Subnet Guide: how many hosts you can have on a subnet?
draft...
How to find how many hosts you can have on a subnet?
There are mainly two type of IP addresses. IPv4 and IPv6. IPv4 is 32 bit (4 octects 000.000.000.000; each octets has 8 bits totaling 32) and IPv6 is 128 bits. IPv4 has somewhere around 4billion address and they are running out. That is why, they created IPv6 which is 128 bit has trillions of ip addresses.
IP address classes
Class Range Decimal Range
A 1 – 126* 0
B 128 – 191 10
C 192 – 223 110
D 224 – 239 1110
Note: 0 and 127 are reserved
In subnetting, some bits are reserved for network part and some bits for host part. Here is an example of each class and their segregation of network and host part.
NNNNNNNN .HHHHHHHH .HHHHHHHH .HHHHHHHH Class A Address
NNNNNNNN .NNNNNNNN .HHHHHHHH .HHHHHHHH Class B Address
NNNNNNNN .NNNNNNNN .NNNNNNNN .HHHHHHHH Class C Address
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Lets see you have 32 bit subnet with all ones. Lets talk about 192.168.1.0/21
255.255.255.255 ==>> each section is 8 bit. on /24 network, first 3 sections are for network and the 4th one for host part.
In this case, you have 24 bit of network and 8 bit of host. Here you gave 3 bit for host part so host side has 10 (7+3) bit. so you can have 2 to the power of 10 -2 ( one for broadcast and one for router). So, on network side you have (24-3 =) 21 bit. So, your network is 192.168.x.0/21.
if you give 2 bits out of 24 bit from network side, you will have (7+2 =) 9 bit. So you will have 2 to the power of 9 -2 hosts (on host side) and on network side you will have 22 (24-2) bit. So your network is 192.168.x.0/22
notation resulting subnet
netmask shorthand number of addresses
255.255.255.0 /24 [8-bit] 28 = 256 = 254 hosts + 1 bcast + 1 net base
255.255.255.128 /25 [7-bit] 27 = 128 = 126 hosts + 1 bcast + 1 net base
255.255.255.192 /26 [6-bit] 26 = 64 = 62 hosts + 1 bcast + 1 net base
255.255.255.224 /27 [5-bit] 25 = 32 = 30 hosts + 1 bcast + 1 net base
255.255.255.240 /28 [4-bit] 24 = 16 = 14 hosts + 1 bcast + 1 net base
255.255.255.248 /29 [3-bit] 23 = 8 = 6 hosts + 1 bcast + 1 net base
255.255.255.252 /30 [2-bit] 22 = 4 = 2 hosts + 1 bcast + 1 net base
255.255.255.254 /31 [1-bit] 21 = - invalid (no possible hosts)
255.255.255.255 /32 [0-bit] 20 = 1 a host route (odd duck case)
Addresses Hosts Netmask Amount of a Class C
/30 4 2 255.255.255.252 1/64
/29 8 6 255.255.255.248 1/32
/28 16 14 255.255.255.240 1/16
/27 32 30 255.255.255.224 1/8
/26 64 62 255.255.255.192 1/4
/25 128 126 255.255.255.128 1/2
/24 256 254 255.255.255.0 1
/23 512 510 255.255.254.0 2
/22 1024 1022 255.255.252.0 4
/21 2048 2046 255.255.248.0 8
/20 4096 4094 255.255.240.0 16
/19 8192 8190 255.255.224.0 32
/18 16384 16382 255.255.192.0 64
/17 32768 32766 255.255.128.0 128
/16 65536 65534 255.255.0.0 256
http://www.digipro.com/Papers/IP_Subnetting.shtml
http://www.bassconsulting.com/ip_subnetting.htm
http://www.techrepublic.com/blog/data-center/ip-subnetting-made-easy-125343/
http://www.tcpipguide.com/free/t_IPSubnettingStep5DeterminingHostAddressesForEachSu.htm
http://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/13788-3.html
http://subnettingmadeeasy.blogspot.com/2007/11/subnetting-made-easy-lesson.html
https://srobb.net/subnet.html
more to add..
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^66
Something to know about -
Hashing provides integrity for digital signatures and other data. A digital signature is a hash of the message encrypted with the sender’s private key
A digital signature is an encrypted hash of a message. The sender’s private
key encrypts the hash of the message to create the digital signature. The
recipient decrypts the hash with the sender’s public key. If successful, it
provides authentication, non-repudiation, and integrity. Authentication
identifies the sender. Integrity verifies the message has not been modified.
Non-repudiation prevents senders from later denying they sent an email.
The recipient’s public key encrypts when encrypting an email message and
the recipient uses the recipient’s private key to decrypt an encrypted email
message.
Time Offsets
Windows: 64-bit time stamp
- Number of 100-nanosecond intervals since
- January 1, 1601 00:00:00 GMT
- This stops working in 58,000 years
Unix: 32-bit time stamp
- Number of seconds since January 1, 1970 00:00:00 GMT
- This stops working on Tuesday, January 19, 2038 at 3:14:07 GMT
Two popular hashing algorithms used to verify integrity are MD5 and SHA.
HMAC verifies both the integrity and authenticity of a message with the use
of a shared secret. Other protocols such as IPsec and TLS use HMAC-MD5
and HMAC-SHA1.
IPsec must use HMAC for authentication and integrity. It can use either AES or 3DES for
encryption with ESP. When IPsec uses ESP, it encrypts the entire packet,
including the original IP header, and creates an additional IP header.
A VLAN, or virtual local-area network, was originally designed to decrease broadcast traffic on the data link layer. However, if implemented properly, it can also reduce the likelihood of having information compromised by network sniffers. It does both of these by compartmentalizing the network, usually by MAC address. This should not be confused with subnetting, which compartmentalizes the network by IP address on the network layer.
Banner grabbing is a technique used to find out information about web servers, FTP servers, and mail servers. A VPN, or virtual private network, enables the secure connection of remote users to your network.
RADIUS authenticates users to a network and is sometimes used with a VPN.
draft...
How to find how many hosts you can have on a subnet?
There are mainly two type of IP addresses. IPv4 and IPv6. IPv4 is 32 bit (4 octects 000.000.000.000; each octets has 8 bits totaling 32) and IPv6 is 128 bits. IPv4 has somewhere around 4billion address and they are running out. That is why, they created IPv6 which is 128 bit has trillions of ip addresses.
IP address classes
Class Range Decimal Range
A 1 – 126* 0
B 128 – 191 10
C 192 – 223 110
D 224 – 239 1110
Note: 0 and 127 are reserved
In subnetting, some bits are reserved for network part and some bits for host part. Here is an example of each class and their segregation of network and host part.
NNNNNNNN .HHHHHHHH .HHHHHHHH .HHHHHHHH Class A Address
NNNNNNNN .NNNNNNNN .HHHHHHHH .HHHHHHHH Class B Address
NNNNNNNN .NNNNNNNN .NNNNNNNN .HHHHHHHH Class C Address
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Lets see you have 32 bit subnet with all ones. Lets talk about 192.168.1.0/21
255.255.255.255 ==>> each section is 8 bit. on /24 network, first 3 sections are for network and the 4th one for host part.
In this case, you have 24 bit of network and 8 bit of host. Here you gave 3 bit for host part so host side has 10 (7+3) bit. so you can have 2 to the power of 10 -2 ( one for broadcast and one for router). So, on network side you have (24-3 =) 21 bit. So, your network is 192.168.x.0/21.
if you give 2 bits out of 24 bit from network side, you will have (7+2 =) 9 bit. So you will have 2 to the power of 9 -2 hosts (on host side) and on network side you will have 22 (24-2) bit. So your network is 192.168.x.0/22
notation resulting subnet
netmask shorthand number of addresses
255.255.255.0 /24 [8-bit] 28 = 256 = 254 hosts + 1 bcast + 1 net base
255.255.255.128 /25 [7-bit] 27 = 128 = 126 hosts + 1 bcast + 1 net base
255.255.255.192 /26 [6-bit] 26 = 64 = 62 hosts + 1 bcast + 1 net base
255.255.255.224 /27 [5-bit] 25 = 32 = 30 hosts + 1 bcast + 1 net base
255.255.255.240 /28 [4-bit] 24 = 16 = 14 hosts + 1 bcast + 1 net base
255.255.255.248 /29 [3-bit] 23 = 8 = 6 hosts + 1 bcast + 1 net base
255.255.255.252 /30 [2-bit] 22 = 4 = 2 hosts + 1 bcast + 1 net base
255.255.255.254 /31 [1-bit] 21 = - invalid (no possible hosts)
255.255.255.255 /32 [0-bit] 20 = 1 a host route (odd duck case)
Addresses Hosts Netmask Amount of a Class C
/30 4 2 255.255.255.252 1/64
/29 8 6 255.255.255.248 1/32
/28 16 14 255.255.255.240 1/16
/27 32 30 255.255.255.224 1/8
/26 64 62 255.255.255.192 1/4
/25 128 126 255.255.255.128 1/2
/24 256 254 255.255.255.0 1
/23 512 510 255.255.254.0 2
/22 1024 1022 255.255.252.0 4
/21 2048 2046 255.255.248.0 8
/20 4096 4094 255.255.240.0 16
/19 8192 8190 255.255.224.0 32
/18 16384 16382 255.255.192.0 64
/17 32768 32766 255.255.128.0 128
/16 65536 65534 255.255.0.0 256
http://www.digipro.com/Papers/IP_Subnetting.shtml
http://www.bassconsulting.com/ip_subnetting.htm
http://www.techrepublic.com/blog/data-center/ip-subnetting-made-easy-125343/
http://www.tcpipguide.com/free/t_IPSubnettingStep5DeterminingHostAddressesForEachSu.htm
http://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/13788-3.html
http://subnettingmadeeasy.blogspot.com/2007/11/subnetting-made-easy-lesson.html
https://srobb.net/subnet.html
more to add..
Saturday, January 5, 2013
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^66
Something to know about -
Hashing provides integrity for digital signatures and other data. A digital signature is a hash of the message encrypted with the sender’s private key
A digital signature is an encrypted hash of a message. The sender’s private
key encrypts the hash of the message to create the digital signature. The
recipient decrypts the hash with the sender’s public key. If successful, it
provides authentication, non-repudiation, and integrity. Authentication
identifies the sender. Integrity verifies the message has not been modified.
Non-repudiation prevents senders from later denying they sent an email.
The recipient’s public key encrypts when encrypting an email message and
the recipient uses the recipient’s private key to decrypt an encrypted email
message.
Time Offsets
Windows: 64-bit time stamp
- Number of 100-nanosecond intervals since
- January 1, 1601 00:00:00 GMT
- This stops working in 58,000 years
Unix: 32-bit time stamp
- Number of seconds since January 1, 1970 00:00:00 GMT
- This stops working on Tuesday, January 19, 2038 at 3:14:07 GMT
Two popular hashing algorithms used to verify integrity are MD5 and SHA.
HMAC verifies both the integrity and authenticity of a message with the use
of a shared secret. Other protocols such as IPsec and TLS use HMAC-MD5
and HMAC-SHA1.
IPsec must use HMAC for authentication and integrity. It can use either AES or 3DES for
encryption with ESP. When IPsec uses ESP, it encrypts the entire packet,
including the original IP header, and creates an additional IP header.
A VLAN, or virtual local-area network, was originally designed to decrease broadcast traffic on the data link layer. However, if implemented properly, it can also reduce the likelihood of having information compromised by network sniffers. It does both of these by compartmentalizing the network, usually by MAC address. This should not be confused with subnetting, which compartmentalizes the network by IP address on the network layer.
Banner grabbing is a technique used to find out information about web servers, FTP servers, and mail servers. A VPN, or virtual private network, enables the secure connection of remote users to your network.
RADIUS authenticates users to a network and is sometimes used with a VPN.