Subnet Masking in a Nutshell|
As archived by John Holstein, Cotse Helpdesk Coordinator
First off, what good is it? Well, let's say you've got a network that
consists of two parts: you've got some computers on ethernet and some on
token ring. Your boss says "I want everyone on the internet" and you've got a
class c license to work with. It used to be that you would create a subnet so
that your router would pass traffic (packets of data) towards their correct
destination which helps ease your data traffic woes. (Nowadays, you create a
virtual private network.. err, I'll talk about that later. For now, let's
pretend that isn't a option.) That's what subnetting gets you: a way to tell
your router that you've got different segments on your network so it can
properly route traffic. So what does a subnet mask look like? Ooo, back to
"fun with binary"..
Starting from the right and working towards the left, take 2 and raise it to
an increasing power. First column is two to the zero power (which equals 1),
next is two to the first power (2), on and on until you have 8 columns.
128 64 32 16 8 4 2 1
A subnet mask uses some of the first digits of your binary number as a way to
tell the router which network segment this data packet should be routed to.
Those digits are called the "subnet id". The rest of the digits are called
the "host id". One other thing you have to keep in mind: a host id of all
zero's or all one's is a special situation: You can't use those. The "all
ones" is a broadcast. It's a way to tell all network devices "HEY! Listen up"
without having to address each one individually. "All zeros" is the same
idea, but on a smaller scale ("Hey everybody on my segment of the network!").
The same restriction applies to a subnet id of all zero's or all one's. Thus,
you can't use a subnet mask of 128 (1000 0000) and split your network in
half. Now, I haven't figured out _why_ you can't have a subnet id of all
zeros or all ones (my book says to refer to RFC 905 but my brain cramps when
I read those so if some kind person would explain that to me in words of two
syllables or less, I would be grateful). Meanwhile, back to subnetting..
Okay, so I've got these two segments and I can't use a subnet mask of 128. I
could use xx00 0000. My subnet mask would be 192 (128 + 64). That leaves 6
digits for the host id. Cool! Lot's of room.. But, uh oh.. you can't use a
host id of all zeros or all ones. Thus 63 (0011 1111), 127 (0111 1111), 191
(1011 1111) and 255 (1111 1111) are out. ..oof.. feeling kinda cramped..
Worse, you can't use any of the hosts that happen to fall in the all zeros
subnet id (ie., 0 to 63) nor those that happen to fall in the all ones subnet
id (193 to 255). Hey! Wait a minute, you say. Why am I doing subnetting
again? To ease your traffic woes. Well, geez, with all those addresses that I
can't use, no wonder I haven't got any traffic problems!
That's why the idea of "virtual private networks" is catching on.
This is a cool idea because you don't have to give a real IP address to
anything on the inside of your network. You can, instead, pretend that you
have a class A license (use 10.x.x.x, which was set aside just for this idea) and
that gives your network plenty of room. Additionally, because you have a device
somewhere that translates real-external IP to fake-internal IP and usually that device is a
firewall, it's harder for hackers to get to individual pc's on your network.
(Except.. when some sh*thead newbie admin [who, _of course_, knows more than
_you_ do even though you constantly have to correct them in spite their
obvious lack of experience or knowledge] decides to put PC Anywhere on their
frigging pc at work. To do this, they tell the people who installed the
firewall to punch a hole in the firewall [ie, open a particular port] thus a
lazy dumbf*ck admin can administrate the network while sitting on his fat ass
at home. Not that I know of a place like that.. buuuut.. gee, I was just
wondering, does anybody happen to know what port PC Anywhere uses?
Comments? Questions? Bugs? Email:John Holstein
Return to the Help Desk