LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Why do I have a netmask of 255.255.240.0? (http://www.linuxquestions.org/questions/linux-networking-3/why-do-i-have-a-netmask-of-255-255-240-0-a-4175431961/)

MetaMan 10-13-2012 12:43 AM

Why do I have a netmask of 255.255.240.0?
 
I ISP recently came in and changed my networking gear, and the new layout really confuses me. Let me explain what I understand of networking: I know that normally, you have a modem which has an external ip and a router that serves up internal ip's for your network. I don't really understand what a netmask or subnet is, let alone a broadcast address.

Before my ISP changed my gear, I had an external IP and internal ones that are the standard 192.168.1.x. If I want to connect to another computer on my network, I could find that ip by nmap-ing my network with 192.168.1.*. When I try nmap-ing my new ip range (66.6.14.x) , I get this:
Code:

==========Several other results cut out=================
Nmap scan report for 66-6-14-52.p0.itctel.com (66.6.14.52)
Host is up (0.052s latency).
Not shown: 99 closed ports
PORT    STATE    SERVICE
113/tcp filtered ident
MAC Address: 00:26:0B:49:4F:40 (Cisco Systems)

Nmap scan report for 66-6-14-53.p0.itctel.com (66.6.14.53)
Host is up (0.094s latency).
Not shown: 96 closed ports
PORT  STATE SERVICE
21/tcp open  ftp
22/tcp open  ssh
23/tcp open  telnet
80/tcp open  http
MAC Address: 00:26:0B:49:4F:40 (Cisco Systems)

Nmap scan report for 66-6-14-54.p0.itctel.com (66.6.14.54)
Host is up (0.12s latency).
Not shown: 99 filtered ports
PORT  STATE SERVICE
80/tcp open  http
MAC Address: 00:26:0B:49:4F:40 (Cisco Systems)

Nmap scan report for 66-6-14-55.p0.itctel.com (66.6.14.55)
Host is up (0.15s latency).
Not shown: 96 closed ports
PORT  STATE SERVICE
21/tcp open  ftp
22/tcp open  ssh
23/tcp open  telnet
80/tcp open  http
MAC Address: 00:26:0B:49:4F:40 (Cisco Systems)

Nmap scan report for 66-6-14-56.p0.itctel.com (66.6.14.56)
Host is up (0.11s latency).
Not shown: 96 closed ports
PORT  STATE SERVICE
21/tcp open  ftp
22/tcp open  ssh
23/tcp open  telnet
80/tcp open  http
MAC Address: 00:26:0B:49:4F:40 (Cisco Systems)
==========Several other results cut out=================

Also, my COMPUTER's IP shown up in that list, being 66.6.14.132. Why is my computer in the same range as several routers? (If I try connecting to some with a web browser, a auth window that says "Broadband Router" pops up)

When I do ifconfig, I get this:
Code:

wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 66.6.14.132  netmask 255.255.240.0  broadcast 66.6.15.255
        inet6 fe80::21b:77ff:fe51:292e  prefixlen 64  scopeid 0x20<link>
        ether 00:1b:77:51:29:2e  txqueuelen 1000  (Ethernet)
        RX packets 1172458  bytes 1631886197 (1.5 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 804997  bytes 85329613 (81.3 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

What has changed? I would like to learn what is going on. Is there a way I could set it up the way it was before? (Internal IP's 192.168.1.x) Is my router doing DHCP? And if so, how, when it's sharing the same range as other device that aren't on my network? Please explain in as much detail as you can, and sorry if this was a bit long. XD I am currently a high schooler and I am hoping for a future career as a sysamin.

Thanks! :D

Lone_Wolf 10-13-2012 08:22 AM

Note : this is all about IPv4 .

To understand ip ranges and netmasks, you need to know how to deal with binary numbers and understand subnets.
If you can't work with binary numbers and binary operations like OR, XOR , AND you'll have a hard time.

All network adresses are split in 2 parts :
Network ID designates the network (ip-range) you're in
Host ID : the part that is available for individual devices addresses .


The common notation for network is like this :
x.x.x.x/y .
x.x.x.x is the lowest address possible in the ip-range and used as identifier to discern your network from other networks.
Y is the number of bits in the networkaddress shared by all devices in that network.

convention is that networks always start with 0 , while broadcast address is the highest address possible in that network . both are reserved and have specific functionality linked to it.
Broadcast address can be found by adding the highest possible host ID to the network address and is easiest to find in binary.

Netmasks are binary OR'ed with a network address to determine whether an address is in your network or not.

examples :
Whole ipv4 internet : 0.0.0.0/0
192.168.1.0/24 :
broadcast address 192.168.1.255 , devices can use 192.168.1.1 upto 192.168.1.254 so there's room for 254 devices.

The network your ISP has put you in has network address 66.6.14.0 .
netmask 255.255.240.0 in binary =
1111 1111. 1111 1111. 1111 0000. 0000 0000
This tells us that the host part of the network uses 12 bits , while the network part has 20 bits.
the network you're in is described like this :
66.6.14.0/20
12 bits for host part means there are 2 ^ 12 devices possible in that network, 2 are reserved so that leaves 2^12 - 2 = 4094 devices .

Calculating Broadcast adress for that network :
1000 0010. 0000 0110. 0000 1110. 0000 0000 (66.6.14.0 in binary)
0000 0000. 0000 0000. 0000 1111. 1111 1111 ( Binary inverted netmask)
--------------------------------------------------- ADD UP
1000 0010. 0000 0110. 0001 0001. 1111 1111
Decimal this becomes 66.6.17.255 .

The network your pc is now in starts at 66.6.14.0 and ends at 66.6.17.255 .

There's lots more to explain, but the above is basic networking stuff so i want to be sure you understand this before continuing.

MetaMan 10-13-2012 12:08 PM

OK, I'm going to try to break this into chunks to avoid information overload.
Quote:

Note : this is all about IPv4 .

To understand ip ranges and netmasks, you need to know how to deal with binary numbers and understand subnets.
If you can't work with binary numbers and binary operations like OR, XOR , AND you'll have a hard time.

All network adresses are split in 2 parts :
Network ID designates the network (ip-range) you're in
Host ID : the part that is available for individual devices addresses .


The common notation for network is like this :
x.x.x.x/y .
x.x.x.x is the lowest address possible in the ip-range and used as identifier to discern your network from other networks.
Y is the number of bits in the networkaddress shared by all devices in that network.
When you say "notation for network", are you talking about network ID? When you say network address, are you talking about something like 192.168.1.1?. When I set up a Debian box once, there was an optional setting when I was setting up the network called "network" (along with gateway,netmask, etc.) Is this what you are talking about? Also, what is meant by "x.x.x.x is the lowest address possible in the ip-range" Would this be, in the case of your average LAN, 192.168.1.0? And, even more so, is this why you can only use 192.168.1.1 through 192.168.1.254, because 192.168.1.0 and 192.168.1.255 are being used for other purposes? And if so, how are they "used"? Because they are not really a device.
And, lastly, do you know any good resources for learning how binary comes into play in networking?

Again, thanks for your time.

Lone_Wolf 10-13-2012 03:43 PM

Quote:

When you say "notation for network", are you talking about network ID?
a network is a group of devices that share a network ID .
a network address/ip-address combines both network ID and host ID in 1 address.

Quote:

When you say network address, are you talking about something like 192.168.1.1?
192.168.1.1 , 10.15.33.8 , 126.67.213.191 are all examples of network addresses .

for 192.168.1.1 , the network ID is 192.168.1.0 . the host ID is 0.0.0.1 .
splitting those 2 is done with Binary logical operations, see below.

Quote:

Also, what is meant by "x.x.x.x is the lowest address possible in the ip-range" Would this be, in the case of your average LAN, 192.168.1.0?
in the average lan 192.168.1.0 is indeed the lowest possible address.

Quote:

And, even more so, is this why you can only use 192.168.1.1 through 192.168.1.254, because 192.168.1.0 and 192.168.1.255 are being used for other purposes?
Correct

Quote:

And if so, how are they "used"? Because they are not really a device.
the lowest address is mainly used in routers to keep track of what networks they are connected to, but there is no device with that address.

The broadcast address is interpreted as "every device in this network", and every device in the network listens to broadcast signals.
an example use of this is DHCP.
your network card wants to get an address, but it doesn't know which dhcp servers are present in the network.
It send a "dhcp discovery request" signal to the broadcast address.
Every device on the network receives that request, and if it is a dhcp server sends a reply to your network card with DHCP data.
a device that is not a dhcp server ignores this request.

Quote:

And, lastly, do you know any good resources for learning how binary comes into play in networking?
the binary math used in networking is the same as those used in all binary math.

basic binary and addition are explained here : http://www.binarymath.info/
The subtraction, multiplication and division parts are not needed for networking

For binary logical operations, check here : https://en.wikipedia.org/wiki/Bitwise_operation

NOT, AND and OR operators are the most important operations for networking.
XOR is sometimes used also.

jefro 10-13-2012 04:12 PM

IP address PLUS Subnet Mask tell your system what is IN and what is OUT of your lan. If out then you need a gateway. For some reason books still go with class based but there are simple calculators to use for special classless subnets.

The issue to remember that the ip and subnet are used basically for only one thing. To send data out of lan.

MetaMan 10-13-2012 07:43 PM

OK, I've read the pages and understand basic binary math (addition and subtraction) and the NOT, AND, OR, and XOR operators. I will say, reading that, a lot more of this makes sense.

Quote:

a network address/ip-address combines both network ID and host ID in 1 address.
How is it combined? With binary addition?

Quote:

the lowest address is mainly used in routers to keep track of what networks they are connected to, but there is no device with that address.
How is that address used to keep track and to what networks? Networks outside my LAN and/or the public internet?
What you said about the broadcast address also helped alot. I was actually wondering how a device decides where to send its DHCP request.

Also, why is it so important that a device knows whether another device is on the same network or not? I'm sure there is a good reason, but how does it help?

I think I understand that a netmask of 255.255.255.0 means a possible range of x.x.x.0 to x.x.x.255, but how is the range calculated for a netmask of 255.255.240.0? You said below the range is 6.66.14.0 to 6.66.17.255. Is the range then network id to broadcast? Also, how does said range convert to 66.6.14.0/20? I'm mainly wondering where the 17 comes from.

Since I have a weird range like that, does it mean that I'm not on a LAN? Is my computer exposed directly to the internet? Am I not "behind NAT"? What is NAT? Is NAT the name for the system in which a router has one external IP for all my various devices?

I hope I don't kill someone with all my questions. XD

Much thanks!

rknichols 10-13-2012 11:05 PM

Quote:

Originally Posted by MetaMan (Post 4805089)
How is it combined? With binary addition?

The bit fields are non-overlapping, so either addition or a binary OR would give the same result.
Quote:

Originally Posted by MetaMan (Post 4805089)
How is that address used to keep track and to what networks? Networks outside my LAN and/or the public internet?

An address with all zeros in the host ID is commonly used in documentation to refer to a network rather than any particular host on the network. Today, there is really nothing special about host ID 0, and that address could actually be assigned to a host, but usually isn't because old software or firmware might regard such an address as somehow special.
Quote:

Originally Posted by MetaMan (Post 4805089)
I was actually wondering how a device decides where to send its DHCP request.

For a DHCP renewal, the request is sent to the address of the server that granted the current lease. An initial DHCP request is sent to the global broadcast address, 255.255.255.255, and the server broadcasts its reply since the client does not yet know its IP address.
Quote:

Originally Posted by MetaMan (Post 4805089)
Also, why is it so important that a device knows whether another device is on the same network or not?

Packets going between devices on the same network are the only ones that can be sent directly from host to host. A packet destined for a device that is not on the same network needs to be sent to a router that serves as a gateway between the local network and the rest of the internet.
Quote:

Originally Posted by MetaMan (Post 4805089)
I think I understand that a netmask of 255.255.255.0 means a possible range of x.x.x.0 to x.x.x.255, but how is the range calculated for a netmask of 255.255.240.0? You said below the range is 6.66.14.0 to 6.66.17.255. Is the range then network id to broadcast? Also, how does said range convert to 66.6.14.0/20? I'm mainly wondering where the 17 comes from.

Your confusion is understandable since 66.6.14.0/20 is not a valid address for a network. When you write the addresses in binary it becomes obvious (and only people who do this stuff in their sleep don't have to resort to that occasionally).
Code:

255.255.240.0 = 11111111 11111111 11110000 00000000    Netmask for a /20
66.6.14.0    = 10000010 00000110 00001110 00000000    Oops!

Let's try that again with the address masked correctly:
Code:

255.255.240.0 = 11111111 11111111 11110000 00000000    Netmask for a /20
66.6.0.0      = 10000010 00000110 00000000 00000000    Address of your network (all-zero host ID)
66.6.14.132  = 10000010 00000110 00001110 10000100    Your full address (host bits in blue)
66.6.15.255  = 10000010 00000110 00001111 11111111    Broadcast address (all ONEs in the host ID)

Quote:

Originally Posted by MetaMan (Post 4805089)
Since I have a weird range like that, does it mean that I'm not on a LAN? Is my computer exposed directly to the internet? Am I not "behind NAT"? What is NAT? Is NAT the name for the system in which a router has one external IP for all my various devices?

Yes, that is a global address that can be reached from anywhere on the internet.

NAT is Network Address Translation, a way for devices on a local network to share a single global IP address. Devices on the local network are assigned addresses in one of the ranges reserved for local use (192.168.0.0/16 or 10.0.0.0/8) and the gateway router keeps track of who sent what to where and adjusts the source and destination address fields so that packets are directed to the right places. Until you feel you understand how the basic addressing you are using now works, I suggest you don't worry about NAT.

Lone_Wolf 10-14-2012 06:04 AM

Quote:

Originally Posted by rknichols (Post 4805151)
Your confusion is understandable since 66.6.14.0/20 is not a valid address for a network. When you write the addresses in binary it becomes obvious (and only people who do this stuff in their sleep don't have to resort to that occasionally).
Code:

255.255.240.0 = 11111111 11111111 11110000 00000000    Netmask for a /20
66.6.14.0    = 10000010 00000110 00001110 00000000    Oops!

Let's try that again with the address masked correctly:
Code:

255.255.240.0 = 11111111 11111111 11110000 00000000    Netmask for a /20
66.6.0.0      = 10000010 00000110 00000000 00000000    Address of your network (all-zero host ID)
66.6.14.132  = 10000010 00000110 00001110 10000100    Your full address (host bits in blue)
66.6.15.255  = 10000010 00000110 00001111 11111111    Broadcast address (all ONEs in the host ID)


oops, forget to check if the 66.6.14.0 was really the start of that network.
The network metaman is in starts at 66.6.0.0 and ends at 66.6.15.255 .


Quote:

Originally Posted by rknichols (Post 4805151)
Yes, that is a global address that can be reached from anywhere on the internet.

NAT is Network Address Translation, a way for devices on a local network to share a single global IP address. Devices on the local network are assigned addresses in one of the ranges reserved for local use (192.168.0.0/16 or 10.0.0.0/8) and the gateway router keeps track of who sent what to where and adjusts the source and destination address fields so that packets are directed to the right places. Until you feel you understand how the basic addressing you are using now works, I suggest you don't worry about NAT.

I i agree we should not discuss NAT for now, there's one security issue that if feel should be mentioned :
Systems behind a nat-router are not directly visible for computers on the internet, so it does give some protection.
For systems with a public ip-address, you need to have a firewall running to protect your system.


A more general comment :
while the situation with 1 router that only knows / separates 2 networks (internal and external) is common with isps, in company environments there are more networks involved.

an example :
A company uses the 20.0.0.0/16 network.
they want to separate finance computers , standard office computers, servers and printers from each other.
Production also needs it's own network.
This would translate to having 5 subnetworks .
if all this was managed by 1 router, that means that router is connected with 6 networks :
the 5 used by the company + the internet.

In short the 2 networks setup common in home use is just the simplest case.

MetaMan 10-14-2012 09:42 PM

OK, this makes much more sense now. I have an IP of 66.6.14.132. With the netmask of 255.255.240.0, I know that the last 12 bits are the hostid, and I can zero those out to find the network address which is 66.6.0.0, and find the broadcast by making those 12 bits 1, which results in 66.6.15.255. To wrap this all up, the network would then be 66.6.0.0/20, right? I see why that notation is useful now. It tells you all this information in just a few numbers.

Quote:

Yes, that is a global address that can be reached from anywhere on the internet.
o_O Why do my computers each have their own external IP? Is this normal? Is there a way I can turn on NAT? I don't like the idea of each my computers being exposed to the interwebz.

I should also mention, because this might be important, that my network setup is a little weird. My ISP gave my what appears to be a modem/router combo (It would do DHCP, NAT, etc. all by itself). The problem is, they charge for wireless, which is silly, because it doesn't cost them anything, but anyway, to get wireless, I would connect a second router with DHCP turned off to act as a switch and access point. On my old setup, I would still have the normal 192.168.1.0/24 (I feel so smart describing the network like that. :P). Could I get NAT on my new setup by turning DHCP back on and plugging the cable from the ISP router/modem into the WAN port on the second router? Is the new device I have even a router? Or is it just a modem, and I somehow am getting multiple IP's on my ISP's network because it is setup as a switch? Where is my DHCP coming from?

Hopefully that is clear enough to understand.

So, so much thanks!
EDIT: XD. My school computer runs Windows, BTW, hence the logo in all but my first post.

Lone_Wolf 10-15-2012 05:10 AM

Quote:

Originally Posted by MetaMan (Post 4805778)
o_O Why do my computers each have their own external IP? Is this normal? Is there a way I can turn on NAT? I don't like the idea of each my computers being exposed to the interwebz.

In company networks this is common, and with IPv6 it will be same for home use .
(IPv6 doesn't need NAT ).
Note that on both company networks and IPv6 it's recommended to use firewalls/ proxies and such on network level for protection.

Quote:

Originally Posted by MetaMan (Post 4805778)
Where is my DHCP coming from?

look for a file with leases in the name, that's where dhcp clients store the info they get from the server .
with a bit of luck it will show the address of the dhcp server.

The 2 most common dhcp clients (dhcpcd and dhclient) store this file in /var/lib/dhcp .

Quote:

Originally Posted by MetaMan (Post 4805778)
I should also mention, because this might be important, that my network setup is a little weird. My ISP gave my what appears to be a modem/router combo (It would do DHCP, NAT, etc. all by itself). The problem is, they charge for wireless, which is silly, because it doesn't cost them anything, but anyway, to get wireless, I would connect a second router with DHCP turned off to act as a switch and access point. On my old setup, I would still have the normal 192.168.1.0/24 (I feel so smart describing the network like that. :P). Could I get NAT on my new setup by turning DHCP back on and plugging the cable from the ISP router/modem into the WAN port on the second router? Is the new device I have even a router? Or is it just a modem, and I somehow am getting multiple IP's on my ISP's network because it is setup as a switch?

In principle you can indeed enable nat on your wireless router, but routers use special protocols to communicate with other routers and often isp router/modem combos only use those on their dsl/cable port that connects to the isp.

If you can find out brand/model/type of both your wirelesss router and the isp's modem/router we'll be able to say more about this.

Please post the output of
Code:

$route
$route -n

on your pc/laptop.

This will help us to determine the address of the gateway for your network (and possibly some other things also).

rknichols 10-15-2012 08:51 AM

Quote:

Originally Posted by MetaMan (Post 4805778)
o_O Why do my computers each have their own external IP? Is this normal? Is there a way I can turn on NAT? I don't like the idea of each my computers being exposed to the interwebz.

I should also mention, because this might be important, that my network setup is a little weird. My ISP gave my what appears to be a modem/router combo (It would do DHCP, NAT, etc. all by itself).

It is very, very strange that you would be issued a combo modem/router and still have a different external IP address on each of your computers. If you go to http://www.whatismyip.com, does the address shown match what each computer is using? And, just what is the model number for that modem/router?

MetaMan 10-16-2012 07:32 PM

Quote:

look for a file with leases in the name, that's where dhcp clients store the info they get from the server .
with a bit of luck it will show the address of the dhcp server.

The 2 most common dhcp clients (dhcpcd and dhclient) store this file in /var/lib/dhcp .
cat-ing the file found in said folder produces this:
Code:

}�W�B������c�Sc56Kf�3�����Kf��Kf��
Quote:

Please post the output of
Code:

$route
$route -n


What package do I need to install? I'm running Arch.
Quote:

It is very, very strange that you would be issued a combo modem/router and still have a different external IP address on each of your computers. If you go to http://www.whatismyip.com, does the address shown match what each computer is using? And, just what is the model number for that modem/router?
Did as you said, and each computer indeed shows up with it's own public IP. Did the cable guy mess up or something? Aren't these address's limited? How can my ISP afford to let each of my computers have it's own IP? I can also ssh into my computer using my public address. (The address seems to change everyday, though) My router/modem is a Comtrend CT-5372.

Also, how do I find the IP of my router?

Lone_Wolf 10-17-2012 03:59 AM

Quote:

Please post the output of
Code:

$route
$route -n

What package do I need to install? I'm running Arch.
same here.

Code:

$ pkgfile route
core/net-tools
extra/bash-completion
$

The one you need is in the net-tools package .

rknichols 10-17-2012 09:43 AM

Quote:

Originally Posted by MetaMan (Post 4807681)
Did as you said, and each computer indeed shows up with it's own public IP. Did the cable guy mess up or something? Aren't these address's limited? How can my ISP afford to let each of my computers have it's own IP? I can also ssh into my computer using my public address. (The address seems to change everyday, though) My router/modem is a Comtrend CT-5372.

Also, how do I find the IP of my router?

Yes, public IPv4 addresses are a precious commodity, and it is very odd that your ISP would allow you to use more than one. That Comtrend CT-5372 is certainly capable of operating as a NAT router.

From the Comtrend CT-5372 manual:
A unique default user account is assigned with user name root and password 12345. The user can change the default password later when logged in to the device.

The default IP address of the CT-5372 (LAN port) is 192.168.1.1. To configure the CT-5372 for the first time, the configuration PC must have a static IP address within the 192.168.1.x subnet. Follow the steps below to configure your PC IP address to use subnet 192.168.1.x.

MetaMan 10-17-2012 03:54 PM

I have the best host name ever :P
Code:

[jesse@ArchBeast ~]$ route
Kernel IP routing table
Destination    Gateway        Genmask        Flags Metric Ref    Use Iface
default        66-6-0-1.d2.itc 0.0.0.0        UG    303    0        0 wlan0
66.6.0.0        *              255.255.240.0  U    303    0        0 wlan0
[jesse@ArchBeast ~]$ route -n
Kernel IP routing table
Destination    Gateway        Genmask        Flags Metric Ref    Use Iface
0.0.0.0        66.6.0.1        0.0.0.0        UG    303    0        0 wlan0
66.6.0.0        0.0.0.0        255.255.240.0  U    303    0        0 wlan0

Is my DHCP coming from 66.6.0.1 then?

EDIT: root and 12345 don't do it for the router.


All times are GMT -5. The time now is 06:29 PM.