A Motivated Example of Variable Length Subnet Masks
originally published at https://victorfeight.com/2022/06/motivation_behind_vlsm/
Video companion piece: youtube.com/watch?v=S4k3fGhCEI4
What is Subnetting?
Hey everyone, I'm taking a small detour from my Dokku series to play with some numbers. π¦
In this blog post, I'll try and teach you all the tricks I've struggled to learn with variable length subnet masks through a motivated example.
But first, what is subnetting?
Subnetting helps us break large networks into smaller network segments, allowing network traffic to travel a shorter distance without passing through unnecessary router hops on the way to its destination.
This eases network congestion and reduces network load, increasing network efficiency.
How does CIDR work?
Classless Inter-Domain Routing (CIDR) is a subnetting notation used in modern networking. CIDR helps an IP address encapsulate both total network count and total host count for the network range in one address, determined by the network bits (1s) and the following host bits (0s).
/8 = 255.0.0.0 (ie first 8 bits of subnet mask are oneβ11111111)
/16 = 255.255.0.0
/24 = 255.255.255.0
/32 = 255.255.255.255
It works like this, say we have an IP address, 172.16.0.0/24
.
In decimal, that's 255.255.255.0.
The /24
means that the first 24 bits of the network bits are turned on in the subnet mask.
ie. 11111111.11111111.11111111.00000000
indicate 24 network bits (set), and 8 host bits (unset). Network bits on the left, host bits on the right.
- This is 2n networks, where n is number of network bits, resulting in 16,777,216 networks.
- The number of hosts is 2h, where h is the number of host bits, resulting in 256 hosts per network.
Who's that subnet?:
In decimal, that's 255.255.255.0
. Familiar? That's because it was also used into old Classful addressing, which is still used in Windows IP protocol settings:
Motivation for VLSM 1: Static Length Subnet masks
When the subnet mask is the same for every subnet, usable IPs become wasted. That's how old Classful IP addressing used to work before CIDR.
Across this whole network a mask of /24
is used, resulting in 254
usable hosts per subnet. Note that in every single subnet, some host addresses will remain unused. In particular, 252 host addresses are wasted for each Point to Point WAN Link between the routers.
Let's calculate it: Altogether, we are using 201 + 201 + 51(4) + 2 + 2 + 2 + 2 addresses (add 1 to each LAN segment since it's connected to router interface) = 612 used addresses.
The total allotted using /24
across the network would be 254(6) for the LANs + 254(4) for each of the WAN links = 2,540 total alloted.
Then the wasted addresses would be 1,928 IP addresses.
That's a lot of addresses for traffic to flow between, with may result in many unnecessary routes between router hops, resulting in network congestion.
Calculating Usable IPs:
Usable IP address formula is 2h - 2, where h = number of host bits. This is because we subtract the 2 unusable IPs, Network IP and Broadcast IP.
172.16.0.0/24
Would leave 8 host bits. 28 - 2 = 254 usable IPs.
How VLSM Works
By using VLSM, each LAN and WAN point to point Link can have a different Subnet mask. You may have guessed the advantage to this: LANs with fewer required hosts can have their own subnet.
Now we can have each LAN segment behind HQ router use /24
mask, resulting in 254 usable IPs, so only 254 usable IPs - 201 addresses used = 53 IPs
wasted per LAN (if you include the router interface in the addresses used).
For branch LANs behind routers A through D, /26
results in 62 usable IPs, so only (62 - 51) = 11 IPs wasted per LAN.
For each WAN Link, /30
results in 2 usable IPs, so only two IPs are needed for Serial Point to Point WAN Links (one for each router interface link). This means 8 usable IPs, one for each of the linked router interface pairs, resulting in no wasted IPs.
Designing a VLSM
The general steps to designing a VLSM for a network is as follows:
- Arrange the network from largest to smallest
- Use the chart to determine mask, and divide the address into equal address blocks (subnetting).
- Note the remaining subnet numbers from mask in step 2.
- Take the next available subnet, and subnet it further for smaller networks.
- Write down new subnet numbers again.
- Repeat steps 4-5 for smaller segments.
Designing a VLSM Example
- The first step will be to arrange the networks from largest to smallest:
The network in order of host-size will be:
- LAN-D is the largest with 29 hosts behind Router D
- LAN-B with 20 hosts behind Router B, LAN-C with 20 hosts behind Router C
- LAN-A with 13 hosts behind Router A
WAN Link A <--> D with 2 hosts, WAN Link B <--> D with 2 hosts, WAN Link C <--> D with 2 hosts
Note that LAN-D is the largest with 30 hosts (29 hosts + 1 router interface). Checking the chart, we can see that as we require 30 hosts,
/27
would provide us with 2h - 2 = 28 - 2 = 30 usable addresses.
Therefore, we'll assign 192.168.1.0/27
to LAN-D segment. With this /27
network we'll have a subnet mask of 255.255.255.224/27
.
That's 11111111.11111111.11111111.11100000
, with 5 unset host-bits, that's 25 = 32 hosts possible per subnet.
256 - 224 = 32 (magic number)
0 32
=> NW IP 192.168.1.0
, Broadcast IP: 192.168.1.31
Thus, our subnet possibilities for 192.168.1.0/27
are:
192.168.1.0/27
192.168.1.32/27
192.168.1.64/27
192.168.1.96/27
192.168.1.128/27
- ....etc
ROUTER D LAN:
Number of Hosts β 30
Host Bits β 5 bits
Subnet Mask β /27 or 255.255.255.224
Increment β 32
Network Address β 192.168.1.0
Broadcast Address β 192.168.1.31
Usable IP Addresses β 192.168.1.1 to 192.168.1.30
- Note that the next smallest subnets, LAN-B and LAN-C attached to Router-B and Router-C both require 21 host addresses (20 hosts + 1 router interface each). Going by the chart, the smallest possible block-size for 21 hosts is 32, which is a
/27
subnet mask.
We already have two subnets with /27
available from step 2. Assign them to LAN-B and LAN-C subnets:
192.168.1.32/27
192.168.1.64/27
ROUTER B LAN:
256 - 224 = 32 (magic number)
32 64
=> NW IP 192.168.1.32
, Broadcast IP: 192.168.1.63
Number of Hosts β 21
Host Bits β 5 bits
Subnet Mask β /27 or 255.255.255.224
Increment β 32
Network Address β 192.168.1.32
Broadcast Address β 192.168.1.63
Usable IP Addresses β 192.168.1.33 to 192.168.1.62
ROUTER C LAN:
256 - 224 = 32 (magic number)
64 96
=> NW IP 192.168.1.64
, Broadcast IP: 192.168.1.95
Number of Hosts β 30
Host Bits β 5 bits
Subnet Mask β /27 or 255.255.255.224
Increment β 32
Network Address β 192.168.1.64
Broadcast Address β 192.168.1.95
Usable IP Addresses β 192.168.1.65 to 192.168.1.94
- The next smallest subnet is LAN-A with 14 host addresses (13 hosts + 1 router interface). From the chart, we can see the smallest block size is 16, so we can use subnet mask
/28
.
Take the next available subnet from /27
:
- 192.168.1.0/27
- 192.168.1.32/27
- 192.168.1.64/27
- 192.168.1.96/27
Subnet 192.168.1.96
further using the /28
mask, resulting in two subnets: 192.168.1.96/28, 192.168.1.112/28.
Finding the number of Subnets:
Recall prior 192.168.1.0/27
binary subnet: 11111111.111111111.11111111.11100000
192.168.1.96/27
to /28
means 1 host bit was borrowed (111 to 1111), and the formua for number of subnets is 2s, where s is host bits borrowed.
Thus 21 = 2 subnets.
We assign the first available subnet to LAN-A segment (192.168.1.96
)
- Write down the new subnet numbers again.
Our two subnets would be:
- 192.168.1.96
- 192.168.1.112
ROUTER B LAN:
192.168.1.96/28
means 11111111.11111111.11111111.11110000
or 240 subnet mask. 256 β 240 = 16 (magic number).
96 112
=> NW IP 192.168.1.96
, Broadcast IP: 192.168.1.111
Number of Hosts β 14
Host Bits β 4 bits
Subnet Mask β /28 or 255.255.255.240
Increment β 16
Network Address β 192.168.1.96
Broadcast Address β 192.168.1.111
Usable IP Addresses β 192.168.1.33 to 192.168.1.62
- Repeat steps 4-5 for the three point-to-point WAN segments.
The smallest segments are the three WAN links between the routers (2 hosts each):
- WAN Link A <--> D with 2 hosts
- WAN Link B <--> D with 2 hosts
- WAN Link C <--> D with 2 hosts
We know that each of these WANs' address block sizes will need to accommodate 2 usable host IPs (for both router interfaces) plus 2 (the network IP and the broadcast ip).
- This is because 2h - 2 = 22 - 2 = 2 usable IPs.
Therefore, 2 hosts requires block size 4, and thus subnet mask /30
.
Available subnets:
- 192.168.1.96
- 192.168.1.112
Take the next available subnet: 192.168.1.112/28
and subnet it further with a /30
mask.
192.168.1.112/30
has 2h = 22 hosts per subnet.
11111111.11111111.11111111.11110000 (/28)
11111111.11111111.11111111.11111100 (/30)
2 host bits borrowed gives 2s = 22 = 4 subnets possible.
We'll take the next 3 for our WAN Link Segments:
- 192.168.1.112/30
- 192.168.1.116/30
- 192.168.1.120/30
- 192.168.1.124/30
WAN Link A <--> D:
192.168.1.112/30
11111111.11111111.11111111.11111100
=>255.255.255.252/30
256 - 252 = 4 (magic number)112 116
=> NW IP192.168.1.112/30
, Broadcast IP:192.168.1.115
Number of Hosts β 2
Host Bits β 2 bits
Subnet Mask β /30 or 255.255.255.252
Increment β 4
Network Address β 192.168.1.112
Broadcast Address β 192.168.1.115
Usable IP Addresses β 192.168.1.113 to 192.168.1.114
WAN Link B <--> D:
192.168.1.116/30
116 120
=> NW IP192.168.1.116/30
, Broadcast IP:192.168.1.119
Number of Hosts β 2
Host Bits β 2 bits
Subnet Mask β /30 or 255.255.255.252
Increment β 4
Network Address β 192.168.1.116
Broadcast Address β 192.168.1.119
Usable IP Addresses β 192.168.1.117 to 192.168.1.118
WAN Link C <--> D:
192.168.1.120/30
120 124
=> NW IP192.168.1.120/30
, Broadcast IP:192.168.1.123
Number of Hosts β 2
Host Bits β 2 bits
Subnet Mask β /30 or 255.255.255.252
Increment β 4
Network Address β 192.168.1.120
Broadcast Address β 192.168.1.123
Usable IP Addresses β 192.168.1.121 to 192.168.1.122
Summary
We've broken down our subnet from a /27
to a /28
and then to a /30
. By optimizing our subnetting with VLSM, we can summarize results:
- LAN-D is the largest with 29 hosts behind Router D
LAN-D requires 30 hosts (29 hosts in LAN segment, 1 for router interface)
With /27
it has 25 - 2 usable hosts, giving 31 hosts (30 usable hosts + 1 for router interface). Thus there is 1 wasted IP address on LAN-D.
- LAN-B with 20 hosts behind Router B, LAN-C with 20 hosts behind Router C
LAN-B requires 21 hosts (20 hosts in LAN segment, 1 for router interface). /27
gives 31 hosts (30 usable hosts + 1 for router interface), . Thus, in LAN-B and LAN-C, there are only 10 wasted IP addresses each.
- LAN-A with 13 hosts behind Router A
LAN-A requires 14 hosts (13 in LAN segment, 1 for router interface). /28
gives 15 hosts (14 usable hosts + 1 router interface). Thus there is 1 wasted IP address on LAN-D.
- WAN Link A <--> D uses 2 hosts (as does WAN Link B <--> D and WAN Link C <--> D)
WAN Link A <--> D requires 2 hosts (one at each router interface in the Point to Point WAN Link). /30
gives 2 usable hosts. Thus there are no wasted IP addresses on any WAN links.
Altogether, we have 92 addresses being used (30 + 21 + 21 + 14 + 2 + 2 + 2). We have 114 addresses total allocated (15 + 31 + 31 + 31 + 2 + 2 + 2).
Thus, 114 - 92 = 22 addresses wasted. Big improvement over 1,928.
Hope you enjoyed, and hope to be back soon.