[CoLoCo] changing subnet mask

Kevin Fries kfries at cctus.com
Tue Sep 16 15:50:16 BST 2008 

>> You can also try, though I have never seen this work in a wireless network,
>> setting your desktop's netmask to /22 (255.255.252.0<http://255.255.252.0>).
>
> Bingo. That was the magic bit I was looking for in the beginning. I wanted to
> change the subnet mask and see what would happen but didn't know the funky
> math needed to do it. I still don't know the math but now I have a mask I can try
> (and probably promptly break more stuff - thank god for the reset button). What
> I don't know is what all has to have the subnet changed - the one router, both,
> both and the laptops, etc. I guess I'll find out.

The funky math is actually pretty straight forward.

All IP addresses are simply a single unsigned number.  In IPv4 that value is 32 bits (IPv6 is 128 bits, but I am not going to talk about IPv6 in this answer) in length.  For ease of use, we usually refer to the value as 4 values of 8 bits each with periods in between converted to decimal (base 10).  But, in reality, its just one 32 bit value.  The same goes for the subnet mask, its just a 32 bit number written the same way.

So, lets get to an example.  Lets take an address of 192.168.1.1.  In 8 bit binary, 192 is written: 11000000; 168 is written: 10101000; and 1 is written: 00000001.  Lets also write the subnet mask out in binary, so 255 is 11111111 and 0 is 00000000.  So to write the the address and subnet mask one on top of the other would look like this:

11000000 10101000 00000001 00000001  <- Address, 192.168.1.1
11111111 11111111 11111111 00000000  <- Mask, 255.255.255.0

Side  Note: You will sometimes see this mask written in CIDR notation as 192.168.1.1/24.  The /24 means the 1st 24 bits of the address are network, the remainder are node.

Every bit in the address where there is a 1 in the mask is the network address.  Every bit in the address where there is a 0 in the mask is the node address.  Now, I have .1 and .2 in the third octet.  So, given the standard mask, that first .1 is part of the network.  Therefore, changing it to .2 creates a new network.  If you wanted them both in the same network, you  need to extend the mask to include as many bits as is needed into the node therefore making the network addresses equal.

11000000 10101000 00000001 00000001  <- Address from network 1, 192,168.1.1
11000000 10101000 00000010 00000001  <- Address from network 2, 192.168.2.1
11111111 11111111 11111111 00000000  <- Old Mask, 255.255.255.0 (/24)
11111111 11111111 11111100 00000000  <- New Mask, 255.255.252.0 (/22)

I could even have a third segment of .3 (binary 11) and a fourth segment of .0 (binary 00) without changing the mask.  But if I wanted .4, the binary is 100, and I would need to claim one more bit for the node making the mask 255.255.248.0 (/21).  In practicality, any mask that forces the segment part of the address into the node would have worked.  So, for your network situation all of the following addresses would have worked: 255.255.0.0; 255.255.128.0; 255.255.192.0; 255.255.224.0; 255.255.240.0; 255.255.248.0; and 255.255.252.0.  While in theory the values in the mask can be any value, in practice that does not work.  In practice you will want to keep your mask so that it is all 1s up to a point, then all 0s.  So, the 9 values you should stick to in creating your mask are:

11111111  <- 255
11111110  <- 254
11111100  <- 252
11111000  <- 248
11110000  <- 240
11100000  <- 224
11000000  <- 192
10000000  <- 128
00000000  <- 0

In addition, there are 4 (actually 5 but the 5th one was never used) standard masks.  The standard mask is defined by the starting bits of the address.  These masks are as so:

  * Address starts with a 0, mask = 255.0.0.0 (/8, or Class A)
  * Address starts with a 10, mask = 255.255.0.0 (/16, or Class B)
  * Address starts with a 110, mask = 255.255.255.0 (/24 or Class C)
  * Address starts with a 1110, mask = 255.255.255.255 (/32 or Class D)

Most computers will be assigned an address from either Class A, Class B, or Class C.  Class D addresses are used for multicast broadcasts.  I have seen NTP and streaming media use these mostly.  They are generally assigned to an interface that also has one of the other classes of address assigned as its primary address.

(the 5th addresses start with 1111 and are called Class E, which is only for experimental use, this will never change to productive use since the industry is slowly changing to IPv6, which is a topic for a different day)

Here is a tool you can now use to verify your new knowledge: http://www.subnet-calculator.com/

Does the math make sense now?

Kevin

More information about the Ubuntu-us-co mailing list