Monday, October 19, 2015

Subnet Guide: how many hosts you can have on a subnet?

Subnet Guide: how many hosts you can have on a subnet?
draft...

How to find how many hosts you can have on a subnet?

There are mainly two type of IP addresses. IPv4 and IPv6. IPv4 is 32 bit (4 octects 000.000.000.000; each octets has 8 bits totaling 32) and IPv6 is 128 bits. IPv4 has somewhere around 4billion address and they are running out. That is why, they created IPv6 which is 128 bit has trillions of ip addresses.

IP address classes
Class Range Decimal Range
A 1 – 126* 0
B 128 – 191 10
C 192 – 223 110
D 224 – 239 1110

Note: 0 and 127 are reserved


In subnetting, some bits are reserved for network part and some bits for host part. Here is an example of each class and their segregation of network and host part.


NNNNNNNN   .HHHHHHHH   .HHHHHHHH   .HHHHHHHH   Class A Address
NNNNNNNN   .NNNNNNNN   .HHHHHHHH   .HHHHHHHH   Class B Address
NNNNNNNN   .NNNNNNNN   .NNNNNNNN   .HHHHHHHH   Class C Address

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Lets see you have 32 bit subnet with all ones. Lets talk about 192.168.1.0/21

255.255.255.255  ==>> each section is 8 bit. on /24 network, first 3 sections are for network and the 4th one for host part.

In this case, you have 24 bit of network and 8 bit of host. Here you gave 3 bit for host part so host side has 10 (7+3) bit. so you can have 2 to the power of 10 -2 ( one for broadcast and one for router). So, on network side you have (24-3 =) 21 bit. So, your network is 192.168.x.0/21.

if you give 2 bits out of 24 bit from network side, you will have (7+2 =) 9 bit. So you will have 2 to the power of 9 -2 hosts (on host side) and on network side you will have 22 (24-2) bit. So your network is 192.168.x.0/22

notation                                                      resulting subnet
netmask                shorthand                                 number of addresses
255.255.255.0   /24 [8-bit]     28 =    256     = 254 hosts + 1 bcast + 1 net base
255.255.255.128 /25 [7-bit]     27 =    128     = 126 hosts + 1 bcast + 1 net base
255.255.255.192 /26 [6-bit]     26 =    64      = 62 hosts + 1 bcast + 1 net base
255.255.255.224 /27 [5-bit]     25 =    32      = 30 hosts + 1 bcast + 1 net base
255.255.255.240 /28 [4-bit]     24 =    16      = 14 hosts + 1 bcast + 1 net base
255.255.255.248 /29 [3-bit]     23 =    8       = 6 hosts + 1 bcast + 1 net base
255.255.255.252 /30 [2-bit]     22 =    4       = 2 hosts + 1 bcast + 1 net base
255.255.255.254 /31 [1-bit]     21 =    -       invalid (no possible hosts)
255.255.255.255 /32 [0-bit]     20 =    1       a host route (odd duck case)

Addresses       Hosts   Netmask Amount of a Class C
/30     4       2       255.255.255.252 1/64
/29     8       6       255.255.255.248 1/32
/28     16      14      255.255.255.240 1/16
/27     32      30      255.255.255.224 1/8
/26     64      62      255.255.255.192 1/4
/25     128     126     255.255.255.128 1/2
/24     256     254     255.255.255.0   1
/23     512     510     255.255.254.0   2
/22     1024    1022    255.255.252.0   4
/21     2048    2046    255.255.248.0   8
/20     4096    4094    255.255.240.0   16
/19     8192    8190    255.255.224.0   32
/18     16384   16382   255.255.192.0   64
/17     32768   32766   255.255.128.0   128
/16     65536   65534   255.255.0.0     256

http://www.digipro.com/Papers/IP_Subnetting.shtml
http://www.bassconsulting.com/ip_subnetting.htm
http://www.techrepublic.com/blog/data-center/ip-subnetting-made-easy-125343/
http://www.tcpipguide.com/free/t_IPSubnettingStep5DeterminingHostAddressesForEachSu.htm
http://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/13788-3.html
http://subnettingmadeeasy.blogspot.com/2007/11/subnetting-made-easy-lesson.html
https://srobb.net/subnet.html

more to add..

Saturday, January 5, 2013


^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^66

Something to know about -

Hashing provides integrity for digital signatures and other data. A digital signature is a hash of the message encrypted with the sender’s private key

A digital signature is an encrypted hash of a message. The sender’s private
key encrypts the hash of the message to create the digital signature. The
recipient decrypts the hash with the sender’s public key. If successful, it
provides authentication, non-repudiation, and integrity. Authentication
identifies the sender. Integrity verifies the message has not been modified.
Non-repudiation prevents senders from later denying they sent an email.


The recipient’s public key encrypts when encrypting an email message and
the recipient uses the recipient’s private key to decrypt an encrypted email
message.



Time Offsets

Windows: 64-bit time stamp

- Number of 100-nanosecond intervals since
- January 1, 1601 00:00:00 GMT
- This stops working in 58,000 years

Unix: 32-bit time stamp
- Number of seconds since January 1, 1970 00:00:00 GMT
- This stops working on Tuesday, January 19, 2038 at 3:14:07 GMT


Two popular hashing algorithms used to verify integrity are MD5 and SHA.
HMAC verifies both the integrity and authenticity of a message with the use
of a shared secret. Other protocols such as IPsec and TLS use HMAC-MD5
and HMAC-SHA1.

IPsec must use HMAC for authentication and integrity. It can use either AES or 3DES for
encryption with ESP. When IPsec uses ESP, it encrypts the entire packet,
including the original IP header, and creates an additional IP header.



A VLAN, or virtual local-area network, was originally designed to decrease broadcast traffic on the data link layer. However, if implemented properly, it can also reduce the likelihood of having information compromised by network sniffers. It does both of these by compartmentalizing the network, usually by MAC address. This should not be confused with subnetting, which compartmentalizes the network by IP address on the network layer.

Banner grabbing is a technique used to find out information about web servers, FTP servers, and mail servers.  A VPN, or virtual private network, enables the secure connection of remote users to your network.
RADIUS authenticates users to a network and is sometimes used with a VPN.






No comments:

Post a Comment