Variable-Length Subnetting in the RFCs

Ordinarily, I would point out an IETF source document that is the basis for an Internet technology and then expound on that technology. In the case of Variable-Length Subnet Masking (VLSM), there is no clear-cut genesis document. Searching the Internet or the RFC Editor's database turns up a variety of references, mostly in documents dedicated to other topics. The more salient of these tangential reference documents are RFC 1009 and RFC 1878. They provide you with the context for the development of variable-length subnets and supporting mathematics and helps you appreciate a more thorough examination of VLSM. The following sections discuss each of these RFCs.

RFC 1009

The first "official" acknowledgment that you could use multiple subnet masks came in June 1987 with RFC 1009. Although this RFC focused on requirements for Internet gateways, the perceived benefits of a flexible approach to subnetting were identified. The rationale for supporting flexible or variable subnet masks was an acknowledgment of the inefficiency of trying to use a single mask for multiple subnets. Additionally, the RFC's authors acknowledged that subnetting was strictly a local phenomenon that had no impact on global routing. Consequently, enabling subnets to be created with different sized masks within the same network address offered tremendous benefits with no disadvantages. The flexibility was deemed critical to a continued ability to cope with the Internet's future expected growth.

Here are some of the rules stipulated in this RFC:

Not assigning subnet addresses with values of either all 1s or all 0s.
It was recommended, but not required, that the host address's highest-order bits be used to create the subnet addresses. This ensured that both network and subnetwork addresses remained contiguous. For example, let's see what happens if the Class C-sized network address 192.168.125.0 is subnetted with a subnet mask of 255.255.255.224. Translating that address to binary results in 11000000.10101000.01111101.00000000. The last 8 bits are the only ones used for host addresses, so you are exhorted by the RFC to use this field's highest-order bits to create your subnet address. I have indicated those bits in bold italic to make it very clear what is meant by highest-order bits.
The Internet would route to the subnetted location using only the network portion of the IP address. Local gateways (known more commonly today as routers) would be required to route to specific destinations using the entire extended network prefix. The extended network prefix, to refresh your memory, is the network address plus the subnet address. This prefix can be seen only when you view the address in binary form. Let's look at this a little closer using the same example as before. The extended network prefix for address 192.168.125.0 with a subnet mask of 255.255.255.224 is indicated in bold italic in the following bit string: 11000000.10101000.01111101.00000000. The local router makes its forwarding decisions based on both the network and subnetwork portions of an IP address.

Remember that because a subnet mask is of local significance only, nothing you do at the subnet level has any impact whatsoever on routing to your network. At the time RFC 1009 was published, many network administrators had figured out the mathematics of VLSM on their own and were not only creating variable-length subnets, but also nesting multiple levels of subnets within other subnets! Thus, the Spartan description of guidelines on how to support variable-length subnets in RFC 1009 amounted to little more than an acknowledgment of what was already becoming common practice.

The term VLSM is not used in RFC 1009. Instead, the RFC's authors seem to prefer describing this phenomenon as flexible subnet masks.

Standardization Without Ratification

It is generally understood and accepted that VLSM was an evolutionary step forward that was made possible by the successes of FLSM. However, few understand that VLSM wasn't explicitly and separately defined until long after it was in common use.

You might be wondering how on earth someone could use something like VLSM if it hasn't been formally developed or sanctioned by the IETF. That's a fair question. It certainly isn't the normal way a technology becomes accepted and deployed throughout the Internet user community. The answer is remarkably simple: VLSM didn't have to be sanctioned, because the capability already existed. We just lacked the sophistication to appreciate it. That probably sounds a little cryptic, so let me try explaining it in more-tangible terms. In a local-area network (LAN), subnet masks are configured in three general locations:

A router's interface to a LAN
Management ports on all LAN devices such as hubs or switches
All the hosts connected to that LAN

In order for everything to work properly in an FLSM environment, all interfaces within a network must use the same mask. This includes all the hosts, the router interface, and the management ports on the LAN hubs or switches. But each of these interfaces is configured separately. No requirement in the FLSM specifications mandated a sanity check across all of a router's interfaces to ensure that the same-sized mask was being used. Some early routing platforms gave the administrator a caution but accepted the flawed configuration. Thus, nothing stopped you from assigning different-sized subnet masks to different router interfaces, even though each of those interfaces might have been configured with IP addresses from the same network address.

In lieu of IETF standardization, grassroots creativity allowed FLSM to deliver greater capability than its creators ever imagined possible. The IETF first acknowledged the informal practice of "flexible" subnetting in RFC 1009, released way back in June 1987. However, they didn't grant legitimacy to that practice until they started developing another technology, Classless Interdomain Routing (CIDR). A rather inauspicious start for an invaluable capability!

RFC 1878

RFC 1878 is an Informational RFC released in December 1995. It defined no new technology or protocol, but it offered greater clarification on the mathematical trade-offs between the number of hosts and the number of subnets that could be created with various-sized network blocks. In fact, RFC 1878 was titled "Variable Length Subnet Table for IPv4."

One of the more useful tables in this RFC is excerpted in Table 4-1. This table demonstrates the correlation between the number of subnets and hosts you can define with any given-size mask. The mask size is indicated in both the familiar decimal terms and a new notation that was introduced in CIDR. This notation explicitly identifies the extended network prefix by using a slash (/) followed by a number. The slash can be thought of as a flag that indicates that the following numbers specify how many bits in the IPv4 address are used for network and subnetwork addresses. Thus, the number after the slash, when subtracted from 32, yields the number of bits allocated to host addressing.

Please note that all values in Table 4-1 are gross and are not adjusted for usability.

Table 4-1. Mathematical Correlation Between Subnets and Hosts
Decimal Mask	CIDR Notation	Number of Possible Host Addresses	Size in Terms of Class-eBased Networks
128.0.0.0	/1	2,147,483,648	128 Class A
192.0.0.0	/2	1,073,741,824	64 Class A
224.0.0.0	/3	536,870,912	32 Class A
240.0.0.0	/4	268,435,456	16 Class A
248.0.0.0	/5	134,217,728	8 Class A
252.0.0.0	/6	67,108,864	4 Class A
254.0.0.0	/7	33,554,432	2 Class A
255.0.0.0	/8	16,777,216	1 Class A
255.128.0.0	/9	8,388,608	128 Class B
255.192.0.0	/10	4,194,304	64 Class B
255.224.0.0	/11	2,097,152	32 Class B
255.240.0.0	/12	1,048,576	16 Class B
255.248.0.0	/13	524,288	8 Class B
255.252.0.0	/14	262,144	4 Class B
255.254.0.0	/15	131,072	2 Class B
255.255.0.0	/16	65,536	1 Class B
255.255.128.0	/17	32,768	128 Class C
255.255.192.0	/18	16,384	64 Class C
255.255.224.0	/19	8,192	32 Class C
255.255.240.0	/20	4,096	16 Class C
255.255.248.0	/21	2,048	8 Class C
255.255.252.0	/22	1,024	4 Class C
255.255.254.0	/23	512	2 Class C
255.255.255.0	/24	256	1 Class C
255.255.255.128	/25	128	1/2 Class C
255.255.255.192	/26	64	1/4 Class C
255.255.255.224	/27	32	1/8 Class C
255.255.255.240	/28	16	1/16 Class C
255.255.255.248	/29	8	1/32 Class C
255.255.255.252	/30	4	1/64 Class C
255.255.255.254	/31	2	1/128 Class C
255.255.255.255	/32	1	Single-host route

Table 4-1 should exhibit some interesting mathematical patterns. If these patterns aren't yet self-evident, fear not: It gets easier with practice! Basically, you will see a repetition of a numeric sequence in the Decimal Mask column. A single bit set equal to 1 in the leftmost column of a binary octet carries a decimal value of 128. The initial 2 bits, when set to 11, yield a decimal equivalent of 192. Thus, the increments of decimal numbers must follow the pattern you first saw in Chapter 2: 128, 192, 224, 240, 248, 252, 254, and 255.

The next interesting pattern you should recognize is that, starting with the /32 mask (which references just one host address), you are doubling the number of possible host addresses with each bit you add to the host field. This doubling is complemented with a halving of the number of subnets available. Start at the bottom of the Number of Possible Host Addresses column. For every bit you add to the host address field, you double the quantity of addresses available. With each bit you remove from the host field, you are halving the number of available hosts in that sized network. Thus, a /25 network offers exactly half the number of host addresses that are available in a /24 network. Understanding this relationship is necessary for understanding both VLSM and CIDR. We'll look at CIDR in much more detail in Chapter 6, "Classless Interdomain Routing (CIDR)."

If you'd like to read more about the guidelines for VLSM contained in RFC 1878, here's the URL:

www.ietf.org/rfc/rfc1878.txt

RFC 1009

Standardization Without Ratification

RFC 1878

Table 4-1. Mathematical Correlation Between Subnets and Hosts