Thursday, July 4, 2013

Subnet mask training made easy with a cisco router and cmd line

In this blog, I will show you a simple cisco trick, that will  help you understand  subnet masks.

1st some background, when I started  out with IP, all of the systems that I used  ( unix ) ,  display the netmask as as some FFFFFFF hex value.

Yes,  was represented as 0xFFFFFF00 , and as 0xFFFFFFF0 and so on.

The old way of  quick counting was starting with a simple & common /24 & we all knew hexadecimal 0 -thru-F.

/25 = half of a /24
/26 = half of a /25 or a quarter of a /24
/27 = half of a /26 or 1/8 of a /24
/28 = half of a /27 or  1/16 of a /24
/29 = half of a /28 or 1/32 of a /24
and finally a /30 ....simple 4 address
If you don't know what a /32 is equal to, than skip this thread. You have major problems :)

Going smaller than a /24 prefix   ( less than  24 ) was also done in a similar way,  but now we following this approach;

/23 = 2x /24 ( 512 address )
/22 = 2x /23 or 4    /24s  ( 1024 address )
/21 = 2x /22 or 8    /24s  ( 2048 address )
/20 = 2x /21 or 16  /24s  ( 4096 address )

and so on.

So in my /15 that I will use later on & in this tutorial, that equals  512x  /24 or 2 /16 ( class B networks ) for a total of  131072 address.

See how easy that was?

Okay that might be strange approach nowadays, &  with the new generations of engineer, but  that was how us ole'school engineers started out.

1st  with understanding of Hex and  based  off a /24 ( class C ). The netmask, ultimately will determine your maximum size of  hosts for your network. So it's important to fully understand netmask.

Our current generation &  trends,  has the young engineers finding subnetting and /slash to decimal conversions very difficult. But in reality it's not.

If they would have started on a  Unix systems , this would probably have help these types of engineers learn subnetting & without no confusion imho.

I'm going to show you a cli trick that you can do to improve your   netmask  knowledge and training and it's only one simple commands  that anybody can do.

cli  terminal ip netmask-format

Okay let's execute this command on the cli and see what's our options;

terminal ip netmask-format  ?
  bit-count    Display netmask as number of significant bits
  decimal      Display netmask in dotted decimal
  hexadecimal  Display netmask in hexadecimal

Okay what does the above means?

bit-count =  /XX where  XX is the number of bits in the mask. A would be respresented as /24 or 24 bits to form the mask.

decimal =  our standard format ( that everybody comfortable with )

and finally   

hexadecimal  =  our 0xFFFFFF00 or what our earlier IP pioneers used to use :)

So let's say you are working on a router , and  using a netmask that you are not yet comfortable with. Or maybe your confused as to what the decimal dot format should be.  So let's say you have a /15
( who in the hell uses a /15 on a regular basis ?, unless your in a service provider role )

So you need to install a static route for that network,  and you have no clue as to what the mask should be, but you know what a  /16 ( class B network  ) or a /24 ( class C ) should be, but  a /15 is odd & strange for you.

So let's change our  display type, &  to represent  /XX "bit-count".

 Okay now when we  show  our interfaces and  route  tables, it will display as a /XX format.

 Let's check it out,  by plumbing a few loopbacks  with different masks to see what I'm talking about.

Okay so let's check the bit /XX mask and see if we got /15 in  the above output ?

Nope, no /15 mask.

So we know the above  netmasks  combinations of and don't match a /15 netmask.

So now let's try a shorter netmask.

Bingo we got it. A /15 == a netmask of

Guess what? The route table will display the same.


vrs  the decimal format

This is little trick can help you in a crunch & if your confused as to the netmask conversion. In reality, we should know all three methods and should know how to convert on our finger tips or a piece of paper.

Now for the grand finale, most unix systems still today display  hexadecimal and this is really a bummer for you  non hexadecimal speaking engineers :)

Here's one of my  BSD  cloud vm-machine;

So learn how to use Hex

Ken Felix
Freelance Network/Security Engineer
kfelix -at- socpuppets    insert-dot-here  com

   ^       ^
=( *    * )=
    /     \