Project Docs

Subnetting Simplified

SUJAN's photo
SUJAN
·

6 min read

Network

  • A network is a collection of computers, servers, mainframes, network devices, and other devices connected to one another to allow data sharing, communication, and resource sharing.

Subnet

  • A subnet, short for subnetwork, is a logical subdivision of an IP network. It allows a larger network to be divided into smaller, manageable parts.

  • Subnets are defined by their unique subnet mask, which determines the range of IP addresses that are part of the subnet.

Subnetting

  • Subnetting is the process of dividing a single network into multiple smaller subnetworks (subnets).

  • This is done to improve network performance, enhance security, and simplify network management.

  • Subnetting involves creating a subnet mask to identify which portion of an IP address represents the network and which portion represents the host.

IP Address

  • An IP (Internet Protocol) address is a unique numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication.

  • It serves two main purposes: identifying the host or network interface and providing the location of the device in the network.

IPv4 Anatomy

Subnet Mask

  • A subnet mask is a 32-bit number used in conjunction with an IP address to determine which part of the IP address is the network portion and which part is the host portion.

  • The subnet mask uses a binary "1" to represent the network portion and a "0" to represent the host portion.

  • For example, in the IP address 192.168.1.0 with a subnet mask of 255.255.255.0 (/24 in CIDR notation), the subnet mask specifies that the first three octets (192.168.1) represent the network portion, and the last octet (0) is available for host addresses. This means there can be up to 254 host addresses in this subnet (since the all-zeros and all-ones combinations are reserved for the subnet address and broadcast address, respectively).

    The first address (e.g., 192.168.1.0 in a subnet with a 255.255.255.0 subnet mask) is reserved as the network address. It identifies the network itself and cannot be assigned to a host.

    The last address (e.g., 192.168.1.255 in the same subnet) is reserved as the broadcast address. This address is used to send data to all hosts in the subnet simultaneously.

    Therefore, out of the 256 possible addresses in a subnet (for IPv4), two are reserved, leaving 254 addresses available for host assignment.

Why CIDR?

  • Classful addressing was a system used in the early days of the Internet to allocate IP addresses into three main classes: A, B, and C. Each class had a fixed number of network and host bits, which determined the size of the network and the number of hosts that could be connected to it.

    • Class A addresses had an 8-bit network portion and a 24-bit host portion, allowing for a large number of networks (up to 126) with a large number of hosts per network (over 16 million).

    • Class B addresses had a 16-bit network portion and a 16-bit host portion, allowing for a moderate number of networks (up to 16,384) with a moderate number of hosts per network (up to 65,534).

    • Class C addresses had a 24-bit network portion and an 8-bit host portion, allowing for a large number of networks (up to 2 million) with a small number of hosts per network (up to 254).

  • While classful addressing provided a simple way to allocate IP addresses, it led to inefficient use of address space, especially with the rapid growth of the Internet. To address this issue, Classless Inter-Domain Routing (CIDR) was introduced.

  • CIDR allows for more flexible allocation of IP addresses by allowing the subnet mask to be of variable length, rather than fixed as in classful addressing. This means that networks can be divided into subnets of different sizes, allowing for more efficient use of IP addresses.

  • For example, instead of allocating a Class C address (which allows for only 254 hosts) to a network that needs only 50 hosts, CIDR allows for a subnet mask that provides exactly 50 host addresses, reducing address waste.

CIDR is based on variable-length subnet masking (VLSM), which enables network engineers to divide an IP address space into a hierarchy of subnets of different sizes, making it possible to create subnetworks with different host counts without wasting large numbers of addresses.

CIDR addresses are made up of two sets of numbers: a prefix, which is the binary representation of the network address -- similar to what would be seen in a normal IP address -- and a suffix, which declares the total number of bits in the entire address.

For example, CIDR notation may look like: 192.168.129.23/17 -- with 17 being the number of bits in the address. IPv4 addresses allow a maximum of 32 bits.

(In the above example, the first 17 bits are of network address. And the remaining 32-17 = 15 bits are for host addresses. So, total usable host would be: (2^15)-2 addresses. First and last addresses are reserved which we already discussed above)

Converting the IP address to binary and applying the subnet mask, we get:

IP address: 11000000.10101000.10000001.00010111

Subnet mask: 11111111.11111111.10000000.00000000 (Simply, make the /number as one and remaining all zeros)

The first and second octet values are given: 192.168._?

For the 3rd octet, the (binary value = 10000000) and it's corresponding decimal value would be 128 (128 64 32 16 8 4 2 1)

So, the network address would be 192.168.128.0 and starts from 192.168.129.0 (as the first one is reserved)

We are given /17. So, the first 17 bits are for the network address. Now remaining bits in the 3rd octet i.e 7 bits in the octet can range from 0 to 2^7 = 128.

So, we're already given 192.168.128.0. It can range up to 192.168.255(128+128).255.

AWS VPC Subnetting

Key Points

  • The allowed range of CIDR block size for the VPC (Virtual Private Cloud) is between a /16 network mask (65,536 IP addresses) and /28 network mask (16 IP addresses).

  • The CIDR block of a subnet can be same as that of the block for the VPC (for a single subnet in the VPC)

  • In a subnet CIDR block, the first four IP addresses and the last IP address in each subnet block are not available to use, and cannot be assigned to an instance.

  • For example, in a subnet with block 10.0.0.0/24, the following five IP addresses are reserved:

    a) 10.0.0.0: Network address.

    b) 10.0.0.1: Reserved by AWS for the VPC router.

    c) 10.0.0.2: Reserved by AWS.

    d) 10.0.0.3: Reserved by AWS for future use.

    e) 10.0.0.255: Network broadcast address.

Why we need AWS VPC Subnets

  • AWS Virtual Private Cloud (VPC) allows you to create a private, isolated section of the AWS Cloud where you can launch AWS resources. Subnets are required within a VPC to logically partition the VPC's IP address range and control the routing of network traffic.

  • When you create a subnet, you specify a CIDR block, which is a subset of the VPC's CIDR block. This CIDR block defines the range of IP addresses available for instances or other resources within the subnet.

  • Each subnet must indeed reside entirely within one Availability Zone and cannot span zones. Availability Zones are isolated from each other to provide fault tolerance and stability. By deploying resources across multiple Availability Zones, you can ensure high availability and fault tolerance for your applications.

  • AWS assigns a unique ID to each subnet within a VPC. This identifier is used internally by AWS and can be used to reference the subnet when working with AWS services or APIs.

AWSsubnet