This has always confused me.

You know when you setup your windows or linux machine to connect to the internet, you always have to give a "subnet mask". What exactly is this doing? I always use 255.255.255.0.
I understand the basics on subnetting (this number is really /24), but I don't understand how this would work in a real-life situation.

Say I was running a network (ok, I really am) and I use the IP 10.0.0.5, subnet mask 255.255.255.0. What exactly is this saying? What if I used 255.255.255.127?

Subnet mask defines your network. You can use it to allow only connection from it (in such situation it works like a group in Linux).
.127 at the end is 01111111, so for machines in your network only one bit in is important. You can calculate the numbers your machines can have (it's too late for me, I can make a stupid mistake )

I'm not sure 255.255.255.127 is a valid netmask; I think the addresses have to be contiguous.

That mask, as Mara said, defines the scope of your network accessible without a router (yeah, I know about VC's, just keep it simple). If you don't specify a gateway (router), you can still access all IP's covered by your netmask. Also, broadcasts reach all addresses within your netmask scope.

255.255.255.0 means that you can have 255 IP addresses on your network, in your example, 10.0.0.0....254, with .255 being the broadcast address. You can have larger and smaller netmasks - my cable service gives me a netmask of 255.255.240.0, that is, that single network can hold a whopping 4095 IP's. You can make 255.255.255.128 with 127 IP's, and so on. The ...255.0 mask is practical for the human eye since all IP's have the same first 3 digits. A larger netmask has the problem that broadcast traffic from (like on my cable, up to 4095) machines reaches all others and that can make a significant load. Smaller networks increase the number of routers needed, which can be bottlenecks. Usually you find that the default netmask is the most practical, even if you use just two or three machines.

mlp

Thanks for the replies, I think I'm starting to understand...
.127 would be a 7 bit number so it would match the first 7 bits of the octet....so for example, if I used 10.0.0.1/255.255.255.127 then would these assumptions be correct?:
- 10.0.0.0 and 10.0.0.1 would be in the "network"
- broadcast would go to.....10.0.0.2?
- computers can see and access other high numbered computers (like 10.0.0.10) but the broadcast won't reach them.

Is the subnet mask really only needed for broadcasting? I realise it can be interpereted as the definition of a sub-network group, but when it comes time to do something, is the only thing that uses the mask the broadcast?

For the IP address 10.0.0.1 the correct subnet mask is 255.0.0.0
There are 3 classes of IP addresses in use today:
class A=1.x.x.x-126.x.x.x with a net mask of 255.0.0.0
class B=128.0.x.x-191.255.x.x with a net mask of 255.255.0.0
class C=192.0.0.x-223.0.0.x with a net mask of 255.255.255.0

class A has 126 networks and 16,777,214 hosts
class B has 16,384 networks and 65,534 hosts
class C has 2,097,152 networks and 254 hosts

The sub-net mask defines what kind of network and IP address you have.For instance:
A class A IP's sub-net mask is defined by the 1st octet in the address. Within the range of 1 to 126 in the 1st octet the sub-net mask is 255.0.0.0 The last 3 octets in the IP define the hosts.

lynch

Rubbish. The subnet mask could be anything from 255.0.0.0 to 255.255.255.254. It depends entirely on how the network has been organised.


Regards

Classfull subnetting has been obsolete for a number of years now.

Regards

MartBrooks is correct. Classless Inter-Domain Routing (CIDR) is now very common. A network with one host would be a /32 and the netmask would be 255.255.255.255.

--jeremy

Yes it is common.But classful subnetting is still in use,thus it is not obsolete.
And I dont like my posts being called rubbish,but I'll put that down to snobbery.

lynch, classful subnetting is still very much in use. I don't think he was calling the whole post rubbish, just saying that 10.0.0.1 could have a number of netmasks.

--jeremy

I don't think that's right. Think of it that the bits which are "1" must be the same as the IP address, but the bits which are masked "0" can have any value and still match (don't care). With the 127 (01111111), all but the most significant bit must match, so 10.0.0.1 and 10.0.0.129 are a mini-subnet (00000001 and 10000001, differ just in the "masked" bit), 10.0.0.2 and ...130 are one, and so on, so you have subnets with just 2 ip's.

Take an easier example, IP 10.0.0.1 and 255.255.255.248 = ...|11111000. The "000" masks 000,001,010, 011,100,101,110,111 -- 8 numbers as it should be with 3 bits, from 0 through 7. So all hosts with 10.0.0.0, .1,.2,...7 are on the same subnet and receive each other's broadcasts.

So you must look at both the IP and the netmask to know the subnet. So 10.0.0.0/255.255.255.248, 10.0.0.8/255.255.255.248, and 10.0.0.16/255.255.255.248 are three different subnets with the same netmask.

Confused? :-)

mlp

So, I guess the answer to my question about subnet masks is that they are ONLY used for broadcasting. They can also be looked at and the network can be determined from them, but their real use is for broadcasting....

Are there any performance issues here that apply? Say that my network consisted of only 3 computers. Would it be useful to use ...|11111100 as a netmask? Would it gain any speed compared to a netmask of ...|00000000 ?

Thanks a lot for all this info!

i think that the subnet mask is a LAN ip that can detect your machine to internet. sometimes we use machines in LAN so you must use a ip which can detect the internet i did not support that
255.255.255.127 is a localhost that can detect the internet 255.255.255.0 is a intarnet mask i think! good luck!~~

A subnet mask simply determines what subnet an IP address belongs to.

--jeremy

When you use 11111100 as a netmask, you can have 4 different IPs in the network. When your firewall is configured to allow only machines from your subnet to pass, a machine with an IP not in it will not be allowed.
You will gain no extra speed, soory. Not this way