Boswell's Q&A

### Subnetting Simplified

Quick lesson on configuring subnet addresses.

Bill: I am currently studying for my MCSE but am having a hard time comprehending subnetting. Do you know of any books, articles, etc. I can read on this subject that will explain it in simple terms? Thanks.
—Frank

I feel your pain, Frank. I really do. We sysadmins don't deal with networking every minute of the day like our colleagues in the network group.

Here's one way of looking at the problem. A 32-bit IP address is divided into four 8-bit sections (octets) represented by their decimal equivalent. You can use the Scientific mode of the Windows calculator to determine the binary number for an octet. For example, the address 192.168.0.1 is really this 32-bit number:

11000000  10101000  00000000  00000001

You can do the same calculation on paper. Scribble a quick chart of powers of 2 and their decimal equivalents:

 27 26 25 24 23 22 21 20 128 64 32 16 8 4 2 1

 Get Help from Bill Got a Windows or Exchange question or need troubleshooting help? Or maybe you want a better explanation than provided in the manuals? Describe your dilemma in an e-mail to Bill at mailto:[email protected]; the best questions get answered in this column. When you send your questions, please include your full first and last name, location, certifications (if any) with your message. (If you prefer to remain anonymous, specify this in your message but submit the requested information for verification purposes.)

The top four bits of the top octet determines the network class designation. If the top bit of the top octet is 0, the address is Class A. So, if a stranger comes up to you in the mall and asks the class of the address 83.128.1.37, you'll tell him that 83 is really 64+16+1, which yields binary 01010001, so the first bit is zero and therefore the address is Class A.

The upper octet bits of a Class A address can lie in a range of 00000001 to 01111111, so the Class A address range spans 1 to 64+32+16+8+4+2+0, or 126. (The actual endpoint, 127, is a special case. It's the loopback address, the address that represents the local adapter. It cannot be a network address.)

The standard Class A subnet mask is 255.0.0.0, meaning that all bits in the upper octet determine the network address while the remaining bits in the other three octets determine the host address. So an address of 83.128.1.37 with a subnet mask of 255.0.0.0 has a network address of 83 and a host address of 128.1.37. The binary mask looks like this:

 Network Host 01010011 10000000 00000111 00100101 11111111 00000000 00000000 00000000

If the top bit of the first octet is set to 1 and the second bit is set to 0, the address is Class B. This yields a span of 10000000 to 10111111, or 128 to 191.

The default subnet mask for Class B is 255.255.0.0, meaning that the first 16 bits of the address determine the network address. Take an address of 132.15.122.11, for example.

 Network Host 10000100 00001111 01111010 00001011 11111111 11111111 00000000 00000000

If the top two bits are set to 1 and the third bit is set to 0, the address is Class C. This yields a span of binary 11000000 11011111 or 192 to 223. The class D address range, 224 (11100000) to 239 (11101111) is used for multicasting. The class E address range starting at 240 (11110000) is not used.

As you know, it is possible to “steal” bits from the host address space in the lower three octets to build a larger network address space for a given address class. For example, a Class C address such as 201.10.10.1 with a subnet mask of 255.255.224 “steals” three bits from the host ID in the final octet. This leaves five bits for host addresses.

 Network Host 11001001 00001010 00001010 00000001 11111111 11111111 11111111 11100000

To determine the number of networks and hosts available for a given subnet mask, jot down the power of 2 chart and put in the bits associated with the mask. In the example, 224 represents three bits.

The total of available networks represents the sum of the powers of two in the upper bits of the mask’s final octet. In the example, this is 1+2+4, or 7. The total of available hosts represents the sum of the powers of two in the lower bits of the mask. In the example, this is 1+2+4+8+16 or 31.

You have to do this sort of arithmetic in a lot of different examples to get the hang of it. It’s a little like learning French verbs. For more references, I think Brian Komar does a good job of explaining subnets in his book Teach Yourself TCP/IP Networking in 21 Days (SAMS) and I like the examples you’ll find in Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference by Joseph Davies and Thomas Lee (Microsoft Press).

A Hat in Exchange for Feedback
In response to last week's column, "Finding Users on the Network," Adrian F. DickReiter, MCSE+I, MCSA, of San Antonio, Texas, writes:

Boswell, try using the Psloggedon utility that can be found at http://www.sysinternals.com/ntw2k/freeware/pstools.shtml. With it you type in a username and it systematically goes through all computers on the network to look for a particular user. I've never found a way to capture this data so as to isolate what computers a user is logged onto, but I'm sure there's a way to do it—maybe even something so simple as piping it to a Notepad file might work. It's a really great tool.