Subnet Masks: Organizing the Network Neighborhood

Thinking Digitally – Steve Macatee

Steve Macatee helps us to “think digital” to get a better understanding of subnet masks.

Subnet mask. These words are not even a sentence yet they still strike fear in all but hardened network nerds. Subnet masks affect us audio folk when we dive into the IP address properties of computers to configure networks or debug Ethernet communications. While network problems are usually related to firewalls, antivirus, network device settings, service providers, and/or Microsoft’s security “features,” they can occasionally be caused by inappropriate subnet mask values. Thinking digitally about subnet masks can help overcome this obstacle.

Subnet masks help nerds and network devices figure out which part of a device’s IP address is the network part (or street) and which part is the host (or house) in the network neighborhood. Why distinguish between the network and the host? For the same reason you need to put the street and the house number on a letter. Packages need both the house and street to be delivered properly. For network packets to be delivered, devices need to be on the same network (street) and have a unique house number.

The word subnet is used since subnetworks of an entire network are really what we typically encounter. But what’s a mask? Just as a party mask hides some of your face while exposing your eyes, a mask in IP and subnet contexts masks-off (blocks or hides) some bits of an IP address and allows other bits to be seen or used. Thinking digitally about a subnet mask’s bits is aided by viewing them digitally, in binary, as if through a mask like the one shown. Ones in the mask are like “holes” that expose the network ID bits (street). Zeros in the mask hide the IP bits not used for the network ID, thus revealing the host ID (house). Said another way, the new value can see only the original value’s bits that have not been blocked by 0’s in the mask.

Where a subnet mask’s binary bit is 1, the corresponding bit in the IP address is part of the network ID or street. Where the subnet mask value is 0, the corresponding IP address bits are the host ID or house. To make things easier for us non-nerds, subnet mask values are typically kept on clean boundaries of 8-bit octets. In the 255.255.255.0 example above, we’re using the first 24 bits (3, 8-bit octets) for the network (“192.168.48” street) and the last 8 bits for the host (house, “247”). But any number of the 32 bits in a subnet mask can be used to make the distinction. Thus, where the subnet mask is 255.255.255.0 (1’s in the first 24 bit positions), each device must have a matching network ID (e.g., 192.168.48) and each device requires a different and unique host ID (247 for one device, 248 for the next, etc).

Network administrators use subnet masks to help manage the number of devices they support on their network or street. Small companies need small streets for their small number of houses. Big companies need different size streets for their many houses. There’s a difference in the installation, management, security and administration costs between different approaches: one street with lots of houses or lots of streets with few houses and many implementations in-between are all viable. But we’ll leave the details to the network nerds. sm