Network Administration, Lecture notes of Computer Science

Network Administration Note on Networking, Protocals IP Address, Subnetting

Typology: Lecture notes

2016/2017

Uploaded on 11/27/2017

sadiq-hussein
sadiq-hussein 🇰🇪

1 document

1 / 62

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Distance Learning Instruction Materials CISY 331 Network Administration I
©KEMU 2008 Page 1 of 62 compiled by: Nicholas K. Riungu
PART 1: Introduction to Network Administration
Overview of Networking
A typical network consists of hardware: including cabling, routers, switches, hubs, physical servers, and other components, and the
software or firmware that controls the manner in which the hard components are utilized: the server, the client, the operating systems and
other applications.
A network consists of the infrastructure components through which computer systems and shared peripherals communicate with each other.
It is the most basic level of an IT infrastructure. Without network facilities, there is no infrastructure, just a collection of individual
computers.
In the networking model described by Open Systems Interconnection (OSI), the typical IT infrastructure is constructed in layers, from basal
components that are used by all services at the bottom of the stack, to specialized applications at the top.
The layers making up the OSI stack are (from the top, down):
1.
Application
2.
Presentation
3.
Session
4.
Transport
5.
Network
6.
Link (Data Link)
7.
Physical
Network administration is typically involved with the first three layers of the stack, which mostly consist of hardware. There is some
overlap between network and system administration at the transport level, which includes the linking and networking protocols that enable
the transfer of data from one point to another.
The management of such services as DNS, WINS, and DHCP provides the basic name resolution services required by fully featured IT
services. Depending upon the organization, these core services may also be included as network service functions. Since DNS, WINS, and
DHCP run on servers, network servers are sometimes included among the hardware components managed by the Network Administrators.
Network servers, such as DNS and WINS, require basic maintenance operations such as health monitoring (Service Monitoring and
Control). In organizations running Microsoft Active Directory® directory service, there may be overlap in the processes applied to manage
Active Directory itself and DHCP, which is tightly integrated with it.
Upgrading network components is an intrinsic part of proactive network operations. These changes are controlled through the Change
Management, Configuration Management, and Release Management. Similarly, although resolving user outages or other issues is part of
Incident Management, troubleshooting network-related issues is typically a specialty task that occurs within the Network Administration.
Key Definitions
DHCP
Dynamic Host Configuration Protocol (DHCP) is a TCP/IP standard that reduces the complexity and administrative overhead of managing
network client IP address configurations by automating the assignment of IP addresses.
DNS
Domain Name System (DNS), in computer communications, is a method of translating Internet addresses so that computers connected in
the Internet can find each other. A DNS server translates a numerical address assigned to a computer (such as 207.46.228.91) into a
sequence of words, and vice versa.
Network
Techniques, physical connections, and computer programs used to link two or more computers. Network users are able to share files,
printers, and other resources; send electronic messages; and run programs on other computers.
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e

Partial preview of the text

Download Network Administration and more Lecture notes Computer Science in PDF only on Docsity!

PART 1: Introduction to Network Administration

Overview of Networking

A typical network consists of hardware: including cabling, routers, switches, hubs, physical servers, and other components, and the software or firmware that controls the manner in which the hard components are utilized: the server, the client, the operating systems and other applications. A network consists of the infrastructure components through which computer systems and shared peripherals communicate with each other. It is the most basic level of an IT infrastructure. Without network facilities, there is no infrastructure, just a collection of individual computers. In the networking model described by Open Systems Interconnection (OSI), the typical IT infrastructure is constructed in layers, from basal components that are used by all services at the bottom of the stack, to specialized applications at the top. The layers making up the OSI stack are (from the top, down):

  1. Application
  2. Presentation
  3. Session
  4. Transport
  5. Network
  6. Link (Data Link)
  7. Physical Network administration is typically involved with the first three layers of the stack, which mostly consist of hardware. There is some overlap between network and system administration at the transport level, which includes the linking and networking protocols that enable the transfer of data from one point to another. The management of such services as DNS, WINS, and DHCP provides the basic name resolution services required by fully featured IT services. Depending upon the organization, these core services may also be included as network service functions. Since DNS, WINS, and DHCP run on servers, network servers are sometimes included among the hardware components managed by the Network Administrators. Network servers, such as DNS and WINS, require basic maintenance operations such as health monitoring (Service Monitoring and Control). In organizations running Microsoft Active Directory® directory service, there may be overlap in the processes applied to manage Active Directory itself and DHCP, which is tightly integrated with it. Upgrading network components is an intrinsic part of proactive network operations. These changes are controlled through the Change Management, Configuration Management, and Release Management. Similarly, although resolving user outages or other issues is part of Incident Management, troubleshooting network-related issues is typically a specialty task that occurs within the Network Administration.

Key Definitions

DHCP

Dynamic Host Configuration Protocol (DHCP) is a TCP/IP standard that reduces the complexity and administrative overhead of managing network client IP address configurations by automating the assignment of IP addresses. DNS Domain Name System (DNS), in computer communications, is a method of translating Internet addresses so that computers connected in the Internet can find each other. A DNS server translates a numerical address assigned to a computer (such as 207.46.228.91) into a sequence of words, and vice versa. Network Techniques, physical connections, and computer programs used to link two or more computers. Network users are able to share files, printers, and other resources; send electronic messages; and run programs on other computers.

NOS

A network operating system (NOS) is an operating system that includes software to communicate with other computers by means of a network. This allows such resources as files, application programs, and printers to be shared between computers. Protocol A set of established standards for data transfer that enables computers to communicate with each other. RAS Remote Access Service (RAS) is a technology that permits remote users to log on to and use a corporate network. VoIP Voice over IP (VoIP) is a technology that enables voice communications (telephony) over the Internet. WINS Windows Internet Name Service (WINS) is the name resolution system used for Microsoft Windows NT® Server 4.0 and earlier Microsoft

operating systems.

Network Components Overview

As mentioned earlier, networks consist of complex architectures of hardware and software. Each of these components requires routine monitoring or maintenance to achieve negotiated operating levels. Components are occasionally subject to fault or error, and they may be eventually replaced or upgraded to meet business demand. To understand the processes required to operate the network, it is appropriate to briefly review the network components themselves.

Hardware Components The hardware layer of a network may be extensive, typically including the following components:

  • Cabling
  • Network adapters/network interface cards (NICs)
  • Hubs
  • Switches
  • Routers
  • Content switching
  • Wireless access points
  • Firewalls These components may be supplied through a variety of vendors. In fact, depending on the degree of standardization to which an IT organization subscribes, individual component categories—routers, for example—may be obtained from multiple vendors. The product documentation accompanying these components generally describes their installation and configuration in detail.

Software Components As described above, many network hardware components contain firmware that may require initial configuration according to the manufacturer’s recommendations. For example, network devices typically are configured either through a firmware-based HTML interface, which is accessed by an Internet browser that is pointed to the device’s specific IP address, or through a telnet session. For networks operating on Microsoft Windows Server, there are several software components in the network as well. These services include DNS, WINS, and DHCP. Each of these components provides basic functionality within the network and is critical to the availability of higher-order services. In many networks, Remote Access Service (RAS) is also a highly used network component. Maintaining these components is a necessary part of network administration.

Troubleshooting Methodology Having a plan of action is one of the key requirements in troubleshooting a network incident. Many of the incidents handled are likely to be user issues involving non-network errors, such as improper use of software or workstation setup. On the occasion that an administrator confronts what appears to be a truly network-related issue, he or she should follow an established troubleshooting procedure. The following steps provide a recommended model for effective network troubleshooting:

  1. Establish the symptoms.
  2. Identify the affected area.
  3. Establish what has changed.
  4. Select the most probable cause.
  5. Implement a solution.
  6. Test the results.
  7. Recognize the potential effects of the solution.
  8. Document the solution. The process followed may vary slightly or may be performed in a slightly different order, but the overall process should contain all of the listed procedures. The following sections examine each of these steps. Establishing the Symptoms The first step in troubleshooting a network incident is to determine exactly what is going wrong and to note the effect of the incident on the network. This evaluation provides the administrator with sufficient knowledge to assign a priority to the incident. In a large network environment, there are often many more calls for support than the network support staff can handle at one particular time. Therefore, it is essential to establish a system of priorities that dictates which calls get addressed first. As in the emergency department of a hospital, the priorities should not necessarily be based on who is first in line. More often, it is the severity of the incident that determines who gets attention first, although it is usually not wise to ignore the political reality that senior management incidents frequently are addressed before those of the rank and file. The following guidelines may assist in establishing incident resolution priorities:
  • Shared resources take precedence over individual resources. An incident involving a server or other network component that prevents many users from working must take precedence over one that affects only a single user.
  • Network-wide incidents take precedence over workgroup or departmental incidents. Resources that provide services to the entire network, such as e-mail servers, should be considered before departmental resources, such as file and print servers.
  • Rate departmental issues according to the function of the department. Incidents involving resources belonging to a department that is critical to the organization, such as order entry or customer service call centers, should take precedence over departments that can better tolerate a period of downtime, such as research and development.
  • System-wide incidents take precedence over isolated incidents. An incident that puts an entire computer out of commission, preventing a user from getting any work done, should take precedence over an issue a user is experiencing with a single device or application. Part of the process of narrowing down the cause of a particular incident involves obtaining accurate information about what has occurred. Users are often vague about what they were doing when they experienced the incident, or even what the indications of the error or issue were. For example, in many cases, users call the help desk because they received an error message, but they neglect to write down the wording of the message. Persistent but subtle training of users in the proper procedures for documenting and reporting incidents is also part of the network support technician’s job. Asking questions such as the following can help determine the cause of an incident:
  • What exactly were you doing when the incident occurred?
  • Have you had any other incidents?
  • Was the computer behaving normally just before the incident occurred?
  • Has any hardware or software been installed, removed, or reconfigured recently?
  • Did you (or anyone else) do anything to try to resolve the incident? What did you do?

Identifying the Affected Area The next step in assessing the nature of the incident is to attempt to duplicate it. Network incidents that you can easily duplicate are far easier to fix, primarily because they can be tested to see if the repair was successful. However, there are many types of network incidents that are intermittent or that might occur for only a short period of time. In these cases, the incident may be left open until it occurs again. In some instances, having the user reproduce the incident can lead to the solution. User error is a common cause of incidents that can seem to be hardware- or network-related to the inexperienced user. Once the incident has been duplicated, the actual source may be determined. If, for example, a user has trouble opening a file in a word processing application, the difficulty might lie in the application, the user’s computer, the file server where the file is stored, or any of the networking components in-between. The process of isolating the location of the incident consists of eliminating the elements that are not the cause, in a logical and methodical manner. In an incident such as this, only a limited number of possible causes are network-related. If it is possible to duplicate the incident, isolation of the cause may be initiated by reproducing the conditions under which the incident occurred, using a procedure such as the following:

  1. Have the user reproduce the incident on the computer repeatedly to determine whether the user’s actions are triggering the error.
  2. Attempt to reproduce the incident by duplicating the user task. If the incident does not occur, the cause might be in how the user is performing a particular task. Check the user’s procedures carefully to see if he or she is doing something wrong. It is entirely possible that the resolver and the user perform the same task in different ways and that the user’s method is exposing an incident that the resolver’s doesn’t.
  3. If the incident recurs upon performing the task, log off from the user’s account, log on using an account with administrative privileges, and repeat the task. If the incident does not recur, it is probably the result of the user not having the rights or permissions needed to perform the task.
  4. If the incident recurs, try to perform the same task on another, similarly equipped computer connected to the same network. If the incident can’t be reproduced on another computer, the cause likely lies in the user’s computer or its connection to the network. If the incident does recur on another computer, it is likely a network incident, either in the server that the computer was communicating with or the hardware that connects the two. If the incident lies somewhere in the network and not in the user’s computer, the resolver can then begin the process of isolating the area of the network that is the source of the incident. For example, if the incident is reproduced on another nearby computer, then begin performing the same task on computers located elsewhere on the network. Again, proceed methodically and document the results. For example, try to reproduce the incident on another computer connected to the same hub, and then on a computer connected to a different hub on the same LAN. If the incident occurs throughout the LAN, try a computer on a different LAN. Eventually, the source of the incident should be traced to a particular component, such as a server, router, hub, or cable. A configuration management database (CMDB) should have an accurate representation of all the dependencies in the IT infrastructure and can be an invaluable tool in determining root cause. Establishing What Has Changed When a computer or other network component that previously worked properly now does not, it is logical to assume that some change has occurred. When a user reports an incident, one of the most important pieces of information the network troubleshooter can gather is how the computing environment changed immediately prior to the malfunction. Unfortunately, getting this information from the user can often be difficult. The response to the question ―Has anything changed on the computer recently?‖ is nearly always ―No,‖ and it’s only some time later that the user remembers to mention that a major hardware or software upgrade was performed just prior to the incident’s occurrence. On a network with a properly established CMDB, it should be easy to determine if any upgrades or modifications to the user’s computer have been made recently. The CMDB is the first place to look for information like this. Major changes, such as the installation of new hardware or software, are obvious possible causes of network incidents, but the network troubleshooter must be aware that more subtle changes can cause incidents as well. For example, an increase in network traffic levels, as disclosed by a protocol analyzer, can be a contributing cause of a reduction in network performance. Occasional incidents noticed by several users of the same application, cable segment, or LAN can indicate the existence of a fault in a network component. Tracking down the source of a networking incident can often be a form of detective work, and learning to ―interrogate‖ your ―suspects‖ properly can be an important part of the troubleshooting process.

Roles and Responsibilities

The principal roles and their associated responsibilities for network administration have been defined according to industry best practices. Organizations might need to combine some roles depending on organizational size, organizational structure, and the underlying service level agreements existing between the IT department and the business it serves. It is important to note that these are roles, and not job descriptions. A small organization may have one person perform several roles, while a large organization may have a team of people for each role. The specific responsibilities associated with each role are summarized below.

Network Manager The network manager is responsible for providing network communications services for IT applications and services. Since networking is critical to so many types of applications, network managers are usually under significant pressure to maintain and improve the data communications infrastructure. As a result, the network manager must participate in IT design changes, monitor the existing infrastructure, and repair the infrastructure when it fails. Often the network manager will be assisted by junior network technicians and network support technicians in the performance of his or her duties. The main responsibilities for a Network Manager include:  Managing the data communications needs of the company.  Manages the physical network infrastructure, including wired and wireless local area network (LAN).  Manages infrastructure servers: Active Directory, WINS, DNS, DHCP, Proxy, RAS, and Internet Security and Acceleration (ISA) Server.  Manages the acquisition of new network hardware as required.  Participates in network planning, design, development, deployment, and modification.  Monitors and controls service levels of network suppliers.  Liaises with the Service Monitoring and Control SMF to establish a list of monitored network activities.  Ensures that data communication within the company is reliable and of sufficient capacity to meet business needs.  Provides physical connections to the corporate LAN as required.  Ensures that data communications packets are routed efficiently.  Provides regular feedback on network performance, both in general and against specific service levels.  Provides access to the corporate network via dial-up or virtual private network (VPN) as required.  Monitors bandwidth use, analyzes traffic patterns and volumes, and determines impact/implications of issues.  Ensures security standards are upheld.

Network Technician The network technician works closely with the network manager. In fact, the network technician performs the routine monitoring of the network on behalf of the network manager. The network technician is the person who actually performs site installations as directed by the network manager. The main responsibilities for a Network Technician include:  Monitors and controls service levels of network suppliers.  Ensures detection of alerts from the network infrastructure.  Provides physical connections to the corporate LAN as required.  Ensures that data communications packets are routed efficiently.  Provides regular feedback on network performance, both in general and against specific service levels.  Monitors bandwidth use, analyzes traffic patterns and volumes, and determines impact/implications of issues.  Ensures security standards are upheld.

Network Support Technician The network support technician works closely with the network manager, incident manager, and problem manager. The network support technician is responsible for resolving incidents on the network, identifying problems and errors, and establishing workarounds to restore network operation. The main responsibilities for a Network Support Technician include:  Handles service requests.  Monitors incident details, including the configuration items affected.  Investigates and diagnoses incidents and problems (including resolution where possible).  Detects possible problems and notifies problem management.  Documents the resolution and recovery of assigned incidents.  Acts as a restoration team member, if required, during major incidents.  Carries out actions in order to correct known errors.

Network Security Technician The network security technician is responsible for implementing standards and policies that secure the data and voice networks from internal and external threats. These standards and policies are incorporated into the network design and may include data encryption, encapsulation, and certification. All of these design characteristics must typically be applied to ensure data confidentiality, integrity, and availability. The main responsibilities for a Network Security Technician include:  Performs monitoring and analysis of intrusion detection and other security breaches.  Maintains access list.  Performs firewall maintenance.

Voice Communications Technician Voice communications and data communications are becoming more closely related every day. In fact, most voice traffic is currently converted to data at some point in its transfer to the receiver, and voice-over-IP (VoIP) telephones are becoming increasingly common. The voice communications technician is responsible for providing voice communications services for business personnel and IT applications. This can include providing telephones to the desktop or modems for dial-up computer access. The voice communications technician is also responsible for installing and maintaining the interactive voice response (IVR) and predictive dialing systems that a company may have in place for its call centers and service desks. The main responsibilities for a Voice Communications Technician include:  Ensures that the communications infrastructure is in place and in good working order.  Installs and maintains telephones, voice mail, and other communications equipment.  Installs and maintains private branch exchange (PBX) systems.  Installs modem banks for in-bound dial-up network and virtual private networks.  Installs and maintains in-bound interactive voice response (IVR) systems.  Installs and maintains outbound predictive dialing systems.

Outsourcing Manager The outsourcing manager works with the network manager and the security manager to identify and mitigate potential security risks associated with suppliers and vendors. The main responsibilities for a Outsourcing Manager include:  Evaluates partner offerings for applicability to need.  Negotiates and manages costs associated with partnerships.

Address Classes

The Internet community originally defined five address classes to accommodate networks of varying sizes. Microsoft TCP/IP supports class A, B, and C addresses assigned to hosts. The class of address defines which bits are used for the network ID and which bits are used for the host ID. It also defines the possible number of networks and the number of hosts per network. Class A Class A addresses are assigned to networks with a very large number of hosts. The high-order bit in a class A address is always set to zero. The next seven bits (completing the first octet) complete the network ID. The remaining 24 bits (the last three octets) represent the host ID. This allows for 126 networks and 16,777,214 hosts per network. The figure below illustrates the structure of class A addresses.

Class B Class B addresses are assigned to medium-sized to large-sized networks. The two high-order bits in a class B address are always set to binary 1 0. The next 14 bits (completing the first two octets) complete the network ID. The remaining 16 bits (last two octets) represent the host ID. This allows for 16,384 networks and 65,534 hosts per network. Figure 5 illustrates the structure of class B addresses.

Class C Class C addresses are used for small networks. The three high-order bits in a class C address are always set to binary 1 1 0. The next 21 bits (completing the first three octets) complete the network ID. The remaining 8 bits (last octet) represent the host ID. This allows for 2,097,152 networks and 254 hosts per network. Figure 6 illustrates the structure of class C addresses.

Class D Class D addresses are reserved for IP multicast addresses. The four high-order bits in a class D address are always set to binary 1 1 1 0. The remaining bits are for the address that interested hosts will recognize. Microsoft supports class D addresses for applications to multicast data to multicast-capable hosts on an internetwork.

Class E Class E addresses are experimental addresses reserved for future use. The high-order bits in a class E address are set to 1 1 1 1.

Table 2 is a summary of address classes A, B, and C that can be used for host IP addresses. Table 2 IP address class summary Class Value for w^1 Network ID Portion

Host ID Portion

Available Networks

Hosts per Network A 1 – 126 w x.y.z 126 16,777, B 128 – 191 w.x y.z 16,384 65, C 192 – 223 w.x.y z 2,097,152 254

The class A address 127.x.y.z is reserved for loopback testing and interprocess communication on the local computer.

Network ID Guidelines: The network ID identifies the TCP/IP hosts that are located on the same physical network. All hosts on the same physical network must be assigned the same network ID to communicate with each other.

Follow these guidelines when assigning a network ID:  The network address must be unique to the IP internetwork. If you plan on having a direct routed connection to the public Internet, the network ID must be unique to the Internet. If you do not plan on connecting to the public Internet, the local network ID must be unique to your private internetwork.  The network ID cannot begin with the number 127. The number 127 in a class A address is reserved for internal loopback functions.  All bits within the network ID cannot be set to 1. All 1’s in the network ID are reserved for use as an IP broadcast address.  All bits within the network ID cannot be set to 0. All 0’s in the network ID are used to denote a specific host on the local network and will not be routed. Table 3 lists the valid ranges of network IDs based on the IP address classes. To denote IP network IDs, the host bits are all set to 0. Note that even though expressed in dotted decimal notation, the network ID is not an IP address.

Table 3 Class ranges of network IDs Address Class First Network ID Last Network ID Class A 1.0.0.0 126.0.0. Class B 1 28.0.0.0 191.255.0. Class C 192.0.0.0 223.255.255.

Host ID Guidelines The host ID identifies a TCP/IP host within a network. The combination of IP network ID and IP host ID is an IP address. Follow these guidelines when assigning a host ID:  The host ID must be unique to the network ID.  All bits within the host ID cannot be set to 1, because this host ID is reserved as a broadcast address to send a packet to all hosts on a network.  All bits in the host ID cannot be set to 0, because this host ID is reserved to denote the IP network ID. Table 4 lists the valid ranges of host IDs based on the IP address classes.

Table 4 Class ranges of host IDs Address Class First Host ID Last Host ID Class A w.0.0.1 w.255.255. Class B w.x.0.1 w.x.255. Class C w.x.y.1 w.x.y.

Subnet Masks With the advent of subnetting, one can no longer rely on the definition of the IP address classes to determine the network ID in the IP address. A new value is needed to define which part of the IP address is the network ID and which part is the host ID, regardless of whether class-based or subnetted network IDs are being used. RFC 950 defines the use of a subnet mask (also referred to as an address mask ) as a 32-bit value which is used to distinguish the network ID from the host ID in an arbitrary IP address. The bits of the subnet mask are defined as:  All bits that correspond to the network ID are set to 1.  All bits that correspond to the host ID are set to 0. Each host on a TCP/IP network requires a subnet mask even on a single-segment network. Either a default subnet mask , which is used when using class-based network IDs, or a custom subnet mask , which is used when subnetting or supernetting, is configured on each TCP/IP node.

Dotted Decimal Representation of Subnet Masks:

Subnet masks are frequently expressed in dotted decimal notation. Once the bits are set for the network ID and host ID portion, the resulting 32-bit number is converted to dotted decimal notation. Note that even though expressed in dotted decimal notation, a subnet mask is not an IP address. A default subnet mask is based on the IP address classes and is used on TCP/IP networks that are not divided into subnets. Table 5 lists the default subnet masks using the dotted decimal notation for the subnet mask.

Table 5 Default subnet masks in dotted decimal notation Address Class Bits for Subnet Mask Subnet Mask Class A 11111111 00000000 00000000 00000000 255.0.0. Class B 11111111 11111111 00000000 00 000000 255.255.0. Class C 11111111 11111111 11111111 00000000 255.255.255.

Custom subnet masks are those that differ from the above default subnet masks when doing subnetting or supernetting. For example, 138.96.58.0 is an 8-bit subnetted class B network ID. Eight bits of the class-based host ID are being used to express subnetted network IDs. The subnet mask uses a total of 24 bits (255.255.255.0) to define the subnetted network ID. The subnetted network ID and its corresponding subnet mask is then expressed in dotted decimal notation as: 138.96.58.0, 255.255.255. Network Prefix Length Representation of Subnet Masks: Since the network ID bits must be always chosen in a contiguous fashion from the high order bits, a shorthand way of expressing a subnet mask is to denote the number of bits that define the network ID as a network prefix using the network prefix notation: / <# of bits>. Table 6 lists the default subnet masks using the network prefix notation for the subnet mask.

Table 6 Default subnet masks in network prefix notation Address Class Bits for Subnet Mask Network Prefix Class A 11111111 00000000 00000000 00000000 / Class B 11111111 11111111 00000000 00000000 / Class C 11111111 11111111 11111111 00000000 /

For example, the class B network ID 138.96.0.0 with the subnet mask of 255.255.0.0 would be expressed in network prefix notation as 138.96.0.0/16. As an example of a custom subnet mask, 138.96.58.0 is an 8-bit subnetted class B network ID. The subnet mask uses a total of 24 bits to define the subnetted network ID. The subnetted network ID and its corresponding subnet mask is then expressed in network prefix notation as: 138.96.58.0/

Note Since all hosts on the same network must be using the same network ID, the ID must be defined by the same subnet mask. For example, 138.23.0.0/16 is not the same network ID as 138.23.0.0/24. The network ID 138.23.0.0/16 implies a range of valid host IP addresses from 138.23.0.1 to 138.23.255.254. The network ID 138.23.0.0/24 implies a range of valid host IP addresses from 138.23.0.1 to 138.23.0.254. Clearly, these network IDs do not represent the same range of IP addresses.

Determining the Network ID: To extract the network ID from an arbitrary IP address using an arbitrary subnet mask, IP uses a mathematical operation called a logical AND comparison. In an AND comparison, the result of two items being compared is true only when both items being compared are true, otherwise, the result is false. Applying this principle to bits, the result is 1 when both bits being compared are 1; otherwise, the result is 0. IP takes the 32-bit IP address and logically ANDs it with the 32-bit subnet mask. This operation is known as a bit-wise logical AND. The result of the bit-wise logical AND of the IP address and the subnet mask is the network ID. For example, what is the network ID of the IP node 129.56.189.41 with a subnet mask of 255.255.240.0? To obtain the result, turn both numbers into their binary equivalents and line them up. Then perform the AND operation on each bit and write down the result. 10000001 00111000 10111101 00101001 IP Address 11111111 11111111 11110000 00000000 Subnet Mask 10000001 00111000 10110000 00000000 Network ID The result of the bit-wise logical AND of the 32 bits of the IP address and the subnet mask is the network ID 129.56.176.0. Subnetting: While the conceptual notion of subnetting by utilizing host bits are straightforward, the actual mechanics of subnetting are a bit more complicated. Subnetting is a three-step procedure:

  1. Determine the number of host bits to be used for the subnetting.
  2. Enumerate the new subnetted network IDs.
  3. Enumerate the IP addresses for each new subnetted network ID.

Step 1: Determining the Number of Host Bits The number of host bits being used for subnetting determines the possible number of subnets and hosts per subnet. Before you choose how many host bits, you should have a good idea of the number of subnets and hosts you will have in the future. Using more bits for the subnet mask than required will save you the time of reassigning IP addresses in the future. The more host bits that are used, the more subnets (subnetted network IDs) you can have—but with fewer hosts. If you use too many host bits, it will allow for growth in the number of subnets, but will limit the growth in the number of hosts. If you use too few hosts, it will allow for growth in the number of hosts, but will limit the growth in the number of subnets. For example, Figure 9 illustrates the subnetting of up to the first 8 host bits of a class B network ID. If we choose one host bit for subnetting, we obtain 2 subnetted network IDs with 16,382 hosts per subnetted network ID. If we choose 8 host bits for subnetting, we obtain 256 subnetted network IDs with 254 hosts per subnetted network ID.

Figure: Subnetting a class B network ID

In practice, network administrators define a maximum number of nodes they want on a single network. Recall that all nodes on a single network share all the same broadcast traffic; i.e. they reside in the same broadcast domain. Therefore, growth in the amount of subnets is

subnets host bits subnet 1-2 1 255.255.128.0 or /17 32, 3-4 2 255.255.192.0 or /18 16, 5-8 3 255.255.224.0 or /19 8, 9-16 4 255.255.240.0 or /20 4, 17-32 5 255.255.248.0 or /21 2, 33-64 6 255.255.252.0 or /22 1, 65-128 7 255.255.254.0 or /23 510 129-256 8 255.255.255.0 or /24 254 257-512 9 255.255.255.128 or /25 126 513-1,024 10 255.255.255.192 or /26 62 1,025-2,048 11 255.255.255.224 or /27 30 2,049-4,096 12 255.255.255.240 or /28 14 4,097-8,192 13 255.255.255.248 or /29 6 8,193-16,384 14 255.255.255.252 or /30 2

Table 9 shows the subnetting of a class C network ID.

Table 9 Subnetting a class C network ID Required number of subnets

Number of host bits

Subnet Mask Number of hosts per subnet 1 - 2 1 255.255.255.128 or /25 126 3 - 4 2 255.255.255.192 or /26 62 5 - 8 3 255.255.255.224 or /27 30 9 - 16 4 255.255.255.240 or /28 14 17 - 32 5 255.255.255.248 or /29 6 33 - 64 6 255.255.255.252 or /30 2

Step 2: Enumerating Subnetted Network IDs Based on the number of host bits you use for your subnetting, you must list the new subnetted network IDs. There are two main approaches:  Binary—List all possible combinations of the host bits chosen for subnetting and convert each combination to dotted decimal notation.  Decimal—Add a calculated increment value to each successive subnetted network ID and convert to dotted decimal notation. Either method produces the same result—the enumerated list of subnetted network IDs. Note There are a variety of documented shortcut techniques for subnetting. However, they only work under a specific set of constraints (for example, only up to 8 bits of a class-based network ID). The methods described below are designed to work for any subnetting situation (class-based, more than 8 bits, supernetting, variable length subnetting). Binary Subnetting Procedure

  1. Based on n , the number of host bits chosen for subnetting, create a 3-column table with 2 n^ entries. The first column is the subnet number (starting with 1), the second column is the binary representation of the subnetted network ID, and the third column is the dotted decimal representation of the subnetted network ID. For each binary representation, the bits of the network ID being subnetted are fixed to their appropriate values and the remaining host bits are set to all 0’s. The host bits chosen for subnetting will vary.
  1. In the first table entry, set the subnet bits to all 0’s and convert to dotted decimal notation. The original network ID is subnetted with its new subnet mask.
  2. In the next table entry, increase the value within the subnet bits.
  3. Convert the binary result to dotted decimal notation.
  4. Repeat steps 3 and 4 until the table is complete. As an example, a 3-bit subnet of the private network ID 192.168.0.0 is needed. The subnet mask for the new subnetted network IDs is 255.255.224.0 or /19. Based on n = 3, construct a table with 8 (= 2^3 ) entries. The entry for subnet 1 is the all 0’s subnet. Additional entries in the table are successive increments of the subnet bits as shown in Table 10. The host bits used for subnetting are underlined.

Table 10 Binary subnetting technique for network ID 192.168.0. Subnet Binary Representation Subnetted Network ID 1 11000000.10101000. 000 00000.00000000 192.168.0.0/ 2 11000000.10101000. 001 00000.00000000 192.168.32.0/ 3 11000000.10101000. 010 00000.00 000000 192.168.64.0/ 4 11000000.10101000. 011 00000.00000000 192.168.96.0/ 5 11000000.10101000. 100 00000.00000000 192.168.128.0/ 6 11000000.10101000. 101 00000.00000000 192.168.160.0/ 7 11000000.10101000. 110 00000.00000000 192.168.192.0/ 8 1100000 0.10101000. 111 00000.00000000 192.168.224.0/

Decimal Subnetting Procedure

  1. Based on n , the number of host bits chosen for subnetting, create a 3-column table with 2 n^ entries. The first column is the subnet number (starting with 1), the second column is the decimal (Base 10 numbering system) representation of the 32-bit subnetted network ID, and the third column is the dotted decimal representation of the subnetted network ID.
  2. Convert the network ID (w.x.y.z) being subnetted from dotted decimal notation to N, a decimal representation of the 32-bit network ID. N = w16777216 + x65536 + y*256 + z
  3. Compute the increment value I based on h , the number of host bits remaining. I = 2 h
  4. In the first table entry, the decimal representation of the subnetted network ID is N and the subnetted network ID will be w.x.y.z with its new subnet mask.
  5. In the next table entry, add I to the previous table entry’s decimal representation.
  6. Convert the decimal representation of the subnetted network ID to dotted decimal notation ( W.X.Y.Z ) through the following formula (where s is the decimal representation of the subnetted network ID): W = INT(s/16777216) X = INT((s mod(16777216))/65536) Y = INT((s mod(65536))/256) Z = s mod(256) INT( ) denotes integer division, mod( ) denotes the modulus, the remainder upon division.
  7. Repeat steps 5 and 6 until the table is complete. As an example, a 3-bit subnet of the private network ID 192.168.0.0 is needed. Based on n = 3, we construct a table with 8 entries. The entry for subnet 1 is the all 0’s subnet. N, the decimal representation of 192.168.0.0, is 3232235520, the result of 19216777216 + 16865536. Since there are 13 host bits remaining, the increment I is 2^13 = 8192. Additional entries in the table are successive increments of 8192 as shown in Table 11.

Table 12 Binary enumeration of IP addresses Subnet Binary Representation Range of IP Addresses 1 11000000.10101000. 000 00000.00000001 - 11000000.10101000. 000 11111.

192.168.0.1 - 192.168.31.

2 11000000.10101000. 001 00000.0000 0001 - 11000000.10101000. 001 11111.

192.168.32.1 - 192.168.63.

3 11000000.10101000. 010 00000.00000001 - 11000000.10101000. 010 11111.

192.168.64.1 - 192.168.95.

4 11000000.10101000. 011 00000.00000001 - 11000000.10101000. 011 11111.

1 92.168.96.1 - 192.168.127.

5 11000000.10101000. 100 00000.00000001 - 11000000.10101000. 100 11111.

192.168.128.1 - 192.168.159.

6 11000000.10101000. 101 00000.00000001 - 11000000.10101000. 101 11111.

192.168.160.1 - 192.168.191.

7 11000 000.10101000. 110 00000.00000001 - 11000000.10101000. 110 11111.

192.168.192.1 - 192.168.223.

8 11000000.10101000. 111 00000.00000001 - 11000000.10101000. 111 11111.

192.168.224.1 - 192.168.255.

Decimal Procedure

  1. Based on n , the number of host bits chosen for subnetting, create a 3-column table with 2 n^ entries. Alternately, add two columns to the previous table used for enumerating the subnetted network IDs. The first column is the subnet number (starting with 1), the second column is the decimal representation of the first and last IP address for the subnetted network ID, and the third column is the dotted decimal representation of the first and last IP address of the subnetted network ID.
  2. Compute the increment value J based on h , the number of host bits remaining. J = 2 h^ - 2

3. For each decimal representation, the first IP address is N + 1 where N is the decimal representation of the subnetted

network ID. The last IP address is N + J.

4. Convert the decimal representation of the first and last IP addresses to dotted decimal notation ( W.X.Y.Z ) through the

following formula (where s is the decimal representation of the first or last IP address):

W = INT(s/16777216) X = INT((s mod(16777216))/65536) Y = INT((s mod(65536))/256) Z = s mod(256) INT( ) denotes integer division, mod( ) denotes the modulus, the remainder upon division.

5. Repeat steps 3 and 4 until the table is complete.

As an example, the range of IP addresses for the 3 bit subnetting of 192.168.0.0 is shown in Table 13. The increment J is 2^13 - 2 =

Table 13 Decimal enumeration of IP addresses Subnet Decimal Representation Range of IP Addresses 1 3232235521 – 3232243710 192.168.0.1 - 192.168.31. 2 3232243713 – 3232251902 192.168.32.1 - 192.168.63. 3 3232251905 – 3232260094 192.168.64.1 - 192.168.95.

4 3232260097 – 3232268286 192.168.96.1 - 192.168.127. 5 3232268289 – 3232276478 192.168.128.1 - 192.168.159. 6 3232276481 – 3232284670 192.168.160.1 - 192.168.191. 7 3232284673 – 3232292862 192.168.192.1 - 192.168.223. 8 3232292865 – 3232301054 192.168.224.1 - 192.168.255.

Variable Length Subnetting: One of the original uses for subnetting was to subdivide a class-based network ID into a series of equal-sized subnets. For example, a 4-bit subnetting of a class B network ID produced 16 equal-sized subnets (using the all-ones and all-zeros subnets). However, subnetting is a general method of utilizing host bits to express subnets and does not require equal-sized subnets. Subnets of different size can exist within a class-based network ID. This is well-suited to real world environments, where networks of an organization contain different amounts of hosts, and different-sized subnets are needed to minimize the wasting of IP addresses. The creation and deployment of various-sized subnets of a network ID is known as variable length subnetting and uses variable length subnet masks (VLSM). Variable length subnetting is a technique of allocating subnetted network IDs that use subnet masks of different sizes. However, all subnetted network IDs are unique and can be distinguished from each other by their corresponding subnet mask. The mechanics of variable length subnetting are essentially that of performing subnetting on a previously subnetted network ID. When subnetting, the network ID bits are fixed and a certain amount of host bits are chosen to express subnets. With variable length subnetting, the network ID being subnetted has already been subnetted.

Variable Length Subnetting Example For example, given the class-based network ID of 135.41.0.0/16, a required configuration is to reserve half of the addresses for future use, create 15 subnets with up to 2,000 hosts, and 8 subnets with up to 250 hosts.

Reserve half of the addresses for future use To reserve half of the addresses for future use, a 1-bit subnetting of the class-based network ID of 135.41.0.0 is done, producing 2 subnets, 135.41.0.0/17 and 135.41.128.0/17. The subnet 135.41.0.0/17 is chosen as the portion of the addresses which are reserved for future use. Table 14 shows one subnet with up to 32,766 hosts.

Table 14: Reserving half the addresses for future use Subnet Number Network ID (dotted decimal) Network ID (network prefix) 1 135.41.0.0, 255.255.128.0 135.41.0.0/

Fifteen Subnets with up to 2,000 Hosts To achieve a requirement of 15 subnets with approximately 2,000 hosts, a 4-bit subnetting of the subnetted network ID of 135.41.128.0/ is done. This produces 16 subnets (135.41.128.0/21, 135.41.136.0/21... 135.41.240.0/21, 135.41.248.0/21), allowing up to 2,046 hosts per subnet. The first 15 subnetted network IDs (135.41.128.0/21 to 135.41.240.0/21) are chosen as the network IDs, which fulfills the requirement. Table 15 illustrates 15 subnets with up to 2,000 hosts.