This article is intended as a general introduction to the concepts of Internet Protocol (IP) networks and subnets. a glossary is included at the end of the article.
applies to: windows 10 – all editions original kb number: 164015
summary
When configuring the tcp/ip protocol on a windows computer, the tcp/ip configuration settings require:
- an ip address
- a subnet mask
- a default gateway
-
class a networks use a default subnet mask of 255.0.0.0 and have 0-127 as their first octet. the address 10.52.36.11 is a class a address. its first octet is 10, which is between 1 and 126, inclusive.
-
class b networks use a default subnet mask of 255.255.0.0 and have 128-191 as their first octet. the address 172.16.52.63 is a class b address. its first octet is 172, which is between 128 and 191, inclusive.
-
class c networks use a default subnet mask of 255.255.255.0 and have 192-223 as their first octet. the address 192.168.123.132 is a class c address. its first octet is 192, which is between 192 and 223, inclusive.
In some scenarios, the default subnet mask values do not meet the needs of your organization for one of the following reasons:
- the physical topology of the network
- the number of networks (or hosts) does not fit within the default subnet mask restrictions.
- a single physical network has more than one router.
- The wrong router is configured as the default gateway.
- “tcp/ip illustrated, volume 1: the protocols”, richard stevens, addison wesley, 1994
- “Internetting with TCP/IP, Volume 1: Principles, Protocols, and Architecture”, Douglas E. corner, prentice hall, 1995
-
broadcast address: an ip address with a host part that are all ones.
-
host-a computer or other device on a tcp/ip network.
-
internet: the global collection of networks that are connected to each other and share a common range of ip addresses.
-
internic-the organization responsible for managing ip addresses on the internet.
-
ip: The network protocol used to send network packets over a tcp/ip network or the internet.
-
ip address: a unique 32-bit address for a host on a tcp/ip network or internetwork.
-
network: There are two uses of the term network in this article. one is a group of computers on a single physical network segment. the other is a range of ip network addresses assigned by a system administrator.
-
network address: an ip address with a host part that is all zeros.
-
octet: an 8-bit number, 4 of which comprise a 32-bit ip address. have a range of 00000000-11111111 which correspond to decimal values 0-255.
-
packet: a unit of data that is transmitted over a tcp/ip network or a wide area network.
-
rfc (request for comments): a document used to define standards on the internet.
-
router-a device that passes network traffic between different ip networks.
-
subnet mask: a 32-bit number used to distinguish the network and host parts of an ip address.
-
subnet or subnet: a smaller network created by dividing a larger network into equal parts.
-
tcp/ip: widely used, the set of protocols, standards, and utilities commonly used on the internet and large networks.
-
wide area network (wan): a large network that is a collection of smaller networks separated by routers. the internet is an example of a great wan.
The next section explains how networks can be divided using subnet masks.
subnet
A system administrator can partition or subdivide a class a, b, or c tcp/ip network. becomes necessary as you reconcile the internet’s logical addressing scheme (the abstract world of ip addresses and subnets) with the physical networks used by the real world.
A system administrator who is assigned a block of ip addresses may be managing networks that are not organized in a way that easily accommodates these addresses. For example, you have a wide area network with 150 hosts in three networks (in different cities) that are connected by a tcp/ip router. each of these three networks has 50 hosts. it is assigned the class c network 192.168.123.0. (for illustration purposes, this address is actually from a range that is not assigned on the internet). means you can use addresses 192.168.123.1 to 192.168.123.254 for your 150 hosts.
Two addresses that cannot be used in your example are 192.168.123.0 and 192.168.123.255 because binary addresses with a host part of only ones and zeros are not valid. address zero is invalid because it is used to specify a network without specifying a host. The 255 address (in binary notation, an all-1s host address) is used to transmit a message to every host on a network. just remember that the first and last addresses on any network or subnet cannot be assigned to any individual host.
You should now be able to provide ip addresses to 254 hosts. works fine if all 150 computers are on a single network. however, its 150 computers are on three separate physical networks. instead of requesting more blocks of addresses for each network, it divides your network into subnets that allow you to use one block of addresses on multiple physical networks.
In this case, you divide your network into four subnets by using a subnet mask that increases the network address and reduces the possible range of host addresses. in other words, it is ‘borrowing’ some of the bits used for the host address and using them for the network part of the address. the 255.255.255.192 subnet mask gives you four networks of 62 hosts each. works because in binary notation, 255.255.255.192 is the same as 1111111.11111111.1111111.11000000. the first two digits of the last octet are converted to network addresses, so you get the additional networks 00000000 (0), 01000000 (64), 10000000 (128), and 11000000 (192). (Some administrators will only use two of the subnets using 255.255.255.192 as the subnet mask. For more information on this, see rfc 1878.) On these four networks, the last six binary digits can be used for host addresses.
Using a subnet mask of 255.255.255.192, your 192.168.123.0 network becomes the four networks 192.168.123.0, 192.168.123.64, 192.168.123.128, and 192.168.123.192. these four networks would have as valid host addresses:
192.168.123.1-62 192.168.123.65-126 192.168.123.129-190 192.168.123.193-254
Remember, again, that binary host addresses with only ones or zeros are not valid, so you cannot use addresses with the last octet of 0, 63, 64, 127, 128, 191, 192, or 255.
You can see how this works by looking at two host addresses, 192.168.123.71 and 192.168.123.133. if you used the default class c subnet mask of 255.255.255.0, both addresses are on the 192.168.123.0 network. however, if you use the subnet mask of 255.255.255.192, they are on different networks; 192.168.123.71 is on the 192.168.123.64 network, 192.168.123.133 is on the 192.168.123.128 network.
default gateways
If a tcp/ip computer needs to communicate with a host on another network, it will usually communicate through a device called a router. In TCP/IP terms, a router that is specified on a host, which links the host’s subnet to other networks, is called a default gateway. This section explains how tcp/ip determines whether or not to send packets to its default gateway to reach another computer or device on the network.
When a host tries to communicate with another device via tcp/ip, it performs a matching process using the defined subnet mask and destination ip address against the subnet mask and its own ip address. the result of this comparison tells the computer whether the destination is a local host or a remote host.
If the result of this process determines that the destination is a local host, the computer will send the packet to the local subnet. if the result of the comparison determines that the destination is a remote host, the computer will forward the packet to the default gateway defined in its tcp/ip properties. then it is the responsibility of the router to forward the packet to the correct subnet.
troubleshooting
tcp/ip network problems are often caused by misconfiguration of the three main entries in a computer’s tcp/ip properties. By understanding how TCP/IP configuration errors affect network operations, you can resolve many common TCP/IP problems.
Bad subnet mask: If a network uses a different subnet mask than the default mask for its address class, and a client is still configured with the default subnet mask for the address class, communication will fail with some networks close but not with distant ones. As an example, if you create four subnets (as in the subnetting example) but use the wrong subnet mask of 255.255.255.0 in your tcp/ip configuration, hosts will not be able to determine that some computers are on different subnets than the yours in this situation, packets destined for hosts on different physical networks that are part of the same c-class address will not be sent to a default gateway for delivery. A common symptom of this problem is when a computer can communicate with hosts that are on its local network and can communicate with all remote networks except those networks that are nearby and have the same class a, b, or c address. To fix this, simply enter the correct subnet mask in the tcp/ip settings for that host.
wrong ip address: If you put computers with ip addresses that should be on separate subnets on a local network from each other, they won’t be able to communicate. they will try to send packets to each other through a router that cannot forward them correctly. A symptom of this problem is a computer that can talk to hosts on remote networks, but cannot communicate with some or all of the computers on your local network. To fix this issue, make sure all computers on the same physical network have IP addresses on the same IP subnet. if you run out of ip addresses on a single network segment, there are solutions that are beyond the scope of this article.
bad default gateway – A computer configured with the wrong default gateway can communicate with hosts on its own network segment. but you will not be able to communicate with hosts on some or all of the remote networks. a host can communicate with some remote networks but not with others if the following conditions are met:
This problem is common if an organization has one router to an internal tcp/ip network and another router connected to the internet.
references
Two popular references on tcp/ip are:
It is recommended that a sysadmin responsible for tcp/ip networks have at least one of these references available.
glossary
To configure tcp/ip correctly, you need to understand how tcp/ip networks are addressed and divided into networks and subnets.
The success of tcp/ip as an internet network protocol is largely due to its ability to connect networks of different sizes and systems of different types. these networks are arbitrarily defined into three main classes (along with a few others) that have predefined sizes. each of them can be divided into smaller subnets by system administrators. A subnet mask is used to divide an IP address into two parts. one part identifies the host (computer), the other part identifies the network to which it belongs. To better understand how IP addresses and subnet masks work, look at an IP address and see how it’s organized.
ip addresses: networks and hosts
an ip address is a 32 bit number. uniquely identifies a host (computer or other device, such as a printer or router) on a tcp/ip network.
IP addresses are usually expressed in dotted decimal format, with four numbers separated by periods, such as 192.168.123.132. To understand how subnet masks are used to distinguish between hosts, networks, and subnets, examine an IP address in binary notation.
for example, the dotted decimal ip address 192.168.123.132 is (in binary notation) the 32-bit number 110000000101000111101110000100. This number can be difficult to understand, so break it into four pieces of eight binary digits.
These 8-bit sections are known as octets. the example ip address then becomes 11000000.10101000.01111011.10000100. this number just makes a little more sense, so for most uses, convert the binary address to dotted decimal (192.168.123.132). decimal numbers separated by dots are the octets converted from binary to decimal notation.
For a tcp/ip wide area network (wan) to function efficiently as a collection of networks, the routers that pass data packets between networks do not know the exact location of a host to which a data packet is destined. routers only know which network the host is a member of and use the information stored in their routing table to determine how to get the packet to the destination host’s network. once the packet is delivered to the destination network, the packet is delivered to the appropriate host.
For this process to work, an ip address consists of two parts. The first part of an IP address is used as the network address, the last part as the host address. If you take the example 192.168.123.132 and split it into these two parts, you get 192.168.123. network .132 host or 192.168.123.0 – network address. 0.0.0.132 – server address.
subnet mask
The second item, which is required for tcp/ip to work, is the subnet mask. The subnet mask is used by the tcp/ip protocol to determine if a host is on the local subnet or on a remote network.
In tcp/ip, the parts of the ip address that are used as network and host addresses are not fixed. Unless you have more information, the above network and host addresses cannot be determined. this information is provided in another 32-bit number called the subnet mask. the subnet mask is 255.255.255.0 in this example. It’s not obvious what this number means unless you know that 255 in binary notation equals 11111111. Therefore, the subnet mask is 11111111.11111111.11111111.00000000.
By aligning the ip address and subnet mask together, the network and host portions of the address can be separated:
11000000.10101000.01111011.10000100 – ip address (192.168.123.132) 11111111.11111111.11111111.00000000 – subnet mask (255.255.255.0)
The first 24 bits (the number of ones in the subnet mask) are identified as the network address. the last 8 bits (the number of remaining zeros in the subnet mask) are identified as the host address. gives you the following addresses:
11000000.10101000.01111011.00000000 – network address (192.168.123.0) 00000000.00000000.00000000.10000100 – host address (000.000.000.132)
Now you know, for this example with a subnet mask of 255.255.255.0, that the network ID is 192.168.123.0 and the host address is 0.0.0.132. When a packet arrives on the 192.168.123.0 subnet (from the local subnet or a remote network) and has a destination address of 192.168.123.132, your computer will receive it from the network and process it.
Almost all decimal subnet masks are converted to binary numbers that are all ones on the left and all zeros on the right. some other common subnet masks are:
internet rfc 1878 (available at internic public information on internet domain name registration services) describes valid subnets and subnet masks that can be used on tcp/ip networks.
network classes
Internet addresses are assigned by internic, the organization that manages the internet. These IP addresses are divided into classes. the most common are classes a, b and c. classes d and e exist, but are not used by end users. each of the address classes has a different default subnet mask. You can identify the class of an IP address by looking at its first octet. the following are the class a, b, and c internet address ranges, each with an example address:
