We will now look at the core subject of CCNA certification and, in fact, pretty much any networking certification—IP addressing and learning to subnet. You will need to have this down cold no matter your chosen destination, including security engineer, network designer, server engineer, network architect, cloud engineer, or voice/video networking.
Every device in a network must have a unique IP address, but many of the addresses can’t be used because they are in an excluded range, already belong to a network, or are a broadcast in a network. I can’t tell you how many times I’ve had to clean up problems caused by other IT engineers who didn’t understand IP addressing or subnetting and allocated the wrong IP address to the wrong subnet, causing untold issues to network equipment and servers.
What you will learn in this chapter will serve you well for years to come and will feature heavily in the exam, so take your time and drill it over and over until it becomes second nature.
How Binary Works
In order to understand how IP addressing works, you need to understand binary mathematics. Electronic equipment does not communicate using decimal values. Humans use decimal because it’s a numbering system that uses ten digits, and we have ten fingers on our hands.
Digital electronic equipment works by interpreting the presence or absence of an electrical (or optical) signal. As such, they can only be in two states—On or Off—which are represented by the numbers 1 and 0, respectively. Computers work using a numbering system with two digits, the binary system. A 0 indicates the absence of a signal while a 1 indicates its presence.
FIG 6.1 – On/Off signal status
Any decimal number can be converted from binary values. The larger the number, the more binary bits required to express it. A bit is short for BInary digiT. For every binary value added, it doubles the next number (i.e., 1 to 2 to 4 to 8 to 16 and so on into infinity). With two binary digits, you can count up to 3; just place a 0 or a 1 in the column to decide whether you want to use that value or not.
We will start with only two binary values, in columns 2 and 1:
2 | 1 |
0 | 0 |
0 + 0 = 0
2 | 1 |
0 | 1 |
0 + 1 = 1
2 | 1 |
1 | 0 |
2 + 0 = 2
2 | 1 |
1 | 1 |
2 + 1 = 3
With eight-bit places (an octet), any number from 0 up to 255 can be expressed.
128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |
Adding a 0 to each of these columns will give you a value of 0 in decimal. If you add a 1 in any of the respective columns, you will add that value to the final total, while a 1 in each column will add up to 255, as shown below:
128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 | Total |
0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 255 |
0 | 0 | 1 | 0 | 1 | 1 | 0 | 0 | 44 |
Pay special attention to the binary table below because the values can be used for any subnet mask (more on that later). If you start adding 1 to each column from left to right, you will get the following values:
Table 6-1: Binary values
Binary | Decimal |
10000000 | 128 |
11000000 | 192 |
11100000 | 224 |
11110000 | 240 |
11111000 | 248 |
11111100 | 252 |
11111110 | 254 |
11111111 | 255 |
Make up some of your own binary numbers to ensure that you fully understand this concept.
How Hexadecimal Works
In previous versions of the CCNA exam, having a cursory understanding of hexadecimal, or hex, was a must. Because IPv6 is now a major part of the syllabus, you need to have an even deeper understanding of this numbering system. We will cover IPv6 in the next chapter.
In 1859, Johan Vilhelm Nyström, a Swedish-American civil engineer, inventor, and author, proposed a hexadecimal (base 16) system of notation, arithmetic, and metrology called the Tonal System. Rather than counting in twos or tens, 16 characters are used. Hex numbering starts at 0 and goes up to F:
0 1 2 3 4 5 6 7 8 9 A B C D E F
Each hexadecimal digit actually represents four binary digits, as shown below:
Table 6-2: Decimal to hex to binary conversion
Decimal | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 |
Hex | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 |
Binary | 0000 | 0001 | 0010 | 0011 | 0100 | 0101 | 0110 | 0111 |
Decimal | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 |
Hex | 8 | 9 | A | B | C | D | E | F |
Binary | 1000 | 1001 | 1010 | 1011 | 1100 | 1101 | 1110 | 1111 |
Converting from binary to hex is fairly simple, as illustrated in the example below:
Decimal | 13 | 6 | 2 | 12 |
Hex | D | 6 | 2 | C |
Binary | 1101 | 0110 | 0010 | 1100 |
Hex is a more manageable counting system for humans compared with binary, but it is close enough to binary to be used by computers and networking equipment. As shown below, one hex character is equal to four binary digits. Any number can be expressed using hex, as it can use binary or decimal; it’s just counting in multiples of 16, as in 1, then 16, then 16 multiplied by 16 (256), then 256 multiplied by 16 (4096), and so on.
Hex | 4096 | 256 | 16 | 1 |
1 | A |
Hexadecimal numbering, therefore, is represented as 0 1 2 3 4 5 6 7 8 9 A B C D E F 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F 20 21 22, and so on. 1A (above), for example, is a 1 in the 16 column and an A in the 1 column: 1A = 10 + 16 = 26.
When converting binary to hex, you can make the task easier by breaking down the number into groups of four bits, starting from the right. So, 11110011 becomes 1111 0011. 1111 is 8 + 4 + 2 +1 = 15 and 0011 is 2 + 1 = 3. 15 is F in hex, and 3 is 3, giving us the answer F3.
Hex to binary is the same process. Each hex digit represents four bits. 7C can be split into 7, which is 0111 in binary, and C, which is 1100 in binary (or 12 in decimal). The answer is 01111100.
Have a Try
Here are some examples for you to try. A very useful thing to do would be to write out the charts for working out hex and binary (i.e., for hex a 1 column, then a 16 column, then a 256 column, and so on). The answers are at the end of this chapter (no peeking).
- Convert 1001 (binary) to hex and decimal
- Convert 11011 (binary) to hex and decimal
- Convert 10001 (binary) to hex and decimal
- Convert 29 (decimal) to binary and hex
- Convert 33 (decimal) to binary and hex
- Convert 102 (decimal) to binary and hex
- Convert C7 (hex) to binary and decimal
- Convert FE (hex) to binary and decimal
- Convert B5 (hex) to binary and decimal
In the exam, you are allowed a small whiteboard and dry-erase marker, which will help you work out any binary to hex conversions.
IP Version 4 Addressing
The current version of Internet Protocol (IP) in wide deployment is version 4, and it is explained in RFC 791. IP version 6 (IPv6) is currently in use on a number of networks, either solely or alongside IPv4, and will ultimately replace IPv4 in a gradual phasing-out process. You can still expect to be tested on IPv4 and, in particular, subnetting using IPv4 in the exam so ensure that you know it well.
IPv4 uses four groups of octets to make an IP address, and each octet is made up of eight bits (also known as 1 byte). Therefore, every IP address is 32 bits (4 x 8 = 32), or 4 bytes. An example of how an IPv4 address appears in binary would be:
11000011.11110000.11001011.11111100
1st octet 2nd octet 3rd octet 4th octet
It is worth noting that routers do not see an IPv4 address as four octets; they just see 32 bits. Octets just make things easier for us to see.
When IPv4 addressing was designed in 1981, the thinking was that it would provide enough IP addresses for the foreseeable future. No one predicted the huge growth in home computing (or the invention of mobile devices) that was to come, so this scheme in its initial incarnation had to be amended to cater to the demand. We will cover some of the techniques used to extend the life of IPv4 addresses, such as NAT and VLSM, later on. VLSM stands for Variable Length Subnet Masking, and it allows you to change the default subnet mask value, for example, for Class A using /8 to /12. As stated, we will cover this later in the manual.
Powers of Two
In order to really understand IP addressing, you should understand the powers of two. While it may appear confusing initially, you simply start with the number 2 and keep doubling the previous number. Understanding the powers of two will really help you master subnetting and network design using VLSM, and you will surely be tested on this in the exam. We will apply the powers of two in an easy subnetting system so you can answer network addressing and VLSM questions in a matter of seconds.
The important thing is not the multiplication, it is what is happening to the answers: each time, the number doubles. If you want to work out the powers of two, you would write it like this:
21 = 2 x 1 = 2
22 = 2 x 2 = 4
23 = 2 x 2 x 2 = 8
24 = 2 x 2 x 2 x 2 = 16
25 = 2 x 2 x 2 x 2 x 2 = 32
and so on…
We will come back to the powers of two when we look at easy subnetting and designing subnets, both of which are heavily tested in the CCNA exam and beyond.
IP Addressing
As mentioned, IP addresses consist of binary numbers that are grouped into octets. IPv4 addresses are further divided into classes, from Class A to Class E. IP addresses are assigned by a group called the IANA (Internet Assigned Number Authority). You can also buy one from an ISP who has in turn bought a block from the IANA. The size of a business determines which class of IP address it will be given.
Class A Addresses
Historically, these were given to the very large organizations, as they needed a tremendous number of IP addresses because they owned more computers than everyone else. Class A addresses use only the first octet to identify the network number, while the remaining three octets identify the hosts in the network, as shown below:
Network.Host.Host.Host
10 .2 .5 .4
In the example above, the network is 10, and 2.5.4 is a host in that network. You would pronounce this as ten dot two dot five dot four if reading it out to another engineer.
In binary, the address would be:
00001010.00000010.00000101.00000100
nnnnnnnn.hhhhhhhh.hhhhhhhh.hhhhhhhh
Class A addresses are numbered from 1 to 126 in the first octet. Network equipment identifies a Class A address by the very first bit on the first octet, which is always 0 (a Class A address cannot have a 1 in this bit positiona0. So, the first network number is 1 because you can’t have a network with the number 0.
128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |
0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 |
The last possible network number is 127. (Check this by adding all the values together.) Network number 127 cannot actually be used because the value 127.0.0.1 is reserved for troubleshooting (it’s normally found on a logical interface such as Loopback or Localhost on devices). You can ping the Loopback address to check whether TCP/IP is working on the host.
128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |
0 | 1 | 1 | 1 | 1 | 1 | 1 | 1 |
Because you are not permitted to use 0 or 127 as a network number, this leaves you with 126 available networks for Class A addresses.
A 0 in each of the host address spaces indicates the network number. You need to have at least one digit in there to designate a host address. Hosts can start at number 1 until (almost) every single possible value is used up. To illustrate this concept, we’ll use a network address starting with 10:
10.0.0.1 is the first host. In binary:
00001010.00000000.00000000.00000001
10 . 0 . 0 .1
(as a decimal)
10.0.0.2 is the second host. In binary:
00001010.00000000.00000000.00000010
10 . 0 . 0 .2
If you were allocating the addresses to hosts in the network sequentially, you would eventually use up all the available bits in the three octets, but you can’t use every single host bit (see below).
10.255.255.254 is the last host. In binary:
00001010.11111111.11111111.11111110
Now you can see why we use decimal. It would take a long time to write out addresses in binary and it would be almost impossible to remember them. You can change the router to display all addresses in binary, but there is no reason to do this.
Why can’t 10.255.255.255 be a host? Because when all the binary values have a 1 turned on, on the host part of the address, this tells the network that it is a broadcast packet. As you learned earlier, a broadcast packet is addressed to every host in the network or subnet so it can’t be allocated to an individual host.
Thinking further about this, for the host part of any network address, two addresses can never be used—the network address and the broadcast address. This will become important later in this chapter when you will need to work out the number of hosts per network.
Class B Addresses
Class B addresses were reserved for large organizations that needed a lot of host numbers, but not as many as the largest ones. Unfortunately, when a Class B address was assigned to an organization, it resulted in thousands of wasted host numbers.
Class B addresses must have the first two binary values on the first octet reserved with a 1 and a 0 next to them. So, the first network number is 128, and you can see from the row of zeros that all the available network bits on the first octet are turned off:
128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |
1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
The last available Class B network number is 191 (add the values together) and, as shown below, the available network bits have been turned on (on the first octet):
128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |
1 | 0 | 1 | 1 | 1 | 1 | 1 | 1 |
![]() |
If this is all a bit confusing, just stick with it and go through a few rereads because it will take a while to sink in. It took six weeks for me when I started out! |
For Class B addresses, the first two octets for the network address are used, so for the address 130.24.5.2, 130.24 is the network number and 5.2 is a host in that network. The rule is still the first number that you see in the first octet will always be between 128 and 191, inclusive.
Using the powers of two rule, the first two octets that you will see can have a possible 65,536 (216 = 65,536) networks. However, you are not allowed to use the first two bits of the first octet because they are reserved for showing the 10 value, remember? So, this leaves you with 6 + 8 digits: 214 gives you 16,384 networks.
There are two full octets to use for hosts, so 8 + 8 bits gives you 216 = 65,536 hosts per Class B network, but you have to take two away from this value for the broadcast and subnet (more on this later), so technically, there are 65,534 host addresses.
Class C Addresses
These were originally reserved for any other organization that was not large enough to warrant having a Class A or Class B address. A Class C address has the first three bits reserved so the network device can recognize it as such. The first three bits must show as 110.
The first network number is 192 (128+64), and all the other network bits are off (0):
128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |
1 | 1 | 0 | 0 | 0 | 0 | 0 | 0 |
The last network number is 223, and this time, all the network bits are on (on the first octet):
128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |
1 | 1 | 0 | 1 | 1 | 1 | 1 | 1 |
An example of a Class C address is 200.2.1.4, where 200.2.1 is the network address and .4 is a host in that network. While there are lots of available network numbers to assign to companies, there are a limited amount of numbers free to use for the hosts in the networks.
For networks, the first three bits (110) from the first octet are unavailable, giving you 5 + 8 + 8 = 21 network bits: 221 = 2,097,152.
For the hosts, you have 28 (the last full octet), giving you 256 (only 254 are usable, though, because of the two taken away for the broadcast and subnet).
Class D and Class E Addresses
Class D addresses are reserved for multicast traffic and cannot be used for hosts on your network. Multicast traffic is sent to multiple hosts using one IP address. Some routing protocols use multicast addressing for updates, as you will see later in this guide.
Class D addresses range from 224.0.0.0 to 239.255.255.255
Class E addresses are reserved for experimental research only. They are numbered from 240.0.0.0 to 255.255.255.255.
Summary
To summarize class addresses:
Class A – first bit set to 0
Address range, from 1 to 126 (127 is reserved for testing)
Network.Host.Host.Host
Class B – first bits set to 10
Address range, from 128 to 191
Network.Network.Host.Host
Class C – first bits set to 110
Address range, from 192 to 223
Network.Network.Network.Host
Class D – first bits set to 1110
Address range, from 224 to 239.
Class E – first bits set to 11110
Address range, from 240 to 255.
Looking at the number in the first octet will tell you which class of address you are dealing with:
- 1.2.1 = Class A
- 2.3.4 = Class B
- 3.4.2 = Class C
FIG 6.2 – IP addressing classes summarized
Although you need to understand address classes, it is really only for historical purposes because due to enhancements in IPv4 addressing using VLSM, any class of address can now be allocated to any organization, large or small. We will cover VLSM shortly.
Private IPv4 Addresses
To help prevent wastage of IP addresses, certain addresses are reserved for use on private networks. Any individual or company can use these addresses in their network provided that they do not try to get out to the Internet to use them. The address allocation scheme was suggested in RFC 1918: Address Allocation for Private Internets.
The reserved addresses are:
- x.x.x – any IP address beginning with 10
- 16.x.x to 172.31.x.x – any IP address starting with 172.16 to 172.31, inclusive
- 168.x.x – any IP address starting with 192.168
This idea proved to be an ideal way to avoid wasting thousands of IP addresses. It’s important for you to be able to recognize private addresses, not only for the exam but also in the real world, because you may find customers trying to get out to the Internet to use them and wondering why their ISP is blocking their traffic. If you want hosts using private IP addressing to go out to the Internet, then you need to use Network Address Translation (NAT) to swap it to a routable address. We will cover NAT later in this guide.
Classless Inter-Domain Routing
RFC 1517 through 1520 specifies Classless Inter-Domain Routing (CIDR) features. CIDR removes the need for classes of IP addresses (classless routing), which is yet another solution to the problem of the depletion of IP addresses. CIDR allows for route aggregation whereby a single route in a routing table can represent several network addresses, saving space and routing table size, as well as introducing VLSM. All of these are covered in this guide.
Using CIDR, you no longer need to worry about the class system for addressing networks. Network administrators can now allocate address spaces on an as-needed basis, rather than having to use a Class B address and wasting thousands of spare addresses.
CIDR allows the use of the slash system to represent subnet masks (e.g., /26 instead of 255.255.255.192). Table 6-3 below shows a Class C subnetting chart with the CIDR representation:
Table 6-3: CIDR
Masked Bits | Subnet Mask | CIDR | Subnets | Hosts |
0 | 255.255.255.0 | /24 | 1 network | 254 |
1 | 255.255.255.128 | /25 | 2 | 126 |
2 | 255.255.255.192 | /26 | 4 | 62 |
3 | 255.255.255.224 | /27 | 8 | 30 |
4 | 255.255.255.240 | /28 | 16 | 14 |
5 | 255.255.255.248 | /29 | 32 | 6 |
6 | 255.255.255.252 | /30 | 64 | 2 |
Subnetting
Subnetting can be one of the most difficult subjects to master for a CCNA candidate. There is a long way to subnet and a very short and easy way. It is vital for you to understand how the long way works first, but then in real life and to save time in the exam, you will use the easy way. Please also refer to the free subnetting lessons I provide on www.howtonetwork.com/ccnasimplified, which supplement the lessons in this book.
When working on live networks over the years, I’ve encountered a large number of network engineers who can’t solve simple subnetting issues. They often try to allocate a network address to a host or use a host number in the wrong subnet and then wonder why the host or server can’t reach the default gateway. Make it a priority to master subnetting and then refresh your knowledge every few weeks to stay sharp. You take our learn to subnet course or read the below books.
Address Depletion
Shortly after the IPv4 addressing scheme was implemented, it became apparent that there were not enough addresses to meet demand. More and more organizations were using computers and networking equipment and the then-current scheme was wasting thousands of addresses.
Say, for example, that a company was given a Class A address. Remember that Class A addresses could only be allocated to 126 companies, and the first octet was used for the network while the other three octets were free for use as hosts in the network.
If every combination of numbers on the remaining 24 digits (3 x 8) was used, that would equal over 16 million hosts (16,777,216, in fact) per network. You can actually work out how many networks or hosts using the powers of two. For example, three octets are free for hosts in the network, giving you 24 bits (3 x 8 = 24):
224, or 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2.
224 = 16,777,216
Historically, what happened was that a very large organization would be allocated a Class A address. They would need around 10,000 host addresses and waste the other 16 million plus. Because they owned the network number, it could not be shared with other organizations, so the other addresses were wasted.
Another issue was network broadcasts. You couldn’t split the network into smaller portions (at the time), so the entire network would have to be attached to one router interface, and all the hosts would be in the same broadcast domain.
For a Class B address, the story was very similar:
216 is 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 = 65,536 hosts
Class C addresses were more reasonable, with 28 hosts per network address, which equals 256 hosts. I have not started taking two of the host addresses away for the broadcast and subnet yet because we will cover this shortly.
How to Subnet
As you have learned in the previous sections, the initial way of using IP addresses was very rigid: Class A addresses were fixed with 8 bits for the network and 24 for the hosts; Class B addresses were fixed with 16 bits for the network and 16 for the hosts; and Class C addresses were fixed with 24 bits for the network and 8 for the hosts. There had to be some way to avoid wasting host addresses. The answer came with the introduction of subnetting.
Subnetting involves using bits that are normally used for the host part to be used for the subnet part of the address. In order for routers or PCs to know that subnetting is being used, another number has to be applied to the IP address. This number is known as the subnet mask and it is also in binary.
Think of subnetting as taking a cake and cutting it into slices. You can cut any of those slices into smaller slices (using VLSM). Before subnetting you were not permitted to do this. Now if you have a portion of the network that needs more host addresses, you can give it a bigger slice (subnet). Other parts with a requirement for less hosts can have a smaller slice.
FIG 6.3 – Subnetting: before and after
Today, network devices check each bit on the subnet mask, compared with the bits on the IP address, to determine which parts belong to the network and which belong to the host. A default subnet mask is allocated to each class of address. It is not possible to enter an IP address onto a PC or router without also entering the subnet mask.
Default subnet masks are as follows:
- Class A – 255.0.0.0, or in binary: 00000000.00000000.00000000
- Class B – 255.255.0.0, or in binary: 11111111.00000000.00000000
- Class C – 255.255.255.0, or in binary: 11111111.11111111.11111111.00000000
In the default subnet masks above, the first octet for Class A addresses is reserved for the network number, as are the first two octets for Class B and the first three for Class C.
One rule for subnet masks is that the 1 and 0 network and host bits must be contiguous (i.e., connected), without a break from left to right. So, you can have:
11111111.11111111.00000000.00000000
but you cannot have:
11111111.00011111.00000000.00000000.
When you start to add host addresses from 1, 2, 3, and upward, you will start from the far right:
11111111.11111111.00000000.00000001.
Each part of the IP address is matched with the subnet mask to determine which bits are part of the network identification and which bits are part of the host identification.
Example
10001100.10110011.11110000.11001000 – 140.179.240.200 (Class B)
11111111.11111111.00000000.00000000 – 255.255.0.0 (subnet mask)
———————————————————————————————————
10001100.10110011.00000000.00000000 – 140.179.0.0 (network address)
How did we get this number? The router performs something called logical ANDing. It compares the 1s and 0s to establish which numbers belong to the network and which belong to the host, as shown below:
AND | 0 | 1 |
0 | 0 | 0 |
1 | 0 | 1 |
All the values are compared and, as you can see, anything apart from a 1 and 1 equals 0. Check the example above again to make sure that you understand how it works.
Because you now know which are the network bits and which are the hosts, you can start assigning IP addresses to hosts on your network. If all the host bits are 0, then you cannot use this for a network host. The all 0s represent the subnet; you will see why and how shortly.
140.179.0.0 is your network address (in binary) and it has all the host bits turned off:
10001100.10110011.00000000.00000000
Network. Network. Host. Host
140.179.0.1 can be used for your first host:
10001100.10110011.00000000.00000001
140.179.0.2 can be used for your second host:
10001100.10110011.00000000.00000010
You can see from the bold font in the example above that you are adding host addresses from the far right.
You can keep adding hosts until both the second and third octet are (almost) full.
- 179.0.255 is still a valid host number
- 179.1.255 is still okay
- 179.255.254 is the last host number that you can use.
Here is the last host number in binary:
10001100.10110011.11111111.11111110 – not every host bit is turned on
Why can’t you use the last bit portion above for a host? As you already know, an IP address with all 1s in the host portion is reserved to tell the network that the packet is a broadcast packet. A broadcast packet is a packet that must be examined by all hosts in the network (or, more specifically, all the hosts in this portion of the network, i.e., the subnet). The number below is a broadcast packet to every host in the 140.179 network:
10001100.10110011.11111111.11111111 – 140.179.255.255 in binary has all of the host bits turned on.
Now you can see that you are not permitted to use all 0s for the hosts since this is the network address, and you cannot use all 1s because this is reserved for a broadcast. With this information, you will be able to decide how many available hosts you have per network or subnet.
You can use the power-of-two formula to work out how many hosts you will get on the subnet. Simply multiply two to the power of how many host bits you have and take away two—one for the network/subnet of all 0s and one for the broadcast address of all 1s.
In the example 140.179.0.0 255.255.0.0, you can see that you have the last two octets free (the 0.0) to allocate to hosts in the network. That is, two octets of eight binary bits each, giving you 16 bits.
The formula for the maximum number of hosts (per subnet) is: 2 to the power of n – 2. In the example above, n = 16, so 216 – 2 = 65,534.
You could also just take the number 2 and double it 16 times, so 2, 4, 8, 16, 32, and so on up to 65,536, and then subtract 2. We will actually do this to around the power of 10 when we look at the Subnetting Cheat Chart, which you will be allowed to write out on your whiteboard in the CCNA exam. Doing this will save you a ton of time and will literally make the answer pop out before your eyes.
Do you think it would be practical to have a network with over 65,000 hosts on it? If you had a broadcast in the network, each and every single host in the network would have to stop what it was doing to listen to the broadcast packet to see whether it was the intended recipient.
Let’s steal some bits from the host part of the address and make a subnetwork (or subnet) from those bits. I will write out the network address in longhand to make it easier to understand:
140.179. 00000 000.00000000
[16 bits] [5 bits] [11 bits] [network][subnet][host bits]I have stolen five of the host bits to make the subnet. The advantage of this is having more than one subnet to use and fewer hosts per subnet. Now you can use the powers-of-two formula to work out how many subnets you have and how many hosts per subnet. You do not have to take two away for the subnets because it is a network number (you only take two away for host numbers).
25 (or 2 x 2 x 2 x 2 x 2) = 32 subnets, each with
211 (or 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 – 2) = 2,046 hosts per subnet
Why would you want to do this? Because you will have fewer hosts using the bandwidth on the network segment. It is far easier to administer smaller subnets than one huge network. Additionally, it is desirable to limit the number of broadcasts on a given subnet because each and every host on a subnet must examine the contents of a broadcast packet, whether it is the intended recipient or not.
In an environment with an excessive number of hosts, the number of broadcasts can grow significantly, and while not immediately measurable, this broadcast traffic will lower the overall performance of all the networked systems.
The more host bits you steal, the more subnets you get, but each of those subnets is capable of supporting a lesser number of hosts because there are fewer host bits available. Deciding how many hosts you need and how many hosts per subnet is part of the network design phase. The more host bits you steal means that you have more and more subnets and less host bits available; this is the tradeoff.
Table 6-4 below illustrates a Class B network. Remember that for Class B addresses, you are looking at the third and fourth octets for the bit pattern, as the first two octets are used for the network address and cannot be stolen.
Table 6-4: Subnetting in a Class B network
Bit Pattern (3rd/4th Octet) | CIDR | Masked Bits | Subnets | Hosts per Subnet (2 to the Power of n – 2) |
00000000.00000000 | /16 255.255.0.0 |
0 | 1 (network) | 65,534 |
10000000.00000000 | /17 255.255.128.0 |
1 | 2 | 32,766 |
11000000.00000000 | /18 255.255.192.0 |
2 | 4 | 16,382 |
11100000.00000000 | /19 255.255.224.0 |
3 | 8 | 8,190 |
11110000.00000000 | /20 255.255.240.0 |
4 | 16 | 4,094 |
11111000.00000000 | /21 255.255.248.0 |
5 | 32 | 2,046 |
11111100.00000000 | /22 255.255.252.0 |
6 | 64 | 1,022 |
11111110.00000000 | /23 255.255.254.0 |
7 | 128 | 510 |
11111111.00000000 | /24 255.255.255.0 |
8 | 256 | 254 |
11111111.10000000 | /25 255.255.255.128 | 9 | 512 | 126 |
11111111.11000000 | /26 255.255.255.192 | 10 | 1,024 | 62 |
11111111.11100000 | /27 255.255.255.224 | 11 | 2,048 | 30 |
11111111.11110000 | /28 255.255.255.240 | 12 | 4,096 | 14 |
11111111.11111000 | /29 255.255.255.248 | 13 | 8,192 | 6 |
11111111.11111100 | /30 255.255.255.252 | 14 | 16,384 | 2 |
11111111.11111110 | /31 255.255.255.254 | 15 | 32,768 | 0 |
*In modern networks, a /31 subnet mask can be used on point-to-point links between two routers since a broadcast and a network address is not needed. Try it for yourself between two routers. This will require IOS 12.2(2)T or later.
R1(config)#int s0/0
R1(config-if)#ip add 192.168.1.1 255.255.255.254
R1(config-if)#end
R1# show int s0/0
Serial0/0 is up, line protocol is up
Hardware is GT96K Serial
Internet address is 192.168.1.1/31
There are a ton of examples with solutions in our 101 Labs – IP Subnetting book.
How to Write Subnet Masks
As with IP addresses, subnet masks are expressed in dotted decimal notation (each of the octets in a subnet mask is converted to decimal and separated with a dot).
If you steal five host bits from the third octet, you have to add the binary values together:
128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |
1 | 1 | 1 | 1 | 1 | 0 | 0 | 0 |
So, you have 128 + 64 + 32 + 16 + 8 = 248.
Remember that you are using a Class B example here and are working with the third octet, and you are not allowed to alter the first two octets because they are fixed. This results in the following:
255.255.248.0
This tells the router that you are subnetting and that you are using the first five host bits to carve out the subnets.
Things can get a little bit (more) complicated, and you can no longer rely on what your eyes are telling you because the router is looking at a binary value, and you are looking at a decimal value. Do not worry too much though, as we will look at easy subnetting later.
In order for the router to know whether a host is on a certain subnet, it looks at the masked bits. If all of the masked bits match, then it follows that the host must be in the same subnet. If the subnet bits do not match, then the hosts are in different subnets. This all happens in a matter of milliseconds on the router.
Let’s examine the following IP address: 129.10.147.0 255.255.248.0
Again, this is a Class B address, and you are stealing five bits for subnetting. You know that you have stolen five bits because 248 in binary is 11111000, which is five masked bits:
10000001.00001010.10010011.00010000 129.10.147.32
10000001.00001010.10010100.01010101 129.10.148.85
You can see that both subnet bits in the example above match. This means that both host addresses are in the same subnet. Here is another example:
10000001.00001010.10011010.00000010 129.10.154.2
This time one of the subnet bits has changed, so the router or PC can that see it is a different subnet. Unfortunately, when you write it out in decimal, it is not very easy to see that this third IP address is in a different subnet.
Changing the Subnet Representation
Although subnet masks are displayed as dotted decimal, the format can be changed to bit count or hex with the ip netmask-format bit command. It is very unlikely that you would ever need or in fact want to do this, but the command is available should you need it.
Router#show interface Serial0/0
Serial0/0 is administratively down, line protocol is down
Hardware is HD64570
Internet address is 192.168.1.1 255.255.255.0
Router#terminal ip netmask-format ?
bit-count Display netmask as number of significant bits
decimal Display netmask in dotted decimal
hexadecimal Display netmask in hexadecimal
Router#terminal ip netmask-format bit-count
Router#show interface Serial0/0
Serial0/0 is administratively down, line protocol is down
Hardware is HD64570
Internet address is 192.168.1.1/24
The bit count shows the address with a slash value, such as 192.168.1.1/24, while decimal displays the subnet mask in dotted decimal, such as 255.255.255.0, and hex shows the mask in hex, such as 0XFFFFFF00.
There are only certain values available to use as a subnet mask due to binary mathematics. If you calculate a subnet mask and it is some other value such as 160, it is clearly wrong!
Table 6-5: Class B subnet mask values
Binary Value | Subnet Value |
00000000 | 0 |
10000000 | 128 |
11000000 | 192 |
11100000 | 224 |
11110000 | 240 |
11111000 | 248 |
11111100 | 252 |
11111110 | 254 |
11111111 | 255 |
How Many Subnets and How Many Hosts?
Understanding my easy subnetting formula is crucial to passing the CCNA exam, as well as to designing and troubleshooting subnets in real-life networking. Many networking emergencies can be avoided by planning for future requirements during the design stage.
When planning a network addressing scheme, always ask clients what their expected growth for the next few years is and account for that. Never design a network addressing scheme for what they have currently.
The typical types of exam questions will be something like you are given a network ID and subnet mask and are asked to calculate how many subnets you can form and how many hosts there are per subnet. Or, you will be given an IP address and subnet mask and will be asked which subnet the address is in. You might also be asked to indicate the broadcast address associated with the IP address and subnet mask.
It all boils down to the powers of two:
255.255.224.0
11111111.11111111.11100000.00000000
[16 bits] [3 bits][13 bits] [Network] [Subnet][Host]In the Class B example above, you can see that 224 has been converted to its binary value of 11100000, and you have three subnet bits to use. You can use every combination of three binary numbers to make up different subnets:
000, 001, 010, 011, 100, 101, 110, 111
Up until fairly recently, we would have had to disregard the network 000 because this was the subnet, and we could not use the network 111 because it was for the broadcast. This is no longer the case (as of RFC 1878). I only mention it for those readers who have been in IT for 10 or more years and learned the old method. The command that allows us to use the first and last subnet is ip subnet-zero, which is now turned on by default on Cisco routers.
Alternatively:
How many subnets?
23 = (2 x 2 x 2) = 8
How many hosts? (you have 13 bits left for the host addresses)
213 – 2 = 8,190
So, for this subnet mask, you can see that you have eight subnets and each subnet has 8,190 hosts available for use.
Another Example
What are the first host and broadcast address for 131.107.32.0 255.255.224.0?
This is a Class B address, and you are taking three of the host bits (three binary bits is 11100000, which is 128 + 64 + 32 = 224). The last bit is 32, and you will use this as the count for subnets (i.e., they are all increments of 32 starting at zero, for example, 0, 32, 64, 96, etc.). There is no room to fit in every subnet permutation, so you will have to shorten the output to the subnet you are being asked about:
11111111.11111111.11100000.00000000 255.255.224.0 (subnet mask)
10000011.01101011.00100000.00000000 131.107.32.0* (this is the subnet)
10000011.01101011.00100000.00000001 131.107.32.1 (this is the first host)
10000011.01101011.00100000.00000010 131.107.32.2 (this is the second host)
10000011.01101011.00100000.00000011 131.107.32.3 (this is the third host)
10000011.01101011.00100001.11111111 131.107.33.255 (keep counting up)
10000011.01101011.00100011.11111111 131.107.35.255 (keep going)
10000011.01101011.00100111.11111110 131.107.39.254 (keep going)
10000011.01101011.00111111.11111110 131.107.63.254 (this is the last host)
10000011.01101011.00111111.11111111 131.107.63.255 (broadcast address)
So, the hosts are 131.107.32.1 to 131.107.63.254 (8,190 in total)
131.107.32.0 = the subnet and 131.107.63.255 = the broadcast address for this subnet
Because the IP addresses changed from 32.1 and then 33.255 all the way up to 63.254, it is easy to look at them and mistake them for different subnets. When you write out the addresses correctly, you can see that all of the hosts above are in the same subnet. Also, note that the third octet always starts with 001, so you know that all the host addresses are in the same subnet.
This means that they will all have to be attached to one router interface. You cannot decide to put half of your addresses on one side of the router and half on the other. Many engineers have made this mistake and then wasted hours trying to troubleshoot the problem.
In the example above, the first subnet would be 131.107.0.0, which is the zero subnet. We will look at this shortly.
Shortcut Method
Writing out IP addresses and subnets in binary is very time-consuming. There is a quicker way to do this, which we’ll cover before we look at an even easier method. Just follow five simple steps:
- How many subnets?
2 to the power of masked bits, or 2x
- How many hosts per subnet?
2 to the power of unmasked bits – 2
- What are the valid subnets?
256 – the right-most non-zero subnet to give you the subnet increment
- What are the valid hosts per subnet?
- What is the broadcast address of the subnet?
Example
Which subnet is 131.107.32.1 255.255.224.0 in?
255.255.224.0 is 11111111.11111111.11100000.00000000 in binary.
You could actually write this out with a slash mask of /19 (19 masked network bits or 1s). You can see that you are subnetting on the third octet here.
- How many subnets?
You have stolen three bits (128 + 64 + 32 = 224 subnet), so:
23 = 8 subnets (or 2 x 2 x 2 = 8)
- How many hosts per subnet?
You have 13 bits left for hosts, so:
213 – 2 = 8,190 hosts
- What are the valid subnets?
Take the right-most non-zero subnet (224) away from 256.
256 – 224 = 32
This part is crucial. If you get it wrong, then all of your subnetting will be off, so double-check it. Some people make the mistake of doubling the numbers (i.e., 32, 64, 128, etc.). The Subnetting Cheat Chart will actually make this step easier.
You now know that you have eight valid subnets, and each subnet will be an increment of 32. You can start at 0 if subnet zero is permitted: 0, 32, 64, 96, 128, 160, 192, 224. (0 and 224 are valid because subnet zero is allowed.)
- What are the valid hosts per subnet?
It is best to write out the subnet number and the next subnet number. From this, you can work out the first and valid hosts.
1st subnet: 131.107.0.0 – This is the zero subnet
2nd subnet: 131.107.32.0 – 131.107.32.1 is in this subnet
3rd subnet: 131.107.64.0
4th subnet: 131.107.96.0
5th subnet: 131.107.128.0
6th subnet: 131.107.160.0
7th subnet: 131.107.192.0
8th subnet: 131.107.224.0
So, now you know that you can use any number, including the 224 subnet. It is fairly clear from the list above that the host address you are looking for is in the second subnet, so you can look at the available host numbers in this subnet.
Subnet: 131.107.32.0
1st host: 131.107.32.1
2nd host: 131.107.32.2
3rd host: 131.107.32.3 … You could keep going, but there are over 8,000 hosts…
Last host: 131.107.63.254 (take one away for the broadcast to get this value)
Broadcast: 131.107.63.255 (take one away from the next subnet [131.107.64.0] to get this value).
For the third or .64 subnet, follow the same process of writing out the subnet and broadcast address. You can work out the broadcast address by writing out the next subnet. The subnet starting 131.107.64 is the third of the eight subnets. Take one away from that to determine the broadcast address for the previous subnet.
Subnet: 131.107.64.0 (take one away to get the broadcast for the .32 subnet)
1st host: 131.107.64.1
Last host: 131.107.95.254
Broadcast: 131.107.95.255
You could go on, but you can see that you’ve gone past the IP address you were trying to find, which is 131.107.32.1.
- What is the broadcast address?
The broadcast address is 131.107.63.255
It’s pretty easy to work this out if you write out the subnets first.
What just happened there?
Without being able to see the whole thing in binary, it does look a little strange. You just have to have confidence that the method works and if in doubt, go back to binary. You can prove that the broadcast address is such by checking to see whether it’s all 1s in binary. The last host will be the last number you can use without having all 1s (255 in decimal):
10000011.01101011.00111111.11111110 131.107.63.254 (one host bit not on)
10000011.01101011.00111111.11111111 131.107.63.255 (all host bits on here)
The underlined bits are the subnet bits. The .254 has all the host bits apart from one turned on. The broadcast address has all the host bits turned on. This tells the network that it is a broadcast packet to the subnet.
If you follow the process for each subnet using a subnet number of 255.255.224.0 going up in increments of 32, you will get the following host address ranges:
Subnet 1: 131.107.0.1 to 131.107.31.254
Subnet 2: 131.107.32.1 to 131.107.63.254 – You can see that host 32.1 is in this subnet
Subnet 3: 131.107.64.1 to 131.107.95.254
Subnet 4: 131.107.96.1 to 131.107.127.254
Subnet 5: 131.107.128.1 to 131.107.159.254
Subnet 6: 131.107.160.1 to 131.107.191.254
Subnet 7: 131.107.192.1 to 131.107.223.254
Subnet 8: 131.107.224.1 to 131.107.255.254
Another Example
Which subnet is host 10.20.1.23 255.240.0.0 in?
Take four bits (240 in binary is 11110000, or 128 + 64 + 32 + 16) to make subnets from, since Class A addresses normally have the default of eight bits:
255.0.0.0 is 11111111.11110000.00000000.00000000 in binary. Or, you can shorten it to 10.20.1.23 /12.
- How many subnets?
24 = 16
- How many hosts per subnet?
You have 20 bits left for hosts, so:
220 – 2 = 1,048,574 hosts per subnet
- What are the valid subnets?
256 – 240 = 16 (the increment, so the subnets go up in increments of 16)
10.0.0.0 (the zero subnet)
10.16.0.0
10.32.0.0
10.48.0.0 …all the way up to…
10.224.0.0
10.240.0.0
- What are the valid hosts per subnets/broadcasts?
10.0.0.0 – Hosts 10.0.0.1 to 10.15.255.254
10.16.0.0 – Hosts 10.16.0.1 to 10.31.255.254 – 10.20.1.23 is in this subnet
10.32.0.0 – Hosts 10.32.0.1 to 10.47.255.254
10.48.0.0 – Hosts 10.48.0.1 to 10.63.255.254
10.64.0.0 and so on…
10.224.0.0 – Hosts 10.224.0.1 to 10.239.255.254
10.240.0.0 – Hosts 10.240.0.1 to 10.255.255.254
- What are the broadcast addresses?
This is the last address before each subnet
10.15.255.254 is the last host on the first subnet
10.15.255.255 is the broadcast address for the first subnet
10.16.0.0 is the next subnet
10.16.0.1 is the first host on the next subnet
10.31.255.254 is the last host
10.31.255.255 is the broadcast address
10.32.0.0 is the next subnet
10.47.255.255 is the broadcast address on the third subnet
10.48.0.0 is the next subnet, etc.
You’ve already gone past the answer to the question. Now you will learn how to shorten these five steps.
Example
Which subnet is host 192.168.21.41/28 in?
The first and most important task is to work out how to change the /28 mask into a full subnet mask. You already know that each octet is eight binary bits and 8 + 8 + 8 = 24 binary bits, which is 255.255.255.0. You need to add 4 to 24 to get 28, which is 128 + 64 + 32 + 16 binary places, or 11110000, or 240. The Subnetting Cheat Chart (shown later) will make this task so easy you will wonder what all the fuss was about.
With four bits of masking, you now have 24 = 16 subnets. This leaves four bits for the hosts, which is 24 – 2 = 14 hosts per subnet. You weren’t asked how to answer this question but the exam could easily tag this on as part of the question above.
The subnet mask is 255.255.255.240 (four masked bits on the last octet).
256 – 240 = 16 increments
Now count up in subnets until you find the one where host 41 is residing (subnet 3 below):
Subnet 1: 192.168.21.0 hosts 1–14 (broadcast = 15) – This is the zero subnet
Subnet 2: 192.168.21.16 hosts 17–30 (broadcast = 31)
Subnet 3: 192.168.21.32 hosts 33–46 (broadcast = 47) – 41 is in this range
Subnet 4: 192.168.21.48 hosts 49–62 (broadcast = 63)
Subnet 5: 192.168.21.64 hosts 65–78 (broadcast = 79)
and so on … up to …
Subnet 16: 192.168.21.240 hosts 241–254 (broadcast = 255)
In the exam, I always found the correct subnet the host was in and counted one more up just in case I made a mistake. However, there are no extra points for counting up higher and time is ticking away.
Example
Which subnet is host 10.65.2.5/10 in?
Turn the /10 into a subnet mask. 255 is eight binary bits, so you need to add 2 to get to 10.
Two binary bits is 128 + 64, which is 192, or 11000000.
Two masked subnet bits = 255.192.0.0.
22 = 4 subnets.
You have 222 – 2 = 4,194,302 hosts per subnet.
256 – 192 = 64 increments (for the subnets)
Subnet 1: 10.0.0.0 hosts 10.0.0.1–10.63.255.254 (broadcast = 255)
Subnet 2: 10.64.0.0 hosts 10.64.0.1–10.127.255.254 (broadcast = 255) – Host 10.65.2.5 is in this range
Subnet 3: 10.128.0.0 hosts 10.128.0.1–10.191.255.254 (broadcast = 255)
Subnet 4: 10.192.0.0 hosts 10.192.0.1–10.255.255.254 (broadcast = 255)
Let’s use the Subnetting Cheat Chart to answer the next question. If this is the first time you’ve read this chapter, then do the next example the second time you read it.
Example
Which subnet is 192.168.100.203/27 in?
You know that three binary octets are 24 bits, and to get to 27, you need to add three bits. If you have already done a read-through of this chapter and have seen the Subnetting Cheat Chart (below), you will know that you can easily tick down three numbers on the top subnetting part of the chart. This will give you the value 224.
So, the subnet /27 is 255.255.255.224. You can then tick three across the top to get the subnet increment, which is 32 (or just take 224 away from 256, if you prefer).
You are subnetting on the fourth octet, so just add up the subnets until you get to the one with the number 203 in it. I prefer to start with a multiple of 32 to save time (160, for example), but you may prefer to start with 0, 32, 64, etc. for now.
Just remember that in the exam, time is of the essence.
Subnet 1: 192.168.100.0 hosts 1–30 (broadcast = 31)
Subnet 2: 192.168.100.32 hosts 33–62 (broadcast = 63)
Subnet 3: 192.168.100.64 hosts 65–94 (broadcast = 95)
Subnet 4: 192.168.100.96 hosts 97–126 (broadcast = 127)
Subnet 5: 192.168.100.128 hosts 129–158 (broadcast = 159)
Subnet 6: 192.168.100.160 hosts 161–190 (broadcast = 191)
Subnet 7: 192.168.100.192 hosts 193–222 (broadcast = 223) – Host 203 is in this subnet
Subnet 8: 192.168.100.224 hosts 225–254 (broadcast = 255)
The host 192.168.100.203 is in the subnet 192.168.100.192.
In the exam, you will have one of the two types of subnetting questions. The first type you have just worked through: given a certain network number and subnet mask, you need to determine which subnet the IP address is in. The second type of question will ask you to design a subnet mask to give a customer a certain number of hosts and a certain number of subnets.
Working out How Many Hosts and How Many Subnets
The special chart below will enable you to answer any question in the exam. I call it the Subnetting Cheat Chart. This chart will ensure that you can answer any subnetting question in the exam within 30 seconds after practice; just watch and see for yourself. In the exam, you will be given a small whiteboard and a dry-erase marker that you can use to write out the chart below:
Subnetting Cheat Chart
Bits | 128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 | |
Subnets | |||||||||
128 | |||||||||
192 | |||||||||
224 | |||||||||
240 | |||||||||
248 | |||||||||
252 | |||||||||
254 | |||||||||
255 | |||||||||
Powers of Two | Subnets | Hosts
Minus 2 |
|||||||
2 | |||||||||
4 | |||||||||
8 | |||||||||
16 | |||||||||
32 | |||||||||
64 | |||||||||
128 | |||||||||
256 | |||||||||
512 | |||||||||
1024 | |||||||||
2048 | |||||||||
4096 | |||||||||
8192 | |||||||||
16,384 |
What the Subnetting Cheat Chart helps you to do is easily and quickly work out how many bits are being used for subnetting, which subnet the host is in, how many hosts per subnet, and how many subnets. Let’s look at a design example.
How many subnets and hosts does 192.168.2.0/26 give you?
First, take an extra two bits from the normal 24-bit mask. Tick off two numbers down in the upper portion of the chart (128 and then 192), giving you the mask of 192; or, to be more specific, 255.255.255.192.
You can work out that it is two bits being used if you remember that each octet count is eight. 255.0.0.0 is eight binary bits, 255.255.0.0 is 16, and 255.255.255.0 is 24. If you have a /26 mask, then you need to add two onto the 255.255.255.0 mask, which is 24 bits plus two more (or 255.255.255.192).
You’ve taken two bits for the subnet, so in the Subnets column on the bottom part of the chart, tick down two numbers (2 and then 4). This gives you four subnets.
Now you know you have six bits left for the hosts (8 – 2 = 6 bits remaining), so tick off six places down in the Hosts Minus 2 column to get the number of hosts. You will always use the bottom part of the chart first when trying to work out how many subnets and hosts per subnet. If you’re trying to work out which subnet a host address is in, use the top part of the chart.
Six down in the Hosts Minus 2 column gives you 64; take two away for the subnet and broadcast and that gives you 62 hosts per subnet. You can see that I also ticked across two in the Bits row, showing that the subnets go up in increments of 64.
Easy, isn’t it?
Subnetting Cheat Chart
Bits | 128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 | |
Subnets | √ | √ | |||||||
128 | √ | ||||||||
192 | √ | ||||||||
224 | |||||||||
240 | |||||||||
248 | |||||||||
252 | |||||||||
254 | |||||||||
255 | |||||||||
Powers of Two | Subnets | Hosts Minus 2 | |||||||
2 | √ | √ | |||||||
4 | √ | √ | |||||||
8 | √ | ||||||||
16 | √ | ||||||||
32 | √ | ||||||||
64 | √ | ||||||||
128 | |||||||||
256 | |||||||||
512 | |||||||||
1024 | |||||||||
2048 | |||||||||
4096 | |||||||||
8192 | |||||||||
16,384 |
Another Example
You are given a network address of 192.168.5.0 255.255.255.0. You are the network administrator, and you need to subnet this address to make six subnets, each with at least 15 hosts per subnet.
Go back to the chart and tick down the Subnets column on the bottom part of the chart until you get to a number that gives you six subnets: 2 and 4 will not be enough, but 8 gives you six subnets with two extra (it is okay if you have to go just over). So now you need to steal three bits for subnetting. Count down three in the Subnets column in the upper part of the chart, starting at 128, then 192, and finally 224.
Stealing three bits leaves you five bits left for hosts per subnet. If you tick down five places in the Hosts Minus 2 column, you will see that this gives you 30 (32 – 2) hosts per subnet, which is more than enough for your requirements.
The answer is that you need subnet 255.255.255.224 (or a /27 mask) to get your six subnets. If you tick down three in the bottom Subnets column (which is 8), you can tick down three in the upper Subnets column to determine the correct subnet mask (which is 224). In the Bits row, you can see that the subnets go up in increments of 32.
Subnetting Cheat Chart
Bits | 128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 | |
Subnets | √ | √ | √ | ||||||
128 | √ | ||||||||
192 | √ | ||||||||
224 | √ | ||||||||
240 | |||||||||
248 | |||||||||
252 | |||||||||
254 | |||||||||
255 | |||||||||
Powers of Two | Subnets | Hosts Minus 2 | |||||||
2 | √ | √ | |||||||
4 | √ | √ | |||||||
8 | √ | √ | |||||||
16 | √ | ||||||||
32 | √ | ||||||||
64 | |||||||||
128 | |||||||||
256 | |||||||||
512 | |||||||||
1024 | |||||||||
2048 | |||||||||
4096 | |||||||||
8192 | |||||||||
16,384 |
Let’s do one final example, this time back to which subnet a certain host is in:
Which subnet is host 172.16.100.119/29 in?
This is a Class B address, but for subnetting you don’t need to concern yourself with that. You just need to look at which octet the subnetting is happening in.
Because the third octet is already filled in with binary 1s, we will disregard it (to save time) and look only at the last octet.
/29 is five places into the last octet, so in the upper part of the chart, start by ticking five places across in the Bits row and then five down in the Subnets column. You can now see that you have a subnet mask of 255.255.255.248 and the subnets are going up in increments of 8.
Subnetting Cheat Chart
Bits | 128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 | |
Subnets | √ | √ | √ | √ | √ | ||||
128 | √ | ||||||||
192 | √ | ||||||||
224 | √ | ||||||||
240 | √ | ||||||||
248 | √ | ||||||||
252 | |||||||||
254 | |||||||||
255 | |||||||||
Powers of Two | Subnets | Hosts Minus 2 | |||||||
2 | |||||||||
4 | |||||||||
8 | |||||||||
16 | |||||||||
32 | |||||||||
64 | |||||||||
128 | |||||||||
256 | |||||||||
512 |
Unfortunately, you are counting up in increments of 8, meaning that if you were creating a chart at work for allocating subnets, you would start with 172.16.0.0, then 172.16.0.8, and so on (until you’ve worked out all 8,192 subnets), but you need to answer the exam question quickly. With this in mind, let’s focus only on the last octet because this is where you’ll find the host address:
172.16.100.0
172.16.100.8
This will still take too long, so jump up from values of 8 to 80.
172.16.100.80
172.16.100.88
172.16.100.96
172.16.100.104
172.16.100.112 – Host 172.16.100.119 is in this subnet
172.16.100.120
With practice, you should be able to answer most subnetting questions in around 30 seconds if you use the chart. There are some free examples using the subnetting chart at the resources URL below, so please refer to them also:
https://www.howtonetwork.com/ccnasimplified
IP Subnetting – Zero to Guru
101 Labs – IP Subnetting – Available on Amazon
Secondary IP Address
You are not restricted to using just one IP address on an interface of a Cisco router. You can assign an unlimited number of addresses using the ip address [ip address] [subnet mask] secondary command:
Router#config t
Router(config)#interface Serial0/0
Router(config-if)#ip address 192.168.1.1 255.255.255.0
Router(config-if)#ip address 192.168.2.1 255.255.255.0 secondary
You may need to do this because you need to use more than one subnet on the same physical segment of the network. An example of this would be an insufficient amount of host addresses available for the subnet you are using. In the real world, secondary IP addresses should be used only as a temporary workaround. For a permanent solution, you should use sub interfaces or SVIs for each subnet.
It’s also worth noting that each interface should be in a separate subnet. If you try to use two addresses from the same subnet on different interfaces, the router will throw an error message. Try it for yourself:
R1(config)#int f0/0
R1(config-if)#ip add 192.168.1.1 255.255.255.0
R1(config-if)#no shut
R1(config-if)#int f0/1
R1(config-if)#ip add 192.168.1.2 255.255.255.0
R1(config-if)#no shut
% 192.168.1.0 overlaps with FastEthernet0/1
FastEthernet0/0: incorrect IP address assignment
Route Summarization
There are many millions of routes on the Internet. If all these routes had to be stored individually, the Internet would have come to a stop many years ago. Route summarization, also known as supernetting or address aggregation, was proposed in RFC 1338, which you can read online by visiting http://www.faqs.org/rfcs/rfc1338.html. Route summarization allows a router to advertise a summary of a group of networks it can reach. This conserves network resources by reducing routing table sizes and bandwidth because fewer routes are advertised.
For example, if you drive along a street with 10 avenues attached, each avenue could have a sign at the end showing a summary of the houses you will find, such as 1–10 Alphabet Ave., 11–20 Alphabet Ave., etc. At the very end of the street there could be another sign showing you 1–100 Alphabet Ave., with a summary of the 10 Alphabet Avenues.
Working Out Summary Routes
The easy way to establish the summary route you can advertise is to write out the common binary bits and write out the subnet mask, along with the lowest subnet:
192.168.100.128/27
192.168.100.160/27
192.168.100.192/27
192.168.100.224/27
In the example above, all the binary bits in the first three octets will agree because the numbers are all exactly the same. The last octet does differ though:
128 = 10000000
160 = 10100000
192 = 11000000
224 = 11100000
The only bit that matches on all of the above subnets is the first one. If you add that to the first three octets, you will have 25 matching bits: 192.168.100.128/25. You would advertise 192.168.100.128/25 for these routes as a summary route.
Route Summarization Prerequisites
Many network engineers put little or no thought into their IP addressing, and when it comes to sending out a summary route, they find that it isn’t possible. If you chose random subnets for your network, you would not be able to summarize them because the numbers are not contiguous.
As well as having contiguous addressing of subnets, you must use a routing protocol that supports VLSM, such as RIPv2 (Routing Information Protocol version 2), EIGRP (Enhanced Interior Gateway Routing Protocol), or OSPF (Open Shortest Path First). This is not usually a problem because classful protocols such as RIP and IGRP are rarely used.
After you have passed your CCNA exam, I urge you to take the Cisco Certified Network Professional (CCNP) exam, which includes many of the subjects from the CCNA, because it will give you a very strong understanding of network design principles. Not many engineers are good at both, which means that you will have a big advantage over them. The design elective is called ‘Designing Cisco Enterprise Networks (ENSLD).’
Breaking the Subnet Boundary
You know that you can’t apply a Class A subnet mask to a Class C IP address such as 192.168.1.1/11 because you are trying to use network bits for host bits. But, if you are advertising a summary route, you can reduce the subnet mask so that a group of Class C networks can be advertised with a mask of /12, for example.
In the network addresses below, you only need to find the common bits in the subnet mask and apply that to the lowest available subnet.
CIDR also allows for supernetting, which enables you to advertise a summary of your network addresses, providing that you have a contiguous block. For example, if you owned the networks 172.16.20.0/24 up to 172.16.23.0/24, then you could advertise the single network 172.16.20.0/22 out to the Internet. The advantage of this is greater efficiency by saving bandwidth. This is also known as route summarization.
Route summarization only works if you first calculate the addresses in binary:
11111111.11111111.11111111.00000000 = 24-bit mask
10101100.00010000.00010100.00000000 = 172.16.20.0
10101100.00010000.00010101.00000000 = 172.16.21.0
10101100.00010000.00010110.00000000 = 172.16.22.0
10101100.00010000.00010111.00000000 = 172.16.23.0
All of the underlined parts of the address are common and can be aggregated with one subnet mask to advertise them all. There are 22 common bits, so you can use the mask 255.255.252.0 or /22 to advertise the entire block of addresses. Figure 6.4 below shows the summarized network being advertised:
FIG 6.4 – Supernetting reduces the number of routes advertised
A carefully planned IP addressing scheme is designed with summarization in mind. The advantages are many but primarily they are reduced routing tables (saving router CPU and bandwidth) and easier network management and troubleshooting, making your life as a network administrator far easier.
VLSM
Although subnetting provides a useful mechanism to improve the IP addressing issue, in the past, network administrators were only able to use one subnet mask for an entire network. RFC 1009 addressed this issue by allowing a subnetted network to use more than one subnet mask.
Think of it as being given a large slice of cake. You can cut that slice of cake into two (or more) pieces, or you could take one of the two slices and cut that into smaller slices. It’s basically subnetting a subnet.
Today, a network administrator can have a Class B address with a 255.255.192.0 mask and further break down that subnet into smaller units with more masks, such as 255.255.224.0. Instead of writing out the subnets in decimal, engineers in the real-world use something called a slash address, writing out how many bits are used for subnetting. Some examples of this are shown below:
255.255.0.0 can be expressed as /16 because there are 16 binary bits masked.
11111111.11111111.00000000.00000000 = 16 on or masked bits.
255.255.192.0 can be expressed as /18 because there are 18 binary bits masked.
11111111.11111111.11000000.00000000 = 18 on or masked bits.
255.255.240.0 can be expressed as /20 because there are 20 binary bits masked.
11111111.11111111.11110000.00000000 = 20 on or masked bits.
It is best to illustrate this with an example, as in Figure 6.5 below:
FIG 6.5 – ACME Company with no VLSM
You may have spotted a few problems with the addressing scheme above. The most important issue is the breach of the conservation of IP addresses. If you are using RFC 1918 addresses (i.e., non-routable, such as 10.x.x.x), then perhaps you may not be worried about address wastage, but this is very bad practice, and for Cisco exams, you will be expected to conserve IP addresses. With a /28 mask (or 255.255.255.240), you have 14 hosts per subnet. This may be fine for your LAN on either end, but for your WAN connection, you only need two IP addresses, which wastes 12 addresses. You could change the masks to /30 (or 255.255.255.252), but then for your LANs, you will obviously need more than two hosts.
The first workaround is to buy a separate network address for each network (two LANs and one WAN) but this would prove expensive and unnecessary. The other alternative is to break down the subnet further using VLSM, which is actually what it was designed to do!
FIG 6.6 – ACME Company with VLSM
In Figure 6.6 above, you can see that the WAN link now has a /30 mask, which produces two usable hosts. You also have a tighter addressing allocation. If ACME Company expands (as companies often do), you can easily allocate further WAN links and LANs.
FIG 6.7 – ACME Company with a new office
In Figure 6.7 above, you can see that ACME Company has now grown and added a remote office. Because you have taken the time to plan and allocate a carefully thought out VLSM scheme, you can simply allocate the next block of IP addresses.
But will the IP addresses clash? This is a very common question and it’s a valid one. Let’s say you have address 19.16.1.1/28 for one of your LANs. You will not, therefore, be able to use the IP address 19.16.1.1 with any other subnet mask. The IP address can only be used once, no matter which subnet mask is attached to it.
This is a bit of a head scratcher for people who are new to networking or subnetting, but it does work. The general concept here is that VLSM does not remove the need for unique IP addresses, it just helps to efficiently manage their use.
VLSM Practice for the CCNA Exam
Here is a network you have been asked to design an addressing scheme for:
FIG 6.8 – ACME II Company
In Figure 6.8 above, ACME II Company has been allocated the 200.100.100.x network, with a default mask of 255.255.255.0. If you keep the standard mask, you will be left with one network with 254 usable hosts. Using the bottom half of the Subnetting Cheat Chart introduced earlier, tick down eight places in the Hosts Minus 2 column, which would give you one subnet with 256 – 2 hosts, or 254 hosts.
The challenge is this: You have three Serial connections and each requires only two usable host addresses. You also have four LANs that need between 20 and 100 hosts. If you design a mask to give you 20 to 100 hosts, you will be wasting a lot of addresses. To get 100 hosts, tick down seven places in the Hosts Minus 2 column, which would give you a mask of 255.255.255.128 (because you have only one bit left to tick down in the Subnets column). This gives you 126 hosts (128 – 2). You would then have two networks: one starting at 200.100.100.0 and one starting at 200.100.100.128. Not great, to be honest, because you need seven subnets (three WAN and four LAN) and some require only 20 hosts—so why waste 108 addresses?
Referencing the bottom half of the Subnetting Cheat Chart below, tick down in the Hosts Minus 2 column until you find a number close enough to give you 100 hosts. The only number you can use is 128, which is seven ticks down, so you are stealing seven bits from the host portion, leaving you one bit for subnetting.
Powers of Two | Subnets | Hosts Minus 2 |
2 | √ | √ |
4 | √ | |
8 | √ | |
16 | √ | |
32 | √ | |
64 | √ | |
128 | √ | |
256 | ||
512 |
Using the upper part of the Subnetting Cheat Chart, tick down one place to reveal the subnet mask of 128.
Subnets | |
128 | √ |
192 | |
224 | |
248 | |
252 | |
254 | |
255 | |
128 | |
192 |
When you use the 128 subnet with ACME II Company’s IP address, you get subnet 200.100.100.0 and subnet 200.100.100.128, both with a mask of /25, or 255.255.255.128. For the network needing 100 hosts, you can use the 200.100.100.128 subnet. For the first host, you will use 200.100.100.129 and so on, up to 200.100.100.229. So, now you have:
200.100.100.128/25 – LAN (hosts 129–254)
200.100.100.0/25 – available for use or for VLSM
You need to allocate hosts to the three remaining LAN networks and the three WANs. The other three LANs need between 20 and 30 hosts. If you tick down five places in the Hosts Minus 2 column, you will get 32 – 2, or 30 hosts. If you steal five bits from the host portion, you are left with three bits for the subnet (because there are eight bits in every octet).
Powers of Two | Subnets | Hosts Minus 2 |
2 | √ | √ |
4 | √ | √ |
8 | √ | √ |
16 | √ | |
32 | √ | |
64 | ||
128 | ||
256 | ||
512 |
Tick down three places in the upper half of the Subnetting Cheat Chart to reveal a subnet mask of 224. This mask will give you eight subnets (you only need three for the LANs) and each subnet will have up to 30 available host addresses. Can you see how this will fit ACME II Company’s requirements?
Subnets | |
128 | √ |
192 | √ |
224 | √ |
248 | |
252 | |
254 | |
255 | |
128 | |
192 |
If you tick across three places in the upper half of the Subnetting Cheat Chart, you will see that the subnets go up in increments of 32, so the subnets will be 0, 32, 64, and 96; you cannot use 128 because it was used for the large LAN.
Bits | 128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |
√ | √ | √ |
So, now you have:
200.100.100.0/27 – Reserve this for the WAN links
200.100.100.32/27 – LAN 1 (hosts 33–62)
200.100.100.64/27 – LAN 2 (hosts 65–94)
200.100.100.96/27 – LAN 3 (hosts 97–126)
Next, you need IP addresses for the three WAN connections. WAN IP addressing is fairly easy because you only need two IP addresses if it is a point-to-point link. In the Hosts Minus 2 column, tick down two places to get 4 – 2, or two hosts. This leaves six bits for the subnet.
Powers of Two | Subnets | Hosts Minus 2 |
2 | √ | √ |
4 | √ | √ |
8 | √ | |
16 | √ | |
32 | √ | |
64 | √ | |
128 | ||
256 | ||
512 |
Tick down six places in the upper half of the Subnetting Cheat Chart to get 252 as the subnet mask.
Subnets | |
128 | √ |
192 | √ |
224 | √ |
248 | √ |
252 | √ |
254 | |
255 |
Network Addresses
As a network administrator, you will need to keep a record of the IP addresses and subnets used. So far, you have allocated the following addresses:
WAN links
200.100.100.0/30 – WAN link 1 (hosts 1–2)
200.100.100.4/30 – WAN link 2 (hosts 5–6)
200.100.100.8/30 – WAN link 3 (hosts 9–10)
LAN hosts
200.100.100.32/27 – LAN 1 (hosts 33–62)
200.100.100.64/27 – LAN 2 (hosts 65–94)
200.100.100.96/27 – LAN 3 (hosts 97–126)
Large LAN hosts
200.100.100.128/25 – LAN (hosts 129–254)
Chopping Down
VLSM principles will let you take a network and slice it down into smaller chunks. Those chunks can then be sliced into smaller chunks, and so on. You will reach the limit only when you get to the mask 255.255.255.252, or /30, because this gives you two usable hosts, which is the minimum you would need for any network.
Consider network 200.100.100.0/24. If you change the mask from /24 to /25, this is what happens:
Original mask (last octet) | 00000000 | 1 subnet | 254 hosts |
New mask (Subnet 1) | 00000000 | 200.100.100.0 – Subnet 1 | 126 hosts |
New mask (Subnet 2) | 10000000 | 200.100.100.128 – Subnet 2 | 126 hosts |
Now you have two subnets. If you take the new Subnet 2 of 200.100.100.128 and break it down further by changing the mask from /25 to /26, you get this:
Original mask (last octet) | 10000000 | 1 subnet | 126 hosts |
New mask (Subnet 1) | 10000000 | 200.100.100.128 – Subnet 1 | 62 hosts |
New mask (Subnet 2) | 11000000 | 200.100.100.192 – Subnet 2 | 62 hosts |
If you take the second subnet and break it down further by changing the mask from /26 to /28 (for example), you get this:
Original mask (last octet) | 11000000 | 1 subnet | 62 hosts |
New mask (Subnet 1) | 11000000 | 200.100.100.192 – Subnet 1 | 14 hosts |
New mask (Subnet 2) | 11010000 | 200.100.100.208 – Subnet 2 | 14 hosts |
New mask (Subnet 3) | 11100000 | 200.100.100.224 – Subnet 3 | 14 hosts |
New mask (Subnet 4) | 11110000 | 200.100.100.240 – Subnet 4 | 14 hosts |
Summary
Hopefully, this has helped you understand a bit more about VLSM. It’s no mystery, really. Please take the time to go over the examples above again, and then have a go at the challenge below.
ACME Company II has been allocated the address 200.10.200.x/24, as shown in Figure 6.9. You are required to design an addressing system so that hosts can be given IP addresses and the WAN links can be addressed with no wastage.
FIG 6.9 – VLSM address allocation challenge
Summarization Challenge
Reality Press Limited has hired you to configure summary routes for their network. The previous network engineer has correctly allocated contiguous subnets to the network, but it’s your job to aggregate these internally and then send just one summary network out to the Internet, according to the summarization challenge shown in Figure 6.10 below:
FIG 6.10 – Summarization challenge
FIG 6.11 – Summarization solution
Mini-lab – Troubleshooting IP Addressing
Cisco expects you to be able to resolve IP addressing issues in the CCNA exam. This could be presented in the form of theory questions, diagrams with questions, or having to log on to a router or switch and use various show commands to diagnose and resolve the issue.
Most IP addressing issues can be resolved using the shortcut subnetting steps outlined in this chapter. This method will quickly tell you whether an IP address is in the wrong subnet, is a subnet address, or is a broadcast address for the subnet.
If you have to troubleshoot IP addressing as part of a hands-on lab, this may be presented as an isolated issue or as part of a larger troubleshooting issue, such as an issue involving routing or access lists. We will cover troubleshooting these topics in relevant chapters later on.
Check any diagrams or documentation you have access to in the exam on the screen. There will often be several windows you can open and close in addition to the question window, as well as console windows for routers and switches. It can all become overwhelming if you let it.
Check the diagram, which should show you the correct IP address and subnet mask for the interface or network. Just play along with me and configure 172.16.1.1/16 on R1 and 172.16.1.2/28 on R2, referencing Figure 6.12 below:
FIG 6.12 – Mini-lab: Troubleshooting IP addressing
If you apply the usual subnetting methods to the network above, you should expect to see IP address 172.16.1.1 255.255.255.240 on R1 and 172.16.1.2 255.255.255.240 on R2.
You could be lazy and just ping from R1 and think that all is well. You already know that the first ping will fail due to the ARP process.
R1#ping 172.16.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 20/28/40 ms
Even if you issued a show ip interface brief command, all would appear normal.
R1#show ip int brief
Interface IP-Address OK? Method Status Protocol
Fa0/0 172.16.1.1 YES manual up up
Fa0/1 unassigned YES unset administratively down down
The interface is up/up so it can’t be the IP address, right? Well, you haven’t seen the subnet mask yet, so you need to check this before you know.
R1#show int f0/0
FastEthernet0/0 is up, line protocol is up
Internet address is 172.16.1.1/16
Clearly this isn’t correct because you know that the mask should be /28. The default subnet mask has been applied and it has been correctly applied to R2.
R2#show int f0/0
FastEthernet0/0 is up, line protocol is up
Internet address is 172.16.1.2/28
R1#conf t
R1#int f0/0
R1(config-if)#ip address 172.16.1.1 255.255.255.240
Now check all the show commands again.
The incorrect mask won’t be an issue for pinging the directly-connected interface, but if you added a classless routing protocol, then it could very well cause problems. You already know how to configure an IP address on an interface, so that would resolve this particular issue.
The IP addressing issue may be part of a larger issue, including missing clock rates, shutdown interfaces, routing configuration, or more; however, I wanted to stick to troubleshooting IP addressing in this section. We will cover more advanced troubleshooting later on.
[END OF MINI-LAB]Further Reading
I’ve gone into as much detail as possible here but if you want to learn more about subnetting and do some more practice for your exam, please check out my other books: 101 Labs – IP Subnetting and IP Subnetting – Zero to Guru.
End of Chapter Questions
Please also visit https://www.howtonetwork.com/ccnasimplified to take the free Chapter 6 exam.
Chapter 6 Labs
Lab 1: IP Addressing
The physical topology is shown in Figure 6.13 below:
FIG 6.13 – IP addressing lab
Lab Exercise
Your task is to configure the IP addressing specified in Figure 6.13. Some of the commands you will use will be discussed later, but you will enter them for practice.
Purpose
Every router will need to be configured with IP addresses and will have to connect to another router, either on the LAN or WAN. Being able to do this without looking at the walk-through is your eventual goal. This lab is the springboard for every other lab in the book.
Lab Objectives
- Configure the enable password to be cisco.
- Set the console password to be letmein.
- Configure Telnet access to use the local username banbury with the password ccna.
- Set the IP subnets for the Loopback 0 and Loopback 1 interfaces.
- Set the IP subnet for the Serial 0 interface.
Lab Walk-through
- To configure the enable password command on a router, you need to do the following:
Router>enable
Router#configure terminal
Router(config)#hostname RouterA
RouterA(config)#enable password cisco – Configures the password or uses an enable secret password (but not both)
RouterA(config)enable secret cisco – Configures a more secure enable password
- To configure the console password, you need to configure the console port. To do this, enter the following commands (in global configuration mode):
RouterA(config)#line console 0
RouterA(config-line)#password letmein
RouterA(config-line)#login – Whoever connects to the console port will have to enter the password letmein
RouterA(config-line)#exit
RouterA(config)#
- To set Telnet access, you need to configure the VTY lines to allow Telnet access. Make sure you check how many you have by using the line vty 0 ? To do this, type the following in configuration mode:
RouterA(config)#line vty 0 4 – Enters the VTY line configuration
RouterA(config-line)#login local – This will use local usernames and passwords for Telnet access
RouterA(config-line)#exit – Exits the VTY config mode
RouterA(config)#username banbury password ccna – Creates username and password for Telnet access (login local)
- You now need to start setting the IP addresses on the Loopback interfaces. As shown in Figure 6.13, the subnet mask for the networks is represented by a /16 notation. This is actually a Class B mask (255.255.0.0)—the default for the address ranges you are using for the Loopback interfaces. To apply an IP address to an interface, do the following:
RouterA(config)#interface Loopback0
RouterA(config-if)#ip address 172.16.1.1 255.255.0.0
RouterA(config-if)#interface Loopback1
RouterA(config-if)#ip address 172.20.1.1 255.255.0.0
- Next, you need to configure the IP address for the interface Serial 0 (or you may have Serial 0/0). As this is a WAN link, it is good practice to conserve as many addresses as possible. So, as you can see in the network diagram in Figure 6.13, the Serial interface is using a /30 mask; this is a 255.255.255.252 mask when written in dotted decimal format. Using this subnet mask, you will reduce the available addresses from 255 per subnet to two available host addresses per subnet.
If the router does not accept this mask, you may be running an old IOS version, so you may need to enter the ip subnet-zero command to the router in configuration mode. However, as you will remember from the IP addressing/subnetting presentation, you cannot use an address that is all 1s or all 0s, so the actual usable addresses are two. This mask is perfect for a WAN link, such as the one you are using in this lab, because no addresses are being wasted:
RouterA(config)#interface Serial0
RouterA(config-if)#ip address 192.168.1.1 255.255.255.252
RouterA(config-if)#clock rate 64000 – If this has the DCE cable attached
RouterA(config-if)#no shutdown – This will initialize the interface from the default state of down. This is only necessary on physical, not logical (Loopback), interfaces.
The following message should appear on the console session for Router A:
00:15:51: %LINK-3-UPDOWN: Interface Serial0, changed state to down
The interface will not come up until Router B’s Serial interface is up.
- You will now follow all of the steps above for Router B.
Router>enable
RouterB#config t
Router(config)#hostname RouterB
RouterB(config)#enable password cisco
Or use an enable secret password command (but not both):
RouterB(config)#enable secret cisco
Do not use the same password for both; otherwise, you will receive a warning message. In fact, it is best practice to just use the enable secret command:
The enable secret you have chosen is the same as your enable password.
This is not recommended. Re-enter the enable secret.
Configure the console password:
RouterB(config)#line console 0
RouterB(config-line)#password letmein
RouterB(config-line)#login
RouterB(config-line)#exit
RouterB(config)#
Configure the Telnet password:
RouterB(config)#line vty 0 4
RouterB(config-line)#login local
RouterB(config-line)#exit
RouterB(config)#username banbury password ccna
Configure the Loopback addresses:
RouterB(config)#interface Loopback0
RouterB(config-if)#ip address 172.30.1.1 255.255.0.0
RouterB(config-if)#interface Loopback1
RouterB(config-if)#ip address 172.31.1.1 255.255.0.0
Configure the Serial addresses:
RouterB(config-if)#interface Serial0
RouterB(config-if)#ip address 192.168.1.2 255.255.255.252
RouterB(config-if)#no shutdown
- You should see the interface come up on the console session:
00:31:21: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up
If Router B has the DCE interface attached, then set the clock rate on that. You can issue the show controllers serial 0 command to see whether the cable is DTE or DCE.
You should now be able to ping Router A from Router B and vice versa.
RouterB#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/32 ms
RouterB#
If pings are not working, check the Serial interfaces to make sure that they are both up/up with the show ip interface brief command. You won’t be able to ping the Loopback addresses on the opposite routers because you haven’t configured any routing. We will cover this later.
RouterA#show ip interface brief
Interface IP-Address OK? Method Status Protocol
Ethernet0 unassigned YES unset administratively down down
Loopback0 172.16.1.1 YES manual up up
Loopback1 172.20.1.1 YES manual up up
Serial0 192.168.1.1 YES manual up up
Serial1 unassigned YES unset administratively down down
RouterA#
Make sure that you have put a clock rate on the correct interface (i.e., the DCE side). You can check this with the show controllers serial 0 command (if you are plugged into Serial 0, that is). If you are using GNS3, you won’t need to worry about clock rates.
RouterA#show controllers Serial0
HD unit 0, idb = 0x162890, driver structure at 0x168C18
buffer size 1524 HD unit 0, V.35 DCE cable, clockrate 64000
cpb = 0x2, eda = 0x2940, cda = 0x2800
RX ring with 16 entries at 0x4022800
00 bd_ptr=0x2800 pak=0x16A10C ds=0x4026108 status=80 pak_size=0
Make sure that you have put the correct IP address on both sides and that the subnet masks are the same.
If all else fails and you cannot find what is wrong, look at the show run command output for both routers.
You can copy and paste the configurations into your router at the Router(config)# prompt. Bear in mind that your router may have different interfaces. If, for example, your Serial cable is plugged into Serial 1/0, you will have to make the necessary changes to my configurations.
The exclamation marks are there to make the reading easier when you look at the show run command output.
Show Runs
RouterA#show run
Building configuration…
Current configuration: 709 bytes
!
version 15.1
!
hostname RouterA
!
enable secret 5 $1$rujI$BJ8GgiK8U9p5cdfXyApPr/
!
username banbury password 0 ccna
!
ip subnet-zero
!
interface Loopback0
ip address 172.16.1.1 255.255.0.0
!
interface Loopback1
ip address 172.20.1.1 255.255.0.0
!
interface Serial0
ip address 192.168.1.1 255.255.255.252
clockrate 64000
!
ip classless
no ip http server
!
line con 0
password letmein
login
line aux 0
line vty 0 4
login local
!
end
RouterA#
—
Router B:
RouterB#show run
Building configuration…
Current configuration: 697 bytes
!
version 15.1
!
hostname RouterB
!
enable secret 5 $1$ydeA$MyfRKevOckjm7w/0ornnB1
!
username banbury password 0 ccna
!
ip subnet-zero
!
interface Loopback0
ip address 172.30.1.1 255.255.0.0
!
interface Loopback1
ip address 172.31.1.1 255.255.0.0
!
interface Serial0
ip address 192.168.1.2 255.255.255.252
!
ip classless
no ip http server
!
line con 0
password letmein
login
line aux 0
line vty 0 4
login local
!
end
RouterB#
Answers to Binary/Hex/Decimal Conversions
- Convert 1001 (binary) to hex and decimal – 9 / 9
- Convert 11011 (binary) to hex and decimal – 1B / 27
- Convert 10001 (binary) to hex and decimal – 11 / 17
- Convert 29 (decimal) to binary and hex – 11101 / 1D
- Convert 33 (decimal) to binary and hex – 100001 / 21
- Convert 102 (decimal) to binary and hex – 1100110 / 66
- Convert C7 (hex) to binary and decimal – 11000111 / 199
- Convert FE (hex) to binary and decimal – 11111110 / 254
- Convert B5 (hex) to binary and decimal – 10110101 / 181