CCNA Study Guide Chapter 5 Summary

Chapter 5 began with a look at IP addressing basics. This included an overview of the binary-decimal conversion process. It continued with an introduction to classful IP addressing, where we outlined how the five classes of addresses are identified, and the number of hosts that each address range supports. The number of available Class A, B, and C networks were also calculated.

An overview of IP addressing rules outlined the eight key rules with respect to host addressing, such as the rule that mandates that the host portion of an address cannot be set to all binary 0s or all binary 1s. The concept and purpose of a subnet mask was introduced, including its relationship to IP addresses in defining the split between the network and host portion of an address. Default subnet mask values and when they are used were also examined.

A look at private IP addressing provided insight into the flexibility that using these addresses provides to organizations, as well as their purpose in helping to avoid the exhaustion of the current IPv4 address space. The special subnet masks associated with the three private ranges were also examined, along with the ranges of addresses that each supports.
An overview of subnetting provided insight into reasons for deciding to subnet a network. It continued by determining the subnet and host per subnet requirements that should be determined when characterizing a network. The process for determining custom subnet masks was covered in detail, including an overview of how bits are stolen from the host portion of the mask in order to allow subnets to be defined within the address space. Calculating the number of subnets and hosts per subnet available based on a given mask value was also looked at.

Next we looked at defining the ranges of addresses that were valid on a given subnet, including the process for determining the beginning and the end of a given range. This included an overview of ranges associated with Class A, B, and C addresses in custom subnetting situations. A subnetting challenge question was used to show how even questions that appear difficult are easy to solve if the rules outlined are followed.
The subnetting shortcut provided an overview of a quick and easy method of determining both custom subnet masks and their associated address ranges. It can be used as a simple reference for exam purposes.

The process of determining whether hosts are local or remote to one another was looked at next. We learned that the ANDing process provides a way to not only determine whether hosts are local or remote, but also to find the network ID associated with a given IP address.
A look at classless addressing provided insight into how addresses are now more commonly looked at in this manner rather than by class. An overview of CIDR provided insight to supernetting, address aggregation, and slash notation.

Classless Inter-Domain Routing (CIDR) aka Supernetting

Recall that classful addresses are decidedly wasteful in the way they allocate addresses –even an entire Class B address range is too large for most companies. To make matters worse, a Class C block is so small that many companies would require many Class C ranges as a viable alternative. On the public Internet, routing tables were becoming extremely large, which in turn was affecting routing performance. A new solution was required to deal with the public address space more efficiently, and came about via a method referred to as Classless Inter-Domain Routing (CIDR).

CIDR is sometimes referred to as supernetting. While subnetting involves taking an address space and breaking it up into a number of smaller networks, supernetting is first and foremost a network aggregation scheme. For example, by supernetting four network addresses together, you can actually make them appear to be one network, as opposed to four. Again, this is all accomplished by playing with the subnet mask values.

CIDR has its own notation for dealing with subnet masks, and you may already be familiar with it. Instead of taking the time to say network with a subnet mask of, CIDR notation truncates the subnet mask to what is known as “slash” notation. In this example, the network would be identified as The “/16” value refers to the fact that the first 16 bits in the subnet mask are all set to values of binary 1.

Figure: Determining CIDR notation based on a subnet mask.

This really is a more efficient way of referring to a network. For example, if we had a network address of with a mask of, in CIDR notation it becomes Again, the /25 means that the first 25 bits of the subnet mask are set to binary 1.

But what is supernetting really? Well, imagine a routing table on a large Internet backbone router. This router needs to know how to get to all public networks. If a certain company has been given many different network IDs (for example, an ISP might have 8 Class B network IDs), a minimum of 8 routing table entries would be required, just to be sure that these 8 networks could be reached. As routing tables get larger and larger, routing performance is definitely impacted. Supernetting provides a way to “collapse” or “summarize” those 8 entries into a single entry, by altering the subnet mask value.

Tip: Supernetting allows contiguous network addresses to be summarized into a single routing table entry through the use of a custom subnet mask.
The first requirement to supernet addresses together is that network addresses must be contiguous. For example, you could supernet together networks and, but not networks and

Classless IP Addressing

By now you’re familiar with the concept of classful addresses, where the default network and host portions of a network address can be easily identified by the value found in the first octet. While the classful system is simple and convenient, the scheme brings about some problems – mainly inefficiently large routing tables, and a wasteful use of the available 32-bit address space. In order to compensate for this, the idea of classless addressing was developed.

A classless address is just that – addressing without the common Class A, B, or C designations. Instead, classless addressing doesn’t assume any class – it always includes the associated subnet mask (also referred to as the network “prefix”) in order to determine the network portion of an address. Recall how classful addresses have a default subnet mask associated with them. In the classful world, routers could just assume the class of an address based on the network ID. In the classless world, subnet mask information must always be provided when routers exchange information with each other. Some routing protocols, such as the Border Gateway Protocol (BGPv4) and OSPF, support classless addressing. Others, like RIP version 1, do not. In Chapter 8 we’ll look at routing protocols and their support for classless addressing in more detail.

Determining if Network Hosts are Local or Remote (ANDing)

We spent time determining the valid ranges of addresses on a given subnet for a reason. Recall from our earlier look at TCP/IP communication that when a host wishes to communicate with another host, it must first determine whether the destination is local (on the same subnet) or remote (on a different subnet). In cases where hosts are local, they can communicate directly. In cases where the destination host is on a different network, the packets must be sent to a router, who will then forward them along on their journey to the destination network.

In order to determine whether a destination host is local or remote, a computer will perform a simple mathematical computation referred to as an AND operation. While the sending host does this operation internally, understanding what takes place is the key to understanding how an IP-based system knows whether to send packets directly to a host or to a router.

An AND operation is very simple – two binary digits are compared, and the based on their combination, a resultant value is formed. It is neither adding nor subtracting, so do not consider it as such. In the most simple terms, there are only three possibilities when ANDing two binary digits. The list below outlines these operations and their results.

0 AND 0 = 0

0 AND 1 = 0

1 AND 1 = 1

Notice that when the binary digits 1 and 1 are ANDed, the result is 1, and that any other combination produces a result of 0.

The question now becomes how this is actually used. When a host wishes to figure out whether a destination host is local or remote, it goes through the following steps.

  1. The host takes its own IP address and ANDs it with its own subnet mask, producing a result.
  2. The host then takes the destination IP address and ANDs it with its own subnet mask, producing another result.
  3. Finally, the host compares the two results. In cases where the ANDing results are identical, it means that the hosts reside on the same subnet. In cases where the results are different, it means that the destination host is remote.

Consider this example. Computer A has an IP address of with a subnet mask of It wishes to communicate with host In order to determine whether this destination is local or remote, it will go through the ANDing process. Its IP address and subnet mask are lined up in binary, and then vertically compared to find the AND result. The same is then done for the destination address, again using the subnet mask of the source host. This is illustrated in the figure below.

Figure: The ANDing process.

Notice that when the resulting AND values are converted back to binary, it becomes clear that the two hosts are on different networks. Computer A is on subnet, while the destination host is on subnet, which means that Computer A will next be sending the data to a router. Without ANDing, determining local and remote hosts can be difficult. Once you’re very familiar with subnetting and calculating ranges of addresses, recognizing local and remote hosts will become much more intuitive.
Whenever you’re in doubt as to whether hosts are local or remote, use the ANDing process. You should also notice that the ANDing process always produces the subnet ID of a given host.

The Super-Handy Subnetting Shortcut Table

If you’ve been watching closely, you may have noticed the very clear pattern that develops when attempting to determine address ranges. Now that we have the long method out of the way, we can take a look at a quick shortcut. With any given subnet mask value, there is always an associated multiple at which new subnets will start. For example, if you are using the network ID, and a subnet mask of, subnetting is clearly taking place in the third octet. When a custom value of 252 is used in a mask, new address ranges always move in multiples of 4 in the third octet. For example, the first three ranges of addresses in this example would be:

  • –
  • –
  • –

Of course, we could calculate these the old fashioned way, breaking everything down to binary and then working from there. However, the pattern that exists can easily be put into a table to help you recall mask values and address range multiples quickly and easily, as illustrated in this subnetting shortcut table:

Bit 1 1 1 1 1 1 1 1
Mask 128 192 224 240 248 252 254 255
Range Multiples 128 64 32 16 8 4 2 1

So what does this table tell you? Well, imagine that you were given the network ID with a subnet mask of If you used the table above, you could quickly determine the multiples at which new address ranges start. Simply look for the value associated with the custom mask in the Mask row – in this case 224. Now look in the Range Multiples row directly below 224, and you’ll notice the number 32. When a custom subnet mask of 224 is used, new ranges always start at multiples of 32 in the second octet. So, in our example, the first three ranges of addresses would be:

  • –
  • –
  • –

While the table above works perfectly for Class A and B address ranges, it does present a small issue for Class C address subnetting. Recall that Class C addresses use only the last octet for subnetting. The table can still be used for these addresses, but with one small adjustment – you’ll need to add 1 to the beginning of every range and subtract one from the end to account for the network ID and broadcast address.

For example, imagine the address with a subnet mask of In this case, according to our table, the ranges should begin at multiples of 16. This is still true, and the first three subnet IDs would be:


However, calculating the ranges means remembering that simple rule I just outlined. Add one to find the beginning of the range, and subtract one from what you might normally consider the end of the range. For example, the first range would go from up to This is because the “normal” end of the range ( is actually the broadcast address for that subnet, where the host ID is set to all binary 1s. Altogether, the first three ranges in this example would be:

  • –
  • –
  • –

All thing considered, the shortcut table provides a simple and effective way of recalling the address range starting points associated with a given custom subnet mask. It should be helpful as a quick reminder if jotted down before you write your exams. Just remember that when in doubt, always go back to the binary method.

Subnetting Challenge

To make things interesting, let’s go through what I consider to be a tough subnetting question. To be honest, if you can follow this question and understand what you’re doing, there isn’t a subnetting question I can ask that you can’t answer. We’re going to go through it step-by-step, just to be sure that you’re clear on determining the correct subnet mask, and the ranges of hosts on the first, second, and last subnets.

In this scenario, we’re going to assume a network ID of You should already be familiar with its default mask. Our requirement is to have at least 4000 subnets. Our goal is to determine both the custom subnet mask, as well as the first, second, and last ranges of host IDs.

Let’s start with the custom subnet mask. Since we need 4000 subnets minimum, we need to determine how many bits are required. It should already be obvious that we’ll need to move beyond a single octet, since 8 bits will only provide a maximum of 256 subnets. If we try 10 bits, we come up with a value of 210-2 or 1022 subnets, obviously not enough. 11 bits provides 2046 subnets and 12 bits 4094 (212-2). Obviously 12 bits meets out requirement, so that’s what we’ll use.

Recall that the default subnet mask for the private network address is If we add an additional 12 bits, the mask becomes, as shown in the figure below.

Figure: Network, subnet, and host portions based on the custom subnet mask

Now that we know our custom mask, let’s determine how many hosts we can support per subnet. From the diagram above, we have 12 host bits remaining, giving us a maximum of 212-2, or 4094 hosts per subnet.

Our next goal is determining the first valid range of IP addresses. Don’t get thrown off by the fact that the subnet portion of the address spans one and a half octets. If we simply follow the same rules as before, we’ll be fine. In this case, set all 12 subnet bits the lowest non-zero value, and determine the first and last valid host addresses, as shown in the figure below.

Figure: Defining the IP address range for the first subnet.

Notice that the first valid range of IP addresses on subnet goes from up to The second subnet will start when we set the 12 bits of the subnet ID to 00000000 0010.

Figure: Defining the IP address range for the second subnet.

The second valid range of addresses becomes to The broadcast ID for this subnet is

The subnet IDs will continue to increase until the last range is reached – remember that this occurs when the subnet ID is set to the highest value that is not all binary 1 values – in this case, 11111111 1110.

Figure: Defining the IP address range for the last subnet.

As such, our last valid subnet is subnet ID, with an address range from up to Remember that in between the three subnets that we’ve looked at, another 4091 subnets exist.

Defining Valid IP Address Ranges for Subnets

Once you’ve managed to define a custom subnet mask that meets your requirements, the next step is calculating the ranges of IP addresses that are valid for a given subnet. Remember that after a custom subnet mask is defined, you have actually turned one big network address space into a number of smaller sub-network address spaces. Because of this, certain addresses will no longer be considered local to one another.

Calculating ranges of addresses isn’t difficult, but we’ll again need to go back to binary to understand how this is accomplished.

Consider the example of network with a custom subnet mask of Remember that this is one of the private address ranges outlined in RFC 1918, and the default mask is in this case. To begin, we’ll need to convert the subnet mask to binary, and define the network, subnet, and host portions, as shown in the figure below.

Figure: Network, subnet and host portions based on the custom subnet mask

Notice that the first 16 bits represent the network, the next 5 define subnets, and the last 11 are used to uniquely identify hosts on a subnet.

Since 5 bits are used to define the subnet portion of the address, this gives us 25-2 or 30 possible subnets. Each subnet can support 211-2, or 1022 unique hosts. Calculating the range of available addresses for each subnet involves beginning with the first subnet that is not all binary 0s, and then looking at the additional subnets. In this case, the first subnet is defined as the one where all but the last bit is set to binary 0. The first host on the 00001 subnet will be the lowest host value that is not all 0s, since the all 0s address identifies the subnet. The highest address in a range will be the highest host value that is not all 1s, since that value is reserved for broadcasts. I know this can be a little confusing, so take a look at the example in the figure below.

Figure: Defining the IP address range for the first subnet.

If you take the addresses in the figure above and convert them back to decimal, you’ll see that the range of IP addresses available on the first subnet are those from up to

Calculating the next range of addresses requires that we change the subnet ID to its next lowest value. In this case, it would be 00010. To make things easier, consider this to be an isolated 5-bit binary number. The first subnet is 1; the next is 2, then 3, then 4, and so forth. In this way, the first five subnet IDs in our example would be those listed in the table below.

Subnet ID Decimal Value 00001 1 00010 2 00011 3 00100 4 00101 5

Notice that each subnet simply increases by a value of 1 when we consider it as an isolated 5-bit number. This would continue all the way up to 11110, at which point we run out of subnets. Remember that according to Cisco, the subnet IDs of all binary 0s and all binary 1s should be avoided.

Our example continues by calculating the ranges for the second and third subnets. Notice in the figure below that the subnet ID has changed for each, but that we still always include the lowest and highest possible host values – the beginning and end of each range.

Figure: Defining the IP address ranges for the second and third subnets.

The table below outlines the first three address ranges, along with the subnet ID (when the host bits are all set to binary 0) and the broadcast address for that subnet (where the host ID is set to all binary 1).

Subnet ID Address Range Broadcast Address – – –

If you look closely, you should notice a pattern developing – each new subnet (in this example) starts at a multiple of 8 in the third octet, and each ends just before the next multiple of 8. In this case, the fourth subnet would begin at the next multiple of 8, and go up to just before the next multiple of 8 in the third octet. Since the next multiple of 8 is 40 (and represents the beginning of the next subnet), it must end at 39, or

The pattern with multiples of 8 only occurs with a 248 custom mask value. With different masks, different multiples will become clear.

Let’s try another example. We’ll use the address with a subnet mask of With this example, there are 8 bits used for subnetting, leaving 16 bits for hosts. The figure below outlines the first three ranges of addresses in this example, beginning with the first subnet – 00000001 in the second octet.

Figure: First three address ranges for the address using the custom mask

In this case, the ranges move in multiples of 1 in the second octet – the first subnet is 1, the second is 2, the third is 3, and so forth. It would be safe to say that the fourth subnet will be the range between – Once you’ve found the multiple, determining the ranges is much easier. The first three subnet IDs, address ranges, and the broadcast address on each subnet are shown in the table below.

Subnet ID Address Range Broadcast Address – – –

Some people find Class C address ranges a little trickier to deal with, but if you follow the rules, they are no more difficult that any other range. For example, let’s say that we have the network address with a subnet mask of We know that subnetting occurs in the fourth octet in this example, and that we have 4 subnet bits and 4 host bits. The first subnet will again be lowest non-zero value, or 0001. The first host in each range will be the first non-zero value, and the last host the highest value that is not all binary 1s. The figure below outlines the first 3 ranges in this case.

Figure: First three address ranges for the address using the custom mask

Notice that the values in the ranges look a little different when converted to decimal, as illustrated in the figure above. This is because the subnet IDs end in non-zero values.

Subnet ID Address Range Broadcast Address – – –

If you’re confused by this example, it’s probably because of the oddities that seem to occur in the ranges. For example, why is not a valid IP address when a subnet mask of is used? Look again at what happens when you convert this address to binary – the host portion is all binary 0s, which we already know is not allowed! The key to understanding address ranges is always the same – when in doubt, break everything down into binary. Looking at addresses in decimal only will often make things much more confusing than they need to be.

Defining Custom Subnet Masks

In this section we’re going to look at the process for custom subnetting Class A, B, and C network addresses. The good news is that the process is all just mechanics – if you follow the steps, you will always be able to define a custom subnet mask that meets your requirements.

When defining a custom mask, we always start with the default mask for the class of address that we’re working with. For a Class A address, the default mask is Recall that when the default subnet mask is used, it means that no subnetting is currently taking place.

In order to define sub-networks, we’ll need to play around with the value of the subnet mask. The extent to which the mask is changed will impact both how many subnets we can have, and how many host addresses will be available on each subnet. Creating a custom mask is accomplished by what I refer to as “stealing bits”. We’re literally going to create another division within the address space in order to identify our subnets.
Consider the basic example in the figure below. In it, the subnet mask clearly defines the boundary between the network and host portion of the IP address shown.

Figure: Subnet mask defining the division between the network and host portions of an IP address.

In order to define subnets, we’ll need to extend the subnet mask. Notice that currently, the boundary between the network and the host portion of an address is defined by where the binary 1s stop – again, you really need to look at this in binary, or it really won’t make sense. To create our custom mask, we’re actually going to start replacing some of the subnet mask 0s with 1s, beginning on the left and moving to the right. In this way, we are “stealing” bits from the host portion of the address space, in what is referred to as “high order”.


We’ve already looked at the basic idea of a subnet mask – we know that it is used to define the separation between the network and host portion of an IP address. The next step is looking at how we can define a custom mask to meet the requirements of a particular network. Before we go there, we need to define what subnetting is really all about.

If you’re already familiar with Windows, you have probably experienced how some versions will automatically populate the subnet mask field after you’ve entered an IP address. By default, the subnet mask provided is usually the default mask for the class of address that you’ve entered. The default subnet mask is used in cases where you are not subnetting a network – meaning the entire address range is considered to be part of one big, single network.

When you custom subnet a network, what you are actually doing is logically breaking up the IP address space into a number of smaller (or sub) networks. Reasons for doing this vary, but generally fall into a three main categories. These include:

  • Facilitating better performance. By breaking one big network up into smaller networks, traffic on each network is reduced, resulting in better performance.
  • Simplifying management. In cases where a network is broken down into smaller networks, management complexity is reduced, making troubleshooting and monitoring easier.
  • Spanning geographical distances. Because many network environments today consist of geographically dispersed but interconnected networks, subnetting allows remote locations (and the WAN links between networks) to be considered as individual networks, resulting in better performance.

Defining a custom subnet mask isn’t terribly difficult, but there are a number of factors that you will need to consider prior to getting started. Most of these factors center on properly characterizing the network, as well as accounting for future growth. In order to accomplish this, you need to be aware of the following:

  • Each subnet that you define will require a unique subnet ID, as will each WAN link.
  • Each host and each router interface will require a unique IP address

Consider the simple network in the diagram below. Notice that it consists of two small LANs with a dedicated WAN link between the locations.

Figure: Small Company with 2 LANs and 1 WAN link.

Given the scenario above, how do we calculate how many subnets we require? You should immediately assume one subnet for each LAN and one for the WAN link, or 3 total. Recall, however, that you also want to account for future growth. What if the company purchases another company, or decides to open additional offices? It’s generally a good idea to account for more subnets that your immediate needs dictate.

Next, imagine that each office has 10 computers and a router for the WAN connection. In each office, it makes a basic requirement of eleven IP addresses, one for each computer, and one for the local router interfaces. Obviously this number doesn’t account for growth, which should also be factored in. Don’t forget the WAN link either – although it only connects two devices, it still requires its own subnet and two IP addresses. The figure below outlines the subnet and IP address requirements.

Figure: Subnet and IP address requirements.

After we’ve gathered the data on the number of subnets and IP addresses required on each, we’re ready to begin the real work – defining a custom subnet mask.

Private IP Addresses

Based on the incredible growth of the Internet, it soon became evident that the IP address space would quickly become exhausted if the growth continued. To account for this, the IETF looked for ways in which the address space currently available could be extended. A future solution exists in the form of IP version 6 (or IPv6 for short), which uses a much larger 128-bit addressing scheme. In order to deal with the issue in the shorter term, it was decided that certain address ranges would be deemed “private”. Private IP address ranges are defined in RFC 1918.

The idea behind private ranges of IP addresses is surprisingly simple – certain IP address ranges would be dedicated and limited to use for hosts on private networks. These addresses would no longer be considered valid (or be routable) on the public Internet. Instead, companies could allocate addresses in these ranges as they saw fit, with the address ranges open and available to everyone. Private IP addresses are a practical solution, since companies can use technologies such as Network Address Translation (NAT) or Proxy servers to connect their private networks to the public Internet. When these technologies are used, a single public IP address can be used to connect an entire organization to the Internet. NAT will be looked at in detail later in the series. For the time being, the figure below shows a network that connects to the Internet using only a single public IP address.

Figure: Network using NAT to connect to the Internet.

To the outside world (the public Internet), all requests from within the company above appear to be coming from the single public IP address.

Three ranges of private IP addresses are defined in RFC 1918. The ranges defined have been allocated custom subnet masks that define their network and host portions. The lists below outline the private IP address ranges defined in RFC 1918.

Network Address: Subnet Mask: Range of Addresses: –

Network Address: Subnet Mask: Range of Addresses: –

Network Address: Subnet Mask: Range of Addresses: –

Notice the second private network address, with a subnet mask of It’s easy to immediately react and consider this to be a Class B address, based on the fact that the first octet value falls into the 128-191 range that we learned earlier. Instead, the private portion of this address range only goes as high as Addresses beginning with network are actually valid, public IP addresses. The network uses a special subnet mask as well. In this case, its mask appears to be that of a Class B address. For the time being noting the differences is enough – we’ll explore how custom masks are defined shortly.

So why would a company want to use private IP addresses? A big reason is because they offer a great degree of flexibility. A company can now pick one of these network IDs, and address internal hosts as they see fit. In the past, public IP addresses were allocated to companies, and later needed to be “rented” from ISPs. When private IP addressing is used, a company’s need for public addresses is dramatically reduced, sometimes to only one or just a few IP addresses.

So which private range should a company use? Well, that’s entirely up to them. Obviously the network ID offers the greatest flexibility, based on the number of possible host addresses it provides. For small networks, the range is probably most appropriate. At the end of the day, however, it’s completely in the hands of the network administrator.

Tip: For a more detailed look at the private IP addressing ranges, see RFC 1918.