For the Cisco exams, you will most definitely need to understand the concept of subnetting well. You will need to determine whether a given IP address is a network, host, or directed broadcast address using nothing but pen and paper. You may also have to complete simulations in which you have to calculate subnets to complete. After you pass the exam, you can use subnet calculators which can be found easily online. Hopefully I can impart a little wisdom to you with my easy to learn approach to subnetting.

What is a Subnet Mask?

Class Network Bits Host Bits

A 8 24

B 16 16

C 24 8

Look at the above chart: Remember that Class C networks normally have 24 Network bits and 8 host bits. What this means is that the first 24 bits of the IP address constitute the network and the last 8 bits are used for individual hosts. It's probably easier to look at an example. Let's take a network like 192.168.1.34. Already we can tell it is a Class C address because the first octet range for class C is 192 - 223. We also know that the usual subnet mask for class C is 255.255.255.0. That means the last octet we can use for host addresses. You have 254 addresses available for hosts (256 total minus 2 which are reserved as the network and the directed broadcast addresses).

Stealing Bits

What if you needed 2 networks but didn't want to own 2 class C addresses? Well, you can split, or subnet, the one you have in half. We do this by stealing host bits from the last octet. What this does is creates 2 network addresses with roughly half the number of available hosts. So as long as you didn't need any more than 126 hosts on either of the networks, you will be able to get away with this strategy.

If you write out the subnet mask from a regular class C network in binary, you get 11111111.11111111.11111111.00000000. Notice something? Yep, the subnet mask is a continuous string of 1's followed by a continuous string of 0's. Where there is a 1, the subnet mask is saying "this bit is part of the network address". Think of a phone number: the first 3 digits represent the area code and the rest is a unique local number within that area code. So, using the above example, the network address is 192.168.1.0. But now we want to split it into two networks. How do we do this? We steal a host bit and incorporate it into our subnet mask. If we do this in binary, we write it out like this: 11111111.11111111.11111111.10000000. See that 1 in the lasst octet? So how do we write the subnet mask in dotted-decimal notation? See the chart below:

Subnet Mask Binary Number of Bits Subnet Mask Decimal

10000000 1 128

11000000 2 192

11100000 3 224

11110000 4 240

11111000 5 248

11111100 6 252

11111110 7 254

Using the chart, we only stole 1 bit, so the subnet mask is 255.255.255.128. Sometimes you will see the IP address written like this: 192.168.1.34/25. The 25 means that you are using 25 bits for the subnet mask. (I want to point out that the max number of stolen bits you can realistically use is 6. This will leave exactly 1 network address, 1 broadcast address, and 2 host addresses. Sometimes you will find this configuration when designing point-to-point connections such as WAN links.)

So how do we determine what the network addresses, host addresses, and directed broadcast addresses are? First we need to know how many subnets you created by stealing an extra bit. fortunately this is easy. We use the following formula 2 ^ n (sorry, that means 2 to the n power). n = the number of bits we stole, in this case 1. So, using the formula, we know we created 2 subnets. Now we need to know what the multiplier for the subnets is. In other words, how many total addresses including network, host, and directed broadcast addresses are there per subnet. Fortunately, this is easy too. We use the "interested" octet number and subtract it from 256. (The "interested" octet is the last octet we steal host bits from. Usually the one with a number that is neither 0 nor 255. In our example, 255.255.255.128, 128 is the "interested" octet.) so 256 - 128 = 128. So now we create a table of network addresses with 128 host bits each. Then we determine the directed broadcast address which is the last address before the next network address. Then we can tell which addresses we can use for hosts. See the table below:

Network Address Hosts Directed Broadcast

192.168.1.0 192.168.1.1 - 192.168.1.126 192.168.1.127

192.168.1.128 192.168.1.129 - 192.168.1.254 192.168.1.255

So using this table, we can tell that 192.168.1.34 is a host address found in the 192.168.1.0 network

(Exam tips: as it turns out, if the given IP address is even, it will never be a directed broadcast address. If it is odd, it will never be a network address. But host addresses can be even or odd. Also remember that the first network address will be xxx . xxx . xxx . 0)

Sounds easy enough right? Let's try this one on for size.

Q: Determine whether the following IP address is a Network, Host, or Directed Broadcast Address: 172.34.23.255/20

OK first we know it is not a Network Address because the last number is odd.

Determine how many subnets we have: This is a class B address which normally would have 16 network bits, so the /20 would mean, we are steling 4 bits from the 3rd octet. 2 ^ 4 = 16 subnets. Good so far?

Determine the multiplier for the subnets. We write down the subnet in binary 11111111.11111111.11110000.00000000 and convert to decimal using the subnet chart, 255.255.240.0. The "interested" octet is 240, so 256 - 240 = 16 network addresses per subnet. Still with me?

Write the chart:

Network Address Host addresses Directed Broadcast

172.34.0.0 172.34.0.1 - 172.34.15.254 172.34.15.255

172.34.16.0 172.34.16.1 - 172.34.31.254 172.34.31.255

172.34.32.0 172.34.32.1 - 172.34.47.254 172.34.47.255

... we can keep going, but we already past the number from the quetion... why waste precious exam time here?

So we can now tell that 172.34.23.255/20 is a host address.

Conclusion

Well, I hope I helped at least a few people on how to disect Subnet masks. I hope this easy tutorial will help you pass your exam. Subnet masks are used to determine the network address portion of a given IP address. When you need more networks, you can steal host bits to create multiple subnets. By using the easy to follow method I outlined, you can determine whether a given IP address is a network address, host address or directed broadcast address. Use my subnet chart above to help you with regard to subnet mask addresses.

image: jscreationz / Free Digital Photos