A.1. IPv4 Subnetting

Back in the early days of the Internet, there were three major classes of addressing that were labeled A through C. Table A-1 shows how many hosts the Internet could support based on this system.

Table A-1. Original IPv4 class system


Networks per class

Hosts per network

IP range

Class A



Class B



Class C



Note: Two other classes, D and E, were reserved for multicast and "future use," respectively.

With the growth of the Internet, these classes became obsolete for a few reasons, the biggest of which was address space depletion. In the early 1990s, we could see that we would run out of address space to give to new Internet users. Another problem was that the routing tables on the Internet backbone routers were growing out of control. Without the ability to summarize routing information, the routing tables were growing beyond the router's capacity to store them.

In order to solve these problems, a new system of subnetting the IP address space was developed: classless inter-domain routing.

A.1.1. Classless Inter-Domain Routing

Classless inter-domain routing (CIDR) was developed to address IP address depletion and growing routing tables. The two main features of CIDR are:

  • Route table aggregation (which produces more efficient routing tables)
  • Effective use of the existing IP address space

The adoption of CIDR and other technologies such as network address translation (NAT; see Chapter 13 for details) has minimized but not resolved the problems of IP address space depletion and burgeoning routing tables. The problems that still exist in IPv4, even with the use of CIDR and NAT, have been addressed with the development of IPv6, described later in this appendix.

A.1.1.1. CIDR notation

In CIDR notation, a network address is represented by a prefix, which is simply the network address followed by a slash and the number of bits in the subnet mask. For example, the network address of with a subnet mask of is represented as As Table A-2 shows, there are 24 consecutive leftmost 1 bits in the binary representation, which gives us the /24 value. In other words, if you count the leftmost consecutive 1's in the binary representation of this prefix, you will count 24 bits.

If you are using the old class notation with CIDR, Class A would /8, Class B would be /16, and Class C is /24.

Table A-2 shows possible subnets of a /24 address space. In this table, the subnet binary representation illustrates the number of bits in the subnet. The usable hosts column is the number of addresses that can be used for host addresses, which is the actual number of addresses in the subnet minus the network and broadcast addresses. For example, the /27 prefix gives us actually 32 addresses. The first address is used for the network address and the last address is used for the broadcast address, which leaves use with 30 possible usable host addresses (32 - 2 = 30). See the "Subnet Math" section later in this appendix for more information on this calculation.

If you are considering taking a certification test in the future, committing Table A-2 to memory is a fairly good idea.

Table A-2. Subnets for the /24 address space


Usable subnets


Subnet mask

Subnet binary






Entire class C notation





CIDR and subnet-zero networks only






























Invalid because no bits are left for the host





Single host subnet mask

All zero and all ones subnets are included in the Usable Subnets calculation.

In Table A-2, you see that /31 is marked invalid because there are no bits left for the host. However, in IOS version 12.2(4), Cisco allows that subnet to be used on IPv4 point-to-point links, which is a good thing because it effectively doubles the number of point-to-point links that can be obtained from a given IP address range.

Table A-3 shows the entire CIDR table with dotted decimal subnet masks and the number of classful networks for each prefix.

Table A-3. Entire CIDR table


Subnet mask

Number of addresses


































































A.1.2. Subnet Math

When subnetting IP addresses, there are a few really important formulas. Most of these formulas entail basically converting the IP address to a binary number and then OR'ing or AND'ing it with the subnet mask or network number.

A.1.2.1. Subnet zero reminder

In the past, subnets with all ones and all zeros were not allowed. (Some legacy network hardware still follows this rule.) With Cisco devices, these subnets are allowed if the command ip subnet-zero is used. In all current versions of IOS, this command is enabled by default. It's important to keep this in mind as we describe the subnet calculations.

A.1.2.2. Calculating a network address from a host address

This subnet calculation is nothing more than a logical AND between the subnet mask and the host address. For example, if you had a host with an address of, you only need to perform the calculation in Table A-4 to find the network IP address.

Table A-4. Finding the network IP address for

Host address



Subnet mask (/27)




(logical AND)

Network address



By AND'ing the subnet mask and the host address, we are left with a new binary address. This binary number translates to in dotted decimal, which is the network address for this host address.

A.1.2.3. Calculating the broadcast address of a subnet

To calculate the broadcast address for any given subnet, it's a simple matter of logically OR'ing the inverted subnet mask with the network address. Shown in Table A-5 is the broadcast address calculation for the network, which is same network as in the previous example.

Table A-5. Calculating the broadcast address for

Network address



Inverted subnet mask




(logical OR)

Broadcast address


In this example, the inverse of the subnet mask is If we take the binary representation of that number and OR it with the network address, we are left with the broadcast address binary. When translated back to dotted decimal, this address is, which is the correct broadcast address for network.

A.1.2.4. Calculating available subnets

The following formula allows you to calculate the number of possible subnets in an address space, where N is the number of bits used in the subnet.

2N = Number of subnets available if subnet-zero is allowed (the default)

2N - 2 = Number of subnets available if subnet-zero is disabled

For example, what's the possible number of subnets of if subnet-zero is enabled? If we look at Table A-2 for the /27 prefix, we see that there are 3 bits in the last octet of the subnet binary. So, 23 (2 to the power of 3) gives eight usable subnets. If we weren't allowed to use the subnet-zero command, we'd have to use the second formula, which is 23 - 2, which results in six usable subnets.

A.1.2.5. Calculating the number of hosts per subnet

Calculating the number of available hosts per subnet is a little easier because there is no confusion about subnet zero. With the host address space, the first and last addresses are reserved and cannot be used for a host, except in the case of the /31, which we described earlier. The first address is reserved for the network number and the last address is reserved for the broadcast address.

The following formula allows you to calculate the number of usable hosts per subnet. N is the number of bits used for the host.

2N - 2 = Number of usable host addresses per subnet

If we use the same address as in the previous example,, we can find N by looking at Table A-2. If 3 bits are used in the last octet for the subnet mask, the host bit count is five. So, we plug 5 into our formula, which leaves us with 30 available host addresses (25 - 2 = 30).

A.1.3. More about Subnets

Our final section on IPv4 subnetting reviews the reserved private address space, how to change the way the router displays subnet information, and using VLSM.

A.1.3.1. Private address space

A certain amount of the original address space was reserved for private IP addresses. These address spaces are for private networks and are not routable on the Internet. Throughout this book, we use the private address space in all our examples so that we don't show any real addresses. Table A-6 shows the available private address space.

Table A-6. IPv4 private address space


IP range through through through


A.1.3.2. Changing the way the router displays subnet information

You can change the way the router displays subnet information. If you just want to change it for the current session, you can use the terminal ip netmask-format command, which is followed by the type decimal, bit-count, or hexadecimal. (Bit-count is the default.) The following example shows the output for all three versions of the command.

Router> terminal ip netmask-format bit-count Router> show ip int
FastEthernet0/0 is up, line protocol is up
 Internet address is
Router> terminal ip netmask-format decimal Router> show ip int
FastEthernet0/0 is up, line protocol is up
 Internet address is
Router> terminal ip netmask-format hexadecimal Router> show ip int
FastEthernet0/0 is up, line protocol is up
 Internet address is 0xFFFFFFE0

To apply the format change to the entire router, use the ip netmask-format configuration command, which takes the exact same parameters. The only difference is that the setting is stored in the router configuration and applies to all future sessions. However, this only changes the way the netmasks are displayed in the show and debug command output. When you enter an IP address in the router's configuration, you still need to use the format.

A.1.3.3. Variable Length Subnet Masks (VLSM)

Variable Length Subnet Masks or VLSMs allow a single network to be configured with multiple different subnet masks. This allows the network administrator to divide a network up with finer granularity. Not all routing protocols support VLSM. For example, RIP-v1 and IGRP require classful networking in order to work. Modern network routing protocols such as EIGRP, RIP-v2, OSPF, and IS-IS all support VLSM. The older protocols (RIPv1 and IGRP) require all subnet masks within the network to be configured the same. Employing the same mask throughout a subnet is called Fixed Length Subnet Masking (FLSM). If you try to use VLSM in your network while running RIPv1 or IGRP, the routes with differing masks will not show up in the routing table.

To enable the router to support VLSM, configure the router with the ip classless command, which is enabled by default on current versions of IOS. This command changes the way the router behaves in terms of subnetting by removing an assumption. The assumption is as follows: if there is a connected subnet (for example,, the router running a classful routing protocol assumes that it knows about every subnet in the network (in this example, subnet 10), which becomes a problem when there is a default route configured. If the router gets a packet for and it does not appear in the routing table, the normal behavior is to assume that the route does not exist and drop the packet, even though the default route exists. When the ip classless command is enabled, this assumption is overridden and the packet is not dropped. Instead, the packet is sent along the default route.

In order to better understand the purpose of VLSM, consider the following example. We have the network address space of, which we would like to split up into nine separate networks with the following specifications:

  • Four networks require six hosts per network.
  • Three networks require thirty hosts per network.
  • Two networks require sixty hosts per network.

Table A-7 shows how we could subnet our network to support this configuration with VLSM. Remember that this solution is the not the only way to subnet to meet our needs. (You can subnet the network any way you like.)

Table A-7. VLSM example




Host IPs




















Getting Started

IOS Images and Configuration Files

Basic Router Configuration

Line Commands

Interface Commands

Networking Technologies

Access Lists

IP Routing Topics

Interior Routing Protocols

Border Gateway Protocol

Quality of Service

Dial-on-Demand Routing

Specialized Networking Topics

Switches and VLANs

Router Security

Troubleshooting and Logging

Quick Reference

Appendix A Network Basics


show all menu

Cisco IOS in a Nutshell
Cisco IOS in a Nutshell (In a Nutshell (OReilly))
ISBN: 0596008694
EAN: 2147483647
Year: 2006
Pages: 1031
Authors: James Boney
Similar book on Amazon

Flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net