Eli5 – Subnet Mask

1.18K views
0

Hello, i know this question has been asked numerous times, but it never managed to truly explain it, and it’s quite frustrating.

So far i understand that a Subnet Mask is used to divide an internal IP address into a Network Portion and a Host Portion. I’ll make the SOHO example because that’s what i’m used to, never saw other networks.

My internal IP is [192.168.1.1](https://192.168.1.1) and the subnet mask would then be [255.255.255.0](https://255.255.255.0).

This would mean that only 254 hosts are possible in my network, right? Since the 1 is the Default Gateway and the last would be the Broadcast Domain.

I still don’t get the point in having a mask.

It is my understanding that when forwarding a frame, the gateway would AND the 2 things:

11111111.11111111.11111111.00000000 &

11000000.10101000.00000001.00000001

the result would be

11000000.10101000.00000001.00000000 ([192.168.1.0](https://192.168.1.0))

It’s all fine and dandy but… i don’t get why? Is this somewhat like an IF statement?

e.g. IF the first 24 bits are 192.168.1, THEN it’s inside this network? But why the extra mask then?

Also because with that logic, all internal IP addresses would then become [192.168.1.0](https://192.168.1.0)

​

The IP address range 192.168.1 is already private, why do i need another set of 32 bits for the subnet mask? 192.168.1 is already my inside network, so… it’s obvious that 1 would be my default gateway, i would be 2 and so on…

Is the subnet mask just a way to “make it obvious” to the router?

I really don’t get the sense of it, probably looking at it all wrong.

Thanks in advance

​

​

EDIT: Does it mean that in the routing table, my private IP is also associated to a subnet host? E.g. [255.255.255.4](https://255.255.255.4)? Because running ipconfig i don’t recall seeing my host address.

In: Technology

Because it’s a SUBnet… Meaning you could have more than one subnets on a network. You need to specify the range for subnets so you can treat them differently without having ip conflicts. Determining a subnet range allows for you to know what net a given ip address belongs to. A mask is one syntax to do that. Another is via Cidr IP ranges.

I think what you’re missing is the subnet mask isn’t always 255.255.255.0

The subnet mask tells you which part of the address is considered local and which isn’t.

What if you wanted a subnetwork of only 8 addresses, with everything else treated as remote, and those 8 local?

There’d be no way to really know this unless you specified a subnet mask of 255.255.255.248

The subnet mask is mostly used in the routing table. The routing table consists of a network IP address, a subnet mask, an optional gateway and a network interface. Whenever your computer have a network package to send out it will check if the outgoing address and the network mask equals the network address, if true then it will send the package to the gateway on the specified interface, or if no gateway is set then send the package directly to the recipient on that interface. The routing table is sorted by network mask so you can have multiple overlapping routes and it will pick the most specific route. This may seam quite trivial for single computers as you tend to have only two entries in the routing table, one for the local network and one for the Internet. However for more complex routers with multiple networks and multiple interfaces, most of the interfaces connecting to other routers with their own list of networks, you can see how this works. Some routers have hundreds of thousands of entries and the simplicity of the routing table with the subnet mask for easy lookup means that they can still handle vast amounts of traffic.

It limits broadcast traffic. You have 255 devices on one subnet. The switches etc. only have to transmit their broadcast traffic between those 256 devices. (by the way, .0 is a perfectly valid IP to use itself!).

Larger subnets increases the amount of devices and hence the amount of broadcast traffic. Broadcast traffic amplifies itself at the switch – you send one packet, but to send that out, the switches have to send 256 packets to different devices. It sounds tiny, but in any large network it quickly gets out of hand and impacts everyone. You want to reduce the size of, and the number of, broadcast packets at all times.

And actually 192.168.x.x is the private address. You could have 65536 devices. You can use them all. But most people less than 256 devices, so it’s a waste.

It’s a measure to make things manageable, memorable, leave room for other things (e.g. you might want your CCTV cameras on one IP range and your home network on another so that compromise of one doesn’t automatically lead to access to the other – more often done with VLANS in corporate networks but it’s a good idea to have different VLANs have different subnets, so that if they do ever get accidentally configured, they don’t affect each other), and reduce broadcast traffic.

If you want to see your broadcast traffic, run Wireshark on your local wired network (may not work properly on some wireless setups – you need “promiscuous” mode). You’ll see stuff pinging back and forth all the time. Printers advertising their presence, every device on your network enquiring about the physical address of every other device, etc.

256 devices talking to 255 other devices = a lot of broadcast.

When your computer wants to talk to another address, it uses the subnet mask to check whether that address is on the same network. If it’s on the same network, it tries to send a message directly to that address. If it’s not, it sends the message to a router which sends it to that address.

There may be switches, or wireless access points, in between your computer and another one on the same network. These are basically “invisible” to the computer so it looks like a direct connection.