IP Address Components
CCNA candidates need to be fluent in their understanding of IP addressing concepts. The following sections detail how IP addresses are organized and analyzed, with a view to answering subnetting questions.
Address Class
Early in the development of IP, RFC 791 designated five classes of IP address: A, B, C, D, and E. These classes were identified based on the pattern of high-order bits (the high-value bits at the beginning of the first octet). The result is that certain ranges of networks are grouped into classes in a pattern based on the binary values of those high-order bits, as detailed in Table 3.7.
TABLE 3.7 Address Class and Range
Class |
High-Order Bits |
1st Octet Range |
A |
0 |
1–127 |
B |
10 |
128–191 |
C |
110 |
192–223 |
D |
1110 |
224–239 |
E |
11110 |
240–255 |
You might notice that 127 is missing. This is because at some point the address 127.0.0.1 was reserved for the loopback (sometimes called localhost) IP—this is the IP of the TCP/IP protocol itself on every host machine.
Public and Private IP Addresses
As the popularity of TCP/IP increased, many organizations wanted to use it in their own networks, without paying to be connected to the Internet. The IETF published a Recommended Best Practice (RFC 1918) that defined several “private” IP networks that could be used by individuals, corporations, or other organizations without needing to pay to lease them from an Internet service provider (ISP). The tradeoff was that these networks were not routable on the Internet because these addresses were filtered from the route tables on Internet routers and so were unreachable from the Internet. They work exactly the same as any other IP address in every other respect; in fact, if they weren’t filtered they would work on the Internet too.
These address ranges will probably be familiar to you already, because every LAN you have ever joined likely used one of them. To access the Internet from a LAN using one of these private, non-routable networks, we have to go through a Network Address Translation (NAT) router. NAT is explained in Chapter 10, “IP Services.” Table 3.8 lists the private IP Address ranges. You should commit these to memory and be able to recognize them at a glance.
TABLE 3.8 Private IP Address Ranges
Class |
Range |
A |
10.0.0.0 to 10.255.255.255 |
B |
172.16.0.0 to 172.31.255.255 |
C |
192.168.0.0 to 192.168.255.255 |
Default Subnet Mask
Each class of address is associated with a default subnet mask, as shown in Table 3.9. An address using its default mask defines a single IP broadcast domain—all the hosts using that same network number and mask can receive each other’s broadcasts and communicate via IP.
TABLE 3.9 Address Class and Default Masks
Class |
Default Mask |
A |
255.0.0.0 |
B |
255.255.0.0 |
C |
255.255.255.0 |
One of the rules that Cisco devices follow is that a subnet mask must be a contiguous string of 1s followed by a contiguous string of 0s. There are no exceptions to this rule: A valid mask is always a string of 1s, followed by 0s to fill up the rest of the 32 bits. (There is no such rule in the real world, but we will stick to the Cisco rules here; it’s a Cisco exam, after all.)
Therefore, the only possible valid values in any given octet of a subnet mask are 0, 128, 192, 224, 240, 248, 252, 254, and 255. Any other value is invalid.
The Network Field
Every IP address is composed of a network component and a host component. The subnet mask has a single purpose: to identify which part of an IP address is the network component and which part is the host component. Look at a 32-bit IP address expressed in binary, with the subnet mask written right below it. Figure 3.1 shows an example.
FIGURE 3.1 IP address and mask in binary, showing network and host fields.
Anywhere you see a binary 1 in the subnet mask, it means “the matching bit in the IP address is part of the network component.” In this example, the network part of the address is 192.168.0.X, and the last octet (X) will be the host component.
Because there are 24 bits in a row in the mask, we can also use a shortcut for the mask notation of /24. These examples show how a dotted-decimal mask can be expressed in slash notation:
192.168.1.66 255.255.255.0 = 192.168.1.66 /24
172.16.0.12 255.255.0.0 = 172.16.0.12 /16
10.1.1.1 255.0.0.0 = 10.1.1.1 /8
This slash notation is sometimes called CIDR (classless interdomain routing) notation. For some reason, it’s a concept that confuses students, but honestly it’s the easiest concept of all: The slash notation is simply the number of 1s in a row in the subnet mask. The real reason to use CIDR notation is simply that it is easier to say and especially to type—and it appears interchangeably with dotted-decimal throughout the exam. CIDR notation also appears in the output of various IOS commands.
Every IP address has a host component and a network component, and the 1s in the mask tell us which bits in the address identify the network component.
The Host Field
If the 1s in the mask identify the network component of an address, the 0s at the end of the mask identify the host component. In the preceding example, the entire last octet is available for the host IP number.
The number of 0s at the end of the mask mathematically define how many hosts can be on any given network or subnet. The 1s in the mask always identify the network component, and the 0s at the end of the mask always identify the host component of any IP address.
Nondefault Masks
At this point, you should be able to recognize what class an address belongs to, and what its default mask is supposed to be. Here’s the big secret: If a mask is longer than it is supposed to be, that network has been subnetted. So, it is clearly another critical skill that you be able to spot those nondefault masks.
The Subnet Field
Because we have extended the subnet mask past the default boundary into the bits that were previously host bits, we identify the bits we “stole” from the host part as the subnet field. The subnet field is relevant because those bits mathematically define how many subnets we create. Figure 3.2 uses the same IP address from our previous example, but now we have applied a mask that is longer than the default. Note that this creates the subnet field.
FIGURE 3.2 IP address and non-default mask in binary illustrating the subnet field.
Figure 3.2 identifies the two extra bits past the default boundary as the subnet field—they used to be in the host field, but we subnetted and stole them to become the subnet field.