a network part and a host part is
that hosts on the same network part can assume they have the ability to
talk directly to each other, whereas when they cross over a network part,
a router must be involved somewhere in the chain.

In the old days, people with large classed networks (class B and class A
mostly) would divide their network up internally.  This was called a
sub network, or subnet for short.  In order for a host to know what part
of its IP Address is the network part and what part is the host part, it
uses a bitmask known as a subnet mask.  Most people that know about
subnet masks are familiar with seeing them of the form 255.255.255.0 for
example.

At some point, something called CIDR (Classless Inter-Domain Routing) was
introduced that effectively abolished the old class based subnetting.  At
the same time, it was recognized that most people didn't use unnatural
nemasks (something like 255.255.255.1 for example, while mathematically
valid, is mostly just lunacy in a real network [*]).  In an effort to
"normalize" the references to subnets, the so-called CIDR notation was
adopted.  This consisted of an IP Address followed by '/' followed by the
number of bits that should be turned on in the subnet mask.

If you look at 255.255.255.248 as 4 octets (ie, 4 bytes), you find
something like this (read the numbers here vertically, the bitmask is
below them):

1        1        1        1
2631     2631     2631     2631         <-- values
84268421 84268421 84268421 84268421

11111111 11111111 11111111 11111000     <-- bits on or off

12345678 91111111 11122222 22222333     <-- counted bits
          0123456 78901234 56789012

You can see looking at this that the first 29 bits are turned on, so an
address of 192.168.100.0/255.255.255.248 can also be expressed more
simply as 192.168.100.0/29.

The interesting side effect of all this is that you can take 32 and
subtract the netmask bits to get the host bits.  In the above example,
there are 3 host bits.  2 to the power of 3 is 8, meaning 8 host
addresses.  It's really quite simple.  :)

If someone wants to clean up the above text for inclusion into the
m0n0wall manual or FAQ, feel free to do so.

[*] Yes, wild subnet masks like 255.255.255.1 are technically valid, and
interestingly enough, you can even get some routers to route packets that
way.  This particular example has the distinction of separating the even
and odd numbered hosts.  However, this is certainly an action that would
make most network admins cringe, not to mention router vendors.  I
strongly discourage anyone from attempting a netmask this unusual except
perhaps in an isolated testing environment.  I'm not responsible for any
headaches you get while contemplating such a crazy netmask.

hope this helps,
jim

On Mon, Mar 08, 2004 at 02:43:45PM -0800, steven murphy wrote:
> 
> On Mar 8, 2004, at 2:43 PM, steven murphy wrote:
> 
> >anyone have linkage to a site that covers the 10.10.101.10/1-3X stuff, 
> >I dont know what the /XX does exactly.
> >im currentrly enrolled in Cisco academy 1.
> >
> >
> >Steven Murphy
> >Murphy's Computer Repair
> >http://homepage.mac.com/im_electronic
> >Cell: 619.244.9907
> >Landline: 619.444.7717
> >im underscore electronic at mac dot com
> >
> >
> 
> 
> Steven Murphy
> Murphy's Computer Repair
> http://homepage.mac.com/im_electronic
> Cell: 619.244.9907
> Landline: 619.444.7717
> im underscore electronic at mac dot com
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>