Re: Netmasks for dummies
From: Centurion (spam.this_at_nowhere.tld)
Date: 02/22/05
- Next message: Lawrence D’Oliveiro: "Re: LineEndings.c"
- Previous message: Centurion: "Re: Creating virtual floppy drives"
- In reply to: StupidScript: "Netmasks for dummies"
- Next in thread: Moe Trin: "Re: Netmasks for dummies"
- Reply: Moe Trin: "Re: Netmasks for dummies"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Tue, 22 Feb 2005 20:18:01 +1100
StupidScript wrote:
> Just so I understand the system, or at least get a crib sheet for it,
> please let me know if the following is incorrect:
>
> ============= Scenario 1 - 8 addresses: =============
> My ISP has assigned me IPs "198.113.64.1" through "198.113.64.8"
>
> The netmask which accomodates this could be written as either:
> "255.255.255.248" or as "/29"
198.113.64.1 and 198.113.64.8 are NOT valid network boundaries for a /29
subnet. 198.113.64.0-198.113.64.7 is a valid IP block for a /29 subnet.
/29 or 255.255.255.248 defines the subnet mask which assigns a certain
number of bits to the network and the remainder to the host.
/29 has 29 bits allocated to the network and 3 bits allocated to the hosts.
Therefore 2^3=8 which is the number of valid addresses on a /29 subnet. Of
that 8, 1 is a network address and 1 is a broadcast address.
In your case (example):
198.113.64.0 = network
198.113.64.1-198.113.64.6 = hosts/machines etc.
198.113.64.7 = broadcast
192.113.64.8 = the next /29 network's address.... and so on.
> In my iptables, I could DROP all packets coming from any machine on my
> subnet ONLY by identifying the incoming IP range as:
> "198.113.64.1/255.255.255.248" or as "198.113.64.1/29"
replace .1 with .0 and you've got it.
> ============= Scenario 2 - 16 addresses: =============
> My ISP has assigned me IPs "198.113.64.1" through "198.113.64.16"
>
> The netmask which accomodates this could be written as either:
> "255.255.255.240" or as "/28"
Gah - see above. 198...0 - 198...15 is the address range. .0 is the network
address, .15 is the broadcast, .1-.14 are valid host addresses.
> In my iptables, I could DROP all packets coming from any machine on my
> subnet ONLY by identifying the incoming IP range as:
> "198.113.64.1/255.255.255.240" or as "198.113.64.1/28"
replace .1 with .0
> ============= Last Scenario - 128 addresses: =============
> My ISP has assigned me IPs "198.113.64.1" through "198.113.64.128"
Godammit :P (See above).
> The netmask which accomodates this could be written as either:
> "255.255.255.128" or as "/25"
>
> In my iptables, I could DROP all packets coming from any machine on my
> subnet ONLY by identifying the incoming IP range as:
> "198.113.64.1/255.255.255.128" or as "198.113.64.1/25"
s/\.1/\.0/
> Am I off base? I appreciate any responses.
On EVERY IP network, 2 addresses are 'wasted' because every IP networks
requires a network address and a broadcast address. Therefore the smallest
subnet possible is a /30 (255.255.255.252) which leaves 30 allocated to the
network and 2 bits to the address giving 4 addresses in total; 1 network, 2
hosts and 1 broadcast. I use these for connecting routers together on uor
internal network. That way the only valid addresses are each end of the
link ;)
Get hold of "ipsc" - IP Subnet Calculator. It's a command line utility
that's been compiled for nearly every OS known to man (and woman) AFAIK.
James
-- Your lucky number has been disconnected.
- Next message: Lawrence D’Oliveiro: "Re: LineEndings.c"
- Previous message: Centurion: "Re: Creating virtual floppy drives"
- In reply to: StupidScript: "Netmasks for dummies"
- Next in thread: Moe Trin: "Re: Netmasks for dummies"
- Reply: Moe Trin: "Re: Netmasks for dummies"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
