40
12
My DSL/WiFi router provided by my ISP has an internal IP address of 10.0.0.138, the addresses provided by DHCP are in the format of 10.0.0.xxx.
Now, I want to start using static IP addresses on my local network, and I don't know what to provide for the subnet mask.
What is a subnet mask?
Should I be using 255.255.255.0 or 255.0.0.0 as my subnet mask? What is the difference?
Torben Gundtofte-Bruun
Posted 2009-10-13T13:39:41.810
Reputation: 16 308
29
The zero in the subnet mask will correspond to the xxx of your IP address. If you need more than 255 different addresses, you'll have to change the DHCP IP's to 10.0.xxx.xxx (broadcast IP of 10.0.255.255) and the subnet mask to 255.255.0.0.
Theoretically, 255.0.0.0 is a valid subnet mask for 10.0.0.0 to 10.255.255.255 addresses. This wikipedia article shows the valid addresses for private networks.
But in your case (10.0.0.xxx), you should use 255.255.255.0.
djeidot
Posted 2009-10-13T13:39:41.810
Reputation: 1 368
22
Most probably, you are after a subnet mask of 255.255.255.0.
A subnet mask refers to the practice of subnetting, which is, from my understanding of it, a way of dividing one network into smaller logical networks. A subnet mask is used to tell the network devices (whether it be the computer or any routers, modems, etc.) what addresses are local (belongs to this network), and what addresses are remote (belongs to that network).
So, if a computer's IP address is 192.168.1.104, and its subnet mask is 255.255.255.0, then the computer (and every other device attached to the same network) will assume that every IP on that computer's local network will be in the format 192.168.1.xxx, with xxx being the only part that would vary. Likewise, if the subnet mask is 255.255.0.0, then the computer will assume that every IP address in its local network will be in the format of 192.168.xxx.xxx.
Subnetting a network is not really useful in a home network, such as yours. It is mainly used on larger networks (with 255+ computers) to reduce unnecessary network activity. MarkM provided this in the comments:
One of the biggest advantages of subnetting in a large network is to reduce the broadcast traffic. If you have thousands of hosts on a single subnet, your switches will be choking on ARP, DHCP, and other broadcasts. In a home network usually there isn't much of a need unless you want something like a guest wireless LAN that doesn't have any routing available to your main home network.
This explanation is very rough and sketchy, so please forgive me if I have made a mistake or two.
Josh Hunt
Posted 2009-10-13T13:39:41.810
Reputation: 20 095
2One of the biggest advantages of subnetting in a large network is to reduce the broadcast traffic. If you have thousands of hosts on a single subnet, your switches will be choking on ARP, DHCP, and other broadcasts. In a home network usually there isn't much of a need unless you want something like a guest wireless LAN that doesn't have any routing available to your main home network. – MDMarra – 2009-10-13T14:08:42.360
10
The netmask is used to identify which portion of the IP address represents the network address and which portion represents the machine address*.
Consider the class A network 10.0.0.0 to 10.255.255.255 (this is the designated "private" class A block i.e. packets destined for these addresses will not be routed). In binary the addresses are: 00001010.00000000.00000000.00000000 through to 00001010.11111111.11111111.11111111. The netmask is generated by assigning a 1 for each bit in these addresses that does not change IE:
00001010.00000000.00000000.00000000
00001010.11111111.11111111.11111111
-----------------------------------
11111111.00000000.00000000.00000000
Which converts to 255.0.0.0, the classic class A netmask.
* Actually, to get the network address given an IP address, you just do a logical AND. For example, for the netmask 255.0.0.0 and the IP address 10.0.0.1:
00001010.00000000.00000000.00000001
11111111.00000000.00000000.00000000
-----------------------------------
00001010.00000000.00000000.00000000
And 00001010.00000000.00000000.00000000 translates to 10.0.0.0 which is indeed the network address.
Note that you usually don't need a class A network for a home network (do you need more than 255 addresses?) and can thus use 255.255.255.0 as netmask and/or use a class C network (e.g. 192.168.1.0).
Pascal Thivent
Posted 2009-10-13T13:39:41.810
Reputation: 1 492
There are 10 types of people, those that undersand binary and those that don't. (Sorry couldn't resist) – Martin Brown – 2012-02-15T15:45:04.560
Argh! Not binary! slits wrist – Josh Hunt – 2009-10-13T15:03:02.927
5
In practice no one uses classes anymore. It's usually only taught as a history lesson. CIDR is used instead now http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing
– MDMarra – 2009-10-13T15:08:47.100don't know that CIDR is any simpler to understand... :) – quack quixote – 2009-10-13T15:44:15.920
It doesn't matter if it's simpler or not. Classes are no longer used and CIDR is. – MDMarra – 2009-10-13T16:06:02.880
@josh; learn binary! It's easy and impresses people who don't understand it :) – Phoshi – 2009-10-13T17:12:09.970
In practice, I use classes :) And it's not the important part of the answer. But thank you for the clarification. – Pascal Thivent – 2009-10-13T18:03:30.413
2You can still operate on the Class boundaries and have your network function normally but it is antiquated. CIDRs of /8 /16 and /24 represent what Class A, B and C used to. – MDMarra – 2009-10-13T18:32:25.770
@Phoshi - I know binary, but every time I see it whilst NOT studying, it reminds (and scares) me into studying for my HSC... – Josh Hunt – 2009-10-13T23:35:26.797
1
This should help out your subnet calculating fears :) http://www.subnet-calculator.com/cidr.php
– MDMarra – 2009-10-13T23:46:32.110what is class A (and B and C)? – n611x007 – 2013-06-16T18:45:54.797
1
In more technical terms, the subnet mask helps machines identify the network number associated with a given IP address. The 255 represents all 1's for that byte of the address and when you perform a bit-wise AND between the address and the mask, you get the network number back. What's left is the machine number
So
IP Address 192.168.1.1
Subnet mask 255.255.255.0
Network Number 192.168.1.0
Host Number 1
Address Range 192.168.1.1 to 192.168.1.255
Alternately,
IP Address 192.168.1.0
Subnet mask 255.255.254.0
Network Number 192.168.0.0
Host Number 1
Address Range 192.168.0.1 to 192.168.1.255
This second configuration leaves 9 bits for the host number (in an instance where you would have more than 255 hosts). Adjusting the subnet mask gives you more host addresses and less networks or vice versa depending on whether you add or remove 1's
Chris Thompson
Posted 2009-10-13T13:39:41.810
Reputation: 433
It may be more helpful to show available address ranges in your example as well. 192.168.1.1-192.168.1.254 and 192.168.0.1-192.168.1.254 – MDMarra – 2009-10-13T20:28:58.310
Good call, done. I probably should have chosen a more obvious example, this might be a little to subtle... – Chris Thompson – 2009-10-13T21:27:12.233
1
Since torbengb's ISP gave him a router (or told him to configure his router) with the address 10.0.0.138, it leads me to suspect that this ISPs customers share the 10.0.0.0 address space; otherwise most poeple would configure the router at 10.0.0.1 or 192.168.0.1 or similar.
In that case, it's important that he use the netmask his ISP gave him, or he may trample on addresses the ISP is handing out to other users.
If he's sure his router is doing NAT, then he can probably use anything from /8 to /24.
Without knowing the details of the connection and ISP config, it's hard to give a definitive answer.
The netmask DOES separate your addresses into the network portion and the host portion, but the practical reason is so your router, and the routing code in your hosts, can know which destination addresses are on your local network and which need to have their packets sent through the router's uplink.
0
I'll answer the practical question. You should always use the "correct" subnet mask, unless you are either the network administrator or you understand the bitwise math well.
Since you are probably not using a "real" DCHP server, you should use the subnet mask given out by you DHCP server for all systems, including the static addresses. You should also make sure your static numbers are not going to be in the space that your DHCP server allocates out of.
If you provide your OS, I'm sure we can give you the right command to display your current subnet mask on a DHCP client system.
Ideally, you'd be using 255.0.0.0, because for 10.0.0.0, if you used 255.255.255.0, you could only have a 256 addresses space (not a big deal, but who knows, you said you were using .138), PLUS it should provide routing to the other 10.0.0.0 subnets (and I bet it doesn't).
This might matter to some people with unusual work-from-home configurations, like ssh tunnels.
benc
Posted 2009-10-13T13:39:41.810
Reputation: 1 272
3There's no real reason to use an 8 bit netmask there. There's nothing wrong with it, but it's bad form. You can use a 23 bit netmask (255.255.254.0) and have an additional 254 addresses available. There aren't 256 addresses on a /24 subnet because .0 and .255 are both reserved for network identifier and broadcast address respectively. – MDMarra – 2009-10-13T20:24:46.447
Added http://superuser.com/questions which explains IPv4 subnetting in detail. (Question is a copy of the canonical answer on Serverfault).
– Hennes – 2016-07-27T16:33:17.403Over-simplifying a bit: Anything with the same subnet mask can talk to each other directly without going through a router (in fact, a router must NOT be used). Anything that wants to talk to a host with a different subnet mask needs to go through a router (or the IP that is the default gateway) to get to that host. – LawrenceC – 2012-09-16T14:17:50.040
4So essentially the "subnet mask" indicates which part of the IP number are relevant. Since I'm only using the last triplet, I would use 255.255.255.0 to mask out the first three triplets. Thanks for your answers! – Torben Gundtofte-Bruun – 2009-10-13T13:55:49.027
correct. For your private network it doesn't matter though. It only matters if you want to separate different parts of your network. – StampedeXV – 2009-10-13T14:03:25.570
1It doesn't exactly "mask out" any of the octets (in fact it doesn't have to provide an 8-bit boundary at all). It just designates which part of the IP is the network identifier and which part is the host identifier. – MDMarra – 2009-10-13T14:04:05.957