Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Subnetting
Special Forums IP Networking Subnetting Post 302993570 by drysdalk on Saturday 11th of March 2017 07:41:05 AM
Old 03-11-2017
Hi,

Firstly, from just looking at a single IP, you can't tell how large the network it's a part of is. You need to know the netmask. So for example, if I had an IP of 192.168.1.10, that doesn't tell you anything at all about how large or small the network I'm a part of is.

But if I tell you the netmask - e.g. 192.168.1.10/24 or 192.168.1.10/255.255.255.0 - then you know it's part of a network of 256 addresses, running from 192.168.1.0 to 192.168.1.255.

If on the other hand I'd told you the netmask was 192.168.1.10/25 or 192.168.1.10/255.255.255.128 - then you'd know it was part of a network of 128 addresses going from 192.168.1.0 to 192.168.1.127.

And again, in every network, the very first address and the very last address are not usable for hosts, as they are reserved for other purposes.

You can also get plenty of other netmasks than the old simple Class A, B, C notation tells you. For instance I could just have easily told you my netmask was 192.168.1.10/28, in which case you'd then be able to calculate that the network I was a part of runs from 192.168.1.0 to 192.168.1.15, and conists of 16 IP addresses.

So just from looking at an IP you can't tell anything about the size of the network. And these days, there are far more netmasks and subnet sizes that are far more common than the old Class A/B/C notation.
This User Gave Thanks to drysdalk For This Post:
lobsang
 

3 More Discussions You Might Find Interesting

1. IP Networking

Subnetting

We have subnetted our Internal Network. We used an I.P. range of 172.16.16.0-254, 172.16.17.0-254, 172.16.18.0-254, 172.16.19.0-254 and mask 255.255.252.0. We created a subnet range of 172.16.10.0-254 and maske 255.255.255.0. Our routers are configure to route to approprate network. We are able... (2 Replies)
Discussion started by: cassy
2 Replies

2. IP Networking

Subnetting in 11 steps

As seen on Digg.com, here is my ip addressing article in full... Original Subnetting in 11 Steps article Subnetting in 11 Steps There are a few things that you will need to know first. I personally use 11 rules that I learned from Mike Vana. Below you will find the 11 rules as well as... (1 Reply)
Discussion started by: jking2100
1 Replies

3. IP Networking

Subnetting

Guys, Anyone could help me understand subnetting. I know a bit in networking but there are things that I don't get them easily. Thank You in advance. (1 Reply)
Discussion started by: etcpasswd
1 Replies

LEARN ABOUT DEBIAN

shorewall-exclusion

SHOREWALL-EXCLUSION(5)						  [FIXME: manual]					    SHOREWALL-EXCLUSION(5)

NAME

       exclusion - Exclude a set of hosts from a definition in a shorewall configuration file.

SYNOPSIS

       !address-or-range[,address-or-range]...

       !zone-name[,zone-name]...

DESCRIPTION

       The first form of exclusion is used when you wish to exclude one or more addresses from a definition. An exclaimation point is followed by
       a comma-separated list of addresses. The addresses may be single host addresses (e.g., 192.168.1.4) or they may be network addresses in
       CIDR format (e.g., 192.168.1.0/24). If your kernel and iptables include iprange support, you may also specify ranges of ip addresses of the
       form lowaddress-highaddress

       No embedded whitespace is allowed.

       Exclusion can appear after a list of addresses and/or address ranges. In that case, the final list of address is formed by taking the first
       list and then removing the addresses defined in the exclusion.

       Beginning in Shorewall 4.4.13, the second form of exclusion is allowed after all and any in the SOURCE and DEST columns of
       /etc/shorewall/rules. It allows you to omit arbitrary zones from the list generated by those key words.

	   Warning
	   If you omit a sub-zone and there is an explicit or explicit CONTINUE policy, a connection to/from that zone can still be matched by the
	   rule generated for a parent zone.

	   For example:

	   /etc/shorewall/zones:

	       #ZONE	      TYPE
	       z1	      ip
	       z2:z1	      ip
	       ...

	   /etc/shorewall/policy:

	       #SOURCE	       DEST	     POLICY
	       z1	       net	     CONTINUE
	       z2	       net	     REJECT

	   /etc/shorewall/rules:

	       #ACTION	       SOURCE	     DEST	 PROTO	       DEST
	       #						       PORT(S)
	       ACCEPT	       all!z2	     net	 tcp	       22

	   In this case, SSH connections from z2 to net will be accepted by the generated z1 to net ACCEPT rule.

       In most contexts, ipset names can be used as an address-or-range. Beginning with Shorewall 4.4.14, ipset lists enclosed in +[...] may also
       be included (see shorewall-ipsets[1] (5)). The semantics of these lists when used in an exclusion are as follows:

       o   !+[set1,set2,...setN] produces a packet match if the packet does not match at least one of the sets. In other words, it is like NOT
	   match set1 OR NOT match set2 ... OR NOT match setN.

       o   +[!set1,!set2,...!setN] produces a packet match if the packet does not match any of the sets. In other words, it is like NOT match set1
	   AND NOT match set2 ... AND NOT match setN.

EXAMPLES

       Example 1 - All IPv4 addresses except 192.168.3.4
	   !192.168.3.4

       Example 2 - All IPv4 addresses except the network 192.168.1.0/24 and the host 10.2.3.4
	   !192.168.1.0/24,10.1.3.4

       Example 3 - All IPv4 addresses except the range 192.168.1.3-192.168.1.12 and the network 10.0.0.0/8
	   !192.168.1.3-192.168.1.12,10.0.0.0/8

       Example 4 - The network 192.168.1.0/24 except hosts 192.168.1.3 and 192.168.1.9
	   192.168.1.0/24!192.168.1.3,192.168.1.9

       Example 5 - All parent zones except loc
	   any!loc

FILES

       /etc/shorewall/hosts

       /etc/shorewall/masq

       /etc/shorewall/rules

       /etc/shorewall/tcrules

SEE ALSO

       shorewall(8), shorewall-accounting(5), shorewall-actions(5), shorewall-blacklist(5), shorewall-hosts(5), shorewall_interfaces(5),
       shorewall-ipsets(5), shorewall-maclist(5), shorewall-masq(5), shorewall-nat(5), shorewall-netmap(5), shorewall-params(5),
       shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5), shorewall-rtrules(5), shorewall-routestopped(5), shorewall-rules(5),
       shorewall.conf(5), shorewall-secmarks(5), shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tcrules(5), shorewall-tos(5),
       shorewall-tunnels(5), shorewall-zones(5)

NOTES

	1. shorewall-ipsets
	   http://www.shorewall.net/manpages/shorewall-ipsets.html

[FIXME: source] 						    06/28/2012						    SHOREWALL-EXCLUSION(5)
All times are GMT -4. The time now is 07:13 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy