Variable Length Subnet Mask (VLSM)

Hi Rene,

Shouldn’t be for 600 hosts, 3 blocks would suffice? 256*3
Instead of taking 4 blocks in above solution?

Rahul

Hello Rahul

If you were to use three separate subnets to accommodate 600 hosts then you could create them, but they would still be separate subnets. For example, you could use

192.168.0.0/24
192.168.1.0/24
192.168.2.0/24

That would give you 256*3 = 768 IP addresses.

However, you would still have three SEPARATE subnets each requiring a network address, a broadcast address and a default gateway. You would also require routing to communicate between the subnets. For example, a host at 192.168.0.26 needs to go through a router to reach 192.168.2.26.

If you want to create ONE large subnet, you must find the smallest subnet that will accommodate at least 600 hosts.

So
a subnet mask of 255.255.255.0 or /24 gives you 255 IPs
a subnet mask of 255.255.254.0 or /23 gives you 512 IPs
a subnet mask of 255.255.252.0 or /22 gives you 1024 IPs

Notice that the sizes of the subnets always double in size so you go from 512 to 1024 addresses. There is no whole subnet that gives you 768 hosts (256*3).

A subnet mask of 255.255.252.0 or /22 which gives you 1024 IPs is equivalent to the merging of FOUR /24 subnets.

I hope this has been helpful!

Laz

Hi,
It seems like simple by troubling my head!
Is 192.168.10.0/24 and 192.168.10.0/28 a same networks or different networks?
(192.168.10.0/24 network accommodates hosts from 192.168.10.1 to 192.168.10.254
similarly 192.168.10.0/28 accommodates from 192.168.10.1 to 192.168.10.14)

Thanks in advance !

Pradeep

Hello Pradeep

These are two different subnets yes, because they are defined with differing sizes. However you cannot use both in the same network because they overlap. All subnets used in a single network must not overlap.

I hope this has been helpful!

Laz

Dear Rene, I have a doubt
I was configuring some IPS simulating two PCs in the network 24.60.0.0 /17. Usually I would think this is a class A IP but it looks like once it got 16 bits to the network I assume is a class B subnet mask… and the next bit means that I can have 2 subnets like the example:
24.60.0.0 /17
24.60.128.0 /17
Am I right about this thinking? is it a class A or B in the end?

Another question is: imagine subnet 24.60.0.0 /17

first usable IP 24.60.0.1
Last usable: IP 24.60.127.254
BCast: 24.60.127.255

My question is about how I should run this IP for the hosts
First 24.60.0.1 then 24.60.0.2, 24.60.0.3
When I arrive 24.60.0.255 , should I go next to 24.60.1.0?

are those IPs (24.60.0.255 and 24.60.1.0 ) valid IP to configure in one PC for example ?

thanks in advance

Hello Victor

By definition, in a classful networking scheme, 24.60.0.0 is a class A network since its first bit is 0. In this case, the subnet mask must be /8. However, if you are using a classless networking scheme, then there is no restriction as to the subnet mask you will be using. Since here the subnet mask is /17, this means that your addressing scheme is classless, therefore any reference to network classes is irrelevant.

However, you are correct that the 24.60.0.0/16 network space can be subnetted into two equal-size subnets of 24.60.0.0 /17 and 24.60.128.0 /17. But once again, any reference to classful networks here has no meaning, since you are using a classless networking scheme.

As for your second question, yes you are right, when you get to 24.60.0.255, the very next host address is indeed 24.60.1.0. This looks strange because we are so used to using subnet sizes of /24, /25, /26 all the way up to /30. For these subnet sizes, it is always the case that an address that has 0 in the last octet is always a network address. But for subnet sizes of /23, /22, /21 and smaller, you can have a host IP address that has 0 in its final octet, and it can still be used for a host.

I hope this has been helpful!

Laz

Hi Rene, I am still confused about how we arrive at 255.255.254.0 when doing the VLSM of subnet block 512. Why are we operating in the 3rd octet when we are dealing with a block of 512?
Also, in subnet 2 (block size of 256), how did we get to the subnet (2) which is 172.16.2.0, and broadcast 172.16.2.255? please help

Hello Hanson

Remember that network devices see the IP address as a series of 32 bits. They don’t see decimal, they don’t see octets. Just a stream of bits. Now the subnet mask is used to separate that train of 32 bits into two sections: the network section and the host section. In order to get a subnet of 512 addresses, the host section must have enough bits to represent 512 addresses. How many bits is that? The answer is 9. (2^9 = 512).

Therefore, out of the 32 bits in the IP address, the host section must be 9 bits, which means the network section must be 23 bits. So the subnet mask is composed of 23 ones, which mark the network section, and 9 zeros which mark the host section. So it’s something like this:

11111111111111111111111000000000

Let’s put in the dots where they would go in the IP address and we get:

11111111.11111111.11111110.00000000

Now if we convert it to decimal we get

255.255.254.0

Now if we’re starting with 172.16.0.0 255.255.254.0, we have to keep in mind what range this refers to. This network address and subnet mask combination refer to an IP address range of 172.16.0.0 to 172.16.1.255 (remember, 512 addresses.) The very next available IP address to continue the subnetting procedure is 172.16.2.0, and that is why we continue with that one.

I hope this has been helpful!

Laz

Thank you, it’s much clearer now.

Hi Lazaros,

I cam across this example of a data center using secondary ip addresses and it seemed a lot like subnetting but they say they didnt receive an adjacent 23 address in the picture. If they had received an adjacent address what could that have looked like and how would they have combined the addresses?

Why Would It Have to Be Adjacent and How Would They Combine a Twenty Three and Twenty Four.1106×712 76.2 KB

Hello Daniel

The case that is being described here would not be a supernet. It would actually be a single VLAN with multiple subnets in it.

Imagine you have an unmanaged switch, and you connect the following to it:

• a router with an IP address of 192.168.1.1/24
• a router with an IP address of 192.168.5.1/24
• a host with an IP address of 192.168.1.100/24 and a default gateway of 192.168.1.1
• a host with an IP address of 192.168.5.100/24 and a default gateway of 192.168.5.1
• the two routers are connected to each other via a third subnet, and routing is configured so that all subnets are reachable.

In such a scenario, you have a single Layer 2 LAN, but you are running multiple subnets on it. One host will not be able to communicate directly with the other host even though they’re on the same LAN. Any packets destined for the other host will be sent to the default gateway and must be routed from one router to the other in order to be sent back into the same LAN.

The same idea takes place if you have a single VLAN, an SVI, or a router interface on that VLAN with multiple IP addresses in different subnet ranges. Any hosts in one subnet range will use one IP address as the default gateway, while hosts in the other range will use the secondary IP address of the interface.

It’s almost like you are superimposing two different subnets on the same VLAN, but because the subnets are defined in the hosts and routers, they remain separate in their communication with each other.

Now, this is by no means an ideal situation, and should only be used as a temporary fix. This is because broadcasts that use the 255.255.255.255 address will be heard by all hosts in the VLAN regardless of which subnet they belong to, so features that use this, such as DHCP for example would not function correctly.

I hope this has been helpful!

Laz

Thank you Lazaros that helps clear it up for me

hello
why we need VLSM ?

Hello @faisal,

On a LAN with private IP addresses, there’s no need to use VLSM since you have plenty of IPv4 addresses. On the Internet, however, it is important because we run out of public IPv4 addresses. For example, with VLSM, an ISP can give whatever block of addresses that is required for each customer. This could be a /24, a /29, /28, etc.

Rene

thank you
if have big company need using VLSM and for security and management and for broadcast
I am correct

Hello Faisal

In general, grouping your services into different subnets does help in limiting broadcast traffic, employing security features, as well as managing your network as a whole. For example, you can place all of your servers in a single subnet and apply security features at the router (ACLs for example) to limit access. You can separate your company departments into different subnets to manage them better, and you can keep your subnets small (a small number of hosts) to limit broadcasts.

VLSM is not necessary to do this, as you can create subnets of the same subnet mask. For example, you can have the following subnets:

10.25.50.0/24
10.25.51.0/24
10.25.52.0/24
10.25.53.0/24
…
…
10.25.99.0/24

Here the subnet mask length is not variable, but is the same for all subnets. You may have two hosts in each subnet or 200, it doesn’t really matter. You are still getting the security, management, and broadcast limitation advantages simply because you are employing different subnets.

The variable-length subnet mask (VLSM) comes into play for subnetting only when, as Rene stated, you need to preserve the IPv4 address space you are using.

I hope this has been helpful!

Laz

please could you help me i cant undrestand how you finde this broadcast address: 172.16.1.255 section of subneting. i dont understand why 1

Hello Brahim

In the specific situation, we have a network address of 172.16.0.0 and we want to create a subnet of 512 addresses. 512 addresses means a subnet mask of 255.255.254.0. Now I’m going to represent the network address and the subnet mask using decimal for the first two octets, and binary for the last two octets, just for clarification. So here it is:

172. 16.00000000.00000000
255.255.11111110.00000000

Now for every 0 in the subnet mask, the bits in the same positions of the network address can be either 0 or 1. That’s how the range of the subnet is determined. There are 9 bits in the subnet mask that are zeros. (bold zeros). That means the last 9 bits of the network address can range from 000000000 to 111111111. Notice 9 bits?

So the network address is

172. 16.00000000.00000000

and the broadcast address is

172. 16.00000001.11111111

Translate the broadcast address to decimal, you will get 172.16.1.255.

This results in 512 addresses starting from 172.16.0.0 all the way up to 172.16.1.255. If you count them like this, you will see that they are indeed 512:

172.16.0.0
172.16.0.1
172.16.0.2
172.16.0.3
…
…
172.16.0.254
172.16.0.255
172.16.1.0
172.16.1.1
172.16.1.2
…
…
172.16.1.253
172.16.1.254
172.16.1.255

I hope this has been helpful!

Laz

Hi Rene, I have a question regarding this solution, if the subnets go up in 4, how com gabrielba uses a 10.0.5.0 Address?

Hello Sidney

Gabriel’s scenario involved subnets of different sizes. For the first subnet, he needs 600 hosts, so he goes for a block of 1024, which means he gets a range of 10.0.0.0 to 10.0.3.255. That’s a size of four /24 subnets. As you say in your post, the third octet should range from 0 to 3.

However, the next subnet is smaller. To serve 250 he needs a subnet of size 256 which is a single /24 subnet. So for this one, he chooses the very next subnet, which is 10.0.4.0/24.

Next, he needs an even smaller subnet to serve 120 hosts, which can be done by a 128 sized block. And he’s going to use the very next available range, which is 10.0.5.0/25, starting with 10.0.5.1.

Remember this is using a variable length subnet mask, which is why each subnet can have different sizes. The first is indeed the same size as four /24 subnets, but the next one is smaller. So what numbers will end up being used in each octet depend upon on the size and the number of subnets that you need.

I hope this has been helpful!

Laz