Welcome back, my aspiring cyber warriors!
In this series, we are exploring networks of all kinds and how to break them. In this tutorial we will examine subnetting and CIDR notation.
To begin, let’s state the obvious. First, to become a network engineer or network security engineer you should understanding subnetting. Second, there a number of tools that are convenient and useful in calculating your subnet including subnet calculators. That having been said, the calculators and other tools are no substitute for understanding sub-netting. That is what we intend to do here.
Why Subnetting?
Subnetting lets network administrators use the 32 bits in IPv4 IP address space more efficiently. They can create sub-nets within a Class A, B or C network. This enables the administrator to create networks with more realistic host numbers.
Sub-netting provides a flexible way to designate which portion of the IP address represents hosts IP and which portion represents the network ID. In addition, even if a single organization has thousands of devices, they don’t want them all running on the same network ID. The network would slow dramatically. By dividing up the network, you can have different physical networks and broadcast domains.
Subnets
A subnet is a network within a network, namely a Class A, B or C. Subnets are created by using one or more of the host bits to extend the network ID. As you know, Class A networks have a 8 bit network ID, Class B has a standard 16 bit network Id and Class C has a standard 24 bit network ID. Subnetting enables us to create network ID’s of any size.
A network mask or netmask, is binary mask that is applied to an IP address to determine whether two IP addresses are in the same subnet. A network mask works by applying binary AND operations between the IP address and the mask.
Subnet Masks
Subnet masks use the 32-bit structure of the IP address. The subnet masks tells the us which bits are for the Network ID and which bits are for the hosts ID. When the subnet mask bit is set to one, this means it is part of the network. A bit marked as zero is part of the host ID. To diagram below is meant to demonstrate this process of bit-wise AND operation between and IP address and its mask.
CIDR Notation
CIDR or Classless Inter-Domain Routing notation is a way of representing an IP address and the network mask associated with it. CIDR notation specifies an IP address, a slash (/) and a decimal number such as 192.168.1.0/24 where 24 represents the number of bits in the network mask. Of course, the number of bits can vary depending upon the number of subnets.
Our Scenario
To demonstrate this principle, let’s create a scenario. Let’s assume we have Class C network, say 192.168.1.0. That means we have 254 host addresses available (1-254). What if we needed 5 different networks with no more than 30 hosts per network?
We can create smaller networks by borrowing bits from the host portion of the address.
This provides us with a netmask like that below.
Those 3 bits would give us 2 to the 3rd power (8) -2 (we need subtract for the reserved network and broadcast IP) subnets or 6. There would be 5 bits left in the network portion of the address or 2 to the 5th power (32) – 2 or 30 hosts per subnet.
The calculation of the subnet mask after borrowing those 3 bits would be;
Summary
Subnetting is a key skill for every network engineer or anyone trying to do network forensics or network analysis. Hopefully, this brief tutorial sheds some light on the subject and at least leaves you conversant in this subject matter.
