I have problem Where I have given two IPv4 address and I have to calculate best possible network between them . For example I have 10.240.204.160 and 10.240.220.160 and I have to find all minimum available subnets between.
Please note that these two IP addresses are not CIDR notation.
The solution which I thought .i.e
get the number of host between them (it is 4096 here)
find set bit in 4096 which is 12th bit
Now create a subnet mask of 20 i.e 255.255.240.0
This way I will get subnet masks in between those two IP addresses
Now the question is suppose I got 255.255.240.0 then anding it with start IP it will give network 10.240.192.0/20 which will serve
10.240.192.1 to 10.240.207.255 but I started with 10.240.204.160 to 10.240.220.160 hence It would be breaking wrongly
Feels like I will be doing huge mistake If I go with my version of story.
Anyone here please help me.
I was looking for pre-made code and stumbled on this thread. I ended up writing the following in python. You always have the chance that you will span 2 subnets. You were just missing the last step here to check and expand by one bit on the netmask if necessary.
def calc_inclusive_subnet(ip1, ip2): #accepts 2 IP strings
#make IP Address objects
ip1_obj=ipaddress.IPv4Address(ip1)
ip2_obj=ipaddress.IPv4Address(ip2)
if ip1_obj<=ip2_obj:
min_ip=ip1_obj
max_ip=ip2_obj
else:
min_ip=ip2_obj
max_ip=ip1_obj
distance = int(max_ip)-int(min_ip)
ip_range=0 #increment powers of 2 until you have subnet distance
while 2**ip_range < distance:
ip_range += 1
net = ipaddress.IPv4Network(str(min_ip) + '/' +str(32-ip_range), strict=False)
if max_ip not in net:
# i.e. if the distance implies one size network, but IPs span 2
ip_range+=1
net = ipaddress.IPv4Network(str(min_ip) + '/' +str(32-ip_range), strict=False)
return net
You're using the wrong mask. You should use a /19 instead of /20.
A /20 offers you 16 subnets. Simple math learns us 192+16 = 208 (192 is the result of 0 + 16 = 16, 16 + 16 = 32, 32 + 16 = 48, etc)
A /19 offers you 32 subnets --> 192 + 32 = 224
Keep in mind 224 is the start of the next network. Your /19 network will have subnets starting from 10.240.192.0/24 to 10.240.223.0/24.
10.240.204.160 and 10.240.220.160 belong to the 10.240.192.0/19 network.
Related
While learning about CIDR and subnets, I have found tables like the next one:
Subnet mask
Available networks
Available hosts
255.0.0.0
1
16,777,214
255.128.0.0
2
8,388,606
255.192.0.0
4
4,194,302
Since I have 8 bits for my network part, I thought that I had 2^8 possible networks...
What if I need a 254.0.0.0 mask (/7)? Does that mean that I have 0 available networks? And if I need an 252.0.0.0 (/6)?
I can understand how to calculate the number of hosts: 2^n -2 where n = number of bits for the host part, so In case of an /8, I have 2^24 - 2 possible hosts, but again, I am confused with the amount of networks...
I have read a number of articles and posts about VPCs, CIDR and subnets but I still find the explanations confusing.
Many of the explanation can't help avoiding using domain knowledge or technical terms.
Is there a more basic explanation for someone who gets basic programming, binary, etc. ?
I am wondering in the context of aws VPCs.
How does a CIDR represent an IP address range ?
Start with an IP address:
xx.xx.xx.xx
This actually represents Four 8 bit numbers.
With a dot between each.
As they are 8 bit numbers, they can be from 0 up to 255 (decimal).
They are frequently shown as xx.xx.xx.xx because this is referring to them as four 8 bit numbers, shown in hexadecimal (base 16) format. In 'hex' format 255 (decimal) is written as FF
So the numbers range from 00.00.00.00 to FF.FF.FF.FF - in hex
Or 0.0.0.0 to 255.255.255.255 in decimal
For the purpose of considering how many IP 'addresses' this represents - i.e. how many individual IP addresses - you can do 255 * 255 * 255 * 255 which is 4228250625. Because you have used FOUR 8 bit numbers you multiply them together to produce that number. It is 2*32. You'll notice that the 32 is 8 + 8 + 8 + 8 and that is the four 8 bit numbers in xx.xx.xx.xx
OK, so now to CIDR. Where all the above 8 bit, base 16 and hexadecimal / binary information will be useful...
So a CIDR is a range of IP's.
For example you might want a range of 10.0.0.0 to 10.0.0.255 which is 255 IPs. You can write this using the above format, i.e. 10.0.0.1 to 10.0.0.255 but there is another way to do it and that is by using CIDR - Classless Inter Domain Routing. Lets stick with calling it CIDR. so with CIDR you refer to a range using a format like this:
10.0.0.0/24
and that means the range 10.0.0.0 to 10.0.0.255, i.e. 255 numbers.
So has does that work ? !
ok, first we are given which might be thought of as the starting address of the range - 10.0.0.1, although this is actually a bit misleading because the CIDR number is going to affect it.
So lets go piece by piece.
The "/24" refers to the number of bits on the left that stay fixed.
This is probably the hardest but also most essential piece to understand.
So taking "24". this means (conveniently with 24!) that you consider the first 24 bits, i.e. the 10.0.0 to be fixed (see bitmask). Only the last 8 bits of the xx.xx.xx.xx can change, i.e. you have a range and it is from 10.0.0.0 to 10.0.0.255
Here's one of the most surprising facts initially:
The larger the CIDR number, e.g. /28, /30, etc. the smaller the available range of IP addresses !!!
This is because the /nn CIDR number refers to how many bits are FIXED and the more bits are FIXED the less bits are can be changed to produce a range, and thus the smaller the range. This is why with /32 there is NO range because you are saying all 4 xx.xx.xx.xx numbers (8 + 8 + 8 + 8 = 32) are fixed. Whereas with 10.0.0.1/24 you can have from 10.0.0.0 to 10.0.0.255 because the 24 indicates the first three numbers (again 8 + 8 + 8 bits = first 3 numbers) are fixed) and only the last 8 bits, i.e the 'zz' in xx.aa.bb.zz can change for this range. One more example: 10.0.0.0/16 (so first two 8 bit numbers are fixed) means 10.0.0.0 to 10.0.255.255.
Because this behavior is due to a netmask 10.0.0.0/24, which produces the range 10.0.0.0 to 10.0.0.255 would produce the same result if you supplied 10.0.0.0/24, 10.0.0.73/24 or 10.0.99.17/24
See an online converter at https://ipaddressguide.com/cidr
With aws you are given 10.0.0.0/16 as your VPC which means the "10.0" part will stay fixed. so that means if you want a subnet within that you want something smaller such as 10.0.0.0/24 or 10.0.1.0/24 of which you will be able to have many.
The next thing that may be a bit unexpected is that within a VPC subnets must not overlap. However you can have multiple VPCs using that range. The second piece takes some explanation:
There are three IP ranges set aside as PRIVATE so they are never used 'publicly'. These lets each network use those as 'internal' addresses. They are the, probably familiar
10.0.0.0 to 10.255.255.255
172.16.0.0 to 172.31.255.255
192.168.0.0 to 192.168.255.255
So when you get a VPC that uses a 10.0.0.0/16 range you are getting ONE private network within "a' network. As if you were 'one' user at home using your single network. You can create another VPC because that uses another network (like having a second router in your house) and on that network 10.0.0.0./16 is available.
You currently have a default limit of 5 VPCs per region. As each VPC is using private subnet ranges, they can actually be the same for different ones as well as different, however if you ever want the VPCs to be able to communicate with each other (using VPC peering) this will be a problem because the subnets can't overlap when you do that (otherwise the router wouldn't know which subnet to pick for a given address that exists in both).
Any other corrections I am happy to incorporate wiki-style. I am not defending my knowledge, just trying to share what I think I know and help others understand this confusing concept!
Here's how you do it in aws:
Nope! You have to avoid within 10.0 - the existing public subet !
Result
The issue below is entirely for revision/practice purposes and not homework. I'm just trying to wrap my head around how I would answer this as it could show up in an exam.
I have a problem where I'm given the base address 172.16.10.0 /22
I need to create an IP address scheme where the network contains equal sized subnets of up to 120 hosts each.
I have some experience with subnetting an address into a particular number of subnets, but I've never had to do it where the subnets must support a particular number of hosts (in this case 120).
From the 172.16.10.0 /22 I can tell it's a class B address, then with 10 host bits 2 to the power of 10 minus 2 makes 1,022 possible hosts.
I'm not sure if this is the right way to start but any help would be great.
Thanks
One way is to remember that each /24 has 256 addresses (minus network and broadcast). A /23 has 2 x /24 and one /22 has 2 x /23.
Each /24 if divided in 2 means 2 x /25 . If one /24 has 256 addresses, the /25 has 128, which is closer to what you need.
So 1 /22 = 2 /23 = 4 /24 = 8 /25 .
So you could use 8 x /25, each with a max of 128 addresses or 126 host addresses.
Good morning, so basically I am working with Packet Tracer atm and have 3 subnet plans assigned(management(104users), staff(43 users) and admin(35 users)). I have an ip address range of:38.191.0.0 and subnet mask of 255.255.255.0. I want to produce that subnet plan but with the most efficient use of the ip address range provided above. Could anyone give me a brief idea of how to transform that range to the most efficient use of the IP addresses? Thank you very much. The diagram looks as follows:
(Answering in anticipation of this getting moved to a different SE site)
Given the size of your three groups (104, 43, 35) the only reasonable split is to allocate each of them to the next higher power of two, specifically (128, 64, 64) making that a /25 and two /26 blocks with nothing left over.
Note that this gives you 22 spare addresses in the first block, 19 in the second and 27 in the last.
p.s. is 38.191.0.0/24 really your netblock?
I'm trying to understand subnet masks. I was given the question below and chose the answer of /30 since it seems that each subnet needs only one host IP. /31 was not a possible answer. However, the answer is /29. Can anyone clarify why that is correct?
"Which of the following would the security engineer set as the subnet mask for the servers below to utilize host addresses on separate broadcast domains?"
Server 1: 192.168.100.6
Server 2: 192.168.100.9
Server 3: 192.169.100.20
Convert everything to binary:
6 = 00000110
9 = 00001001
20 = 00010100
OK, so mask of 29:
29 = 00011101
30 = 00011110
The only difference between those two is which of the two lower-order bits of 6 and 9 you examine.
So I'd agree with you that, without further information, either 29 or 30 is a valid answer.
A /29 mask provides 6 usable addresses and creates the following subnets.
192.169.100.0 - 192.169.100.7
192.169.100.8 - 192.169.100.15
192.169.100.16 - 192.169.100.23
A /30 mask provides 2 usable addresses and creates the following subnets
192.169.100.0 - 192.169.100.3
192.169.100.4 - 192.169.100.7
192.169.100.8 - 192.169.100.11
192.169.100.12 - 192.169.100.15
192.169.100.16 - 192.169.100.19
192.169.100.20 - 192.169.100.23
So /30 isn't an option because the 192.169.100.20/30 is a network address and not usable as server IP address. /29 is the correct answer!