# IP address mask

In computer science, a mask is an electronic filter used to extract particular portions of a unit of data. Likewise, an **IP address mask** is used to extract the NETID from the IPv4 address. The mask is the same length as the IPv4 address (i.e., 32 bits) and is usually depicted using the same dotted-decimal notation used for IPv4 addresses (i.e., 255.255.0.0). In the mask, every bit that is part of the NETID is set (i.e., 1) and every bit that is part of the HOSTID is unset (i.e., 0). It is also common to see the mask represented using the classless interdomain routing (CIDR) “slash” notation. In this case, the number of NETID bits is explicitly stated following a “/” after the IP address. For example, 150.128.110.1/16 means that the first 16 bits of this address is the NETID—150.128.0.0.

Each class of IP addresses has an implied default network mask associated with it. The chart shows the default masks for the three major IP address classes.

Class | Default Mask | NETID Bits |
---|---|---|

A | 255.0.0.0 | /8 |

B | 255.255.0.0 | /16 |

C | 255.255.255.0 | /24 |

To extract the NETID using a mask, the IPv4 address is logically ANDed with the mask. In the logical AND operation, the address and mask are examined bit by bit. Each bit in the IPv4 address is ANDed to the corresponding bit in the mask. If both bits are 1, the result is a 1; any other combination results in a 0. The mask has the effect of clearing (e.g., setting to 0) all of the bits corresponding to the HOSTID.

In the example on the visual, the IP address 150.128.110.1 is ANDed with the default Class B mask 255.255.0.0. The result of this process is the new value 150.128.0.0. Note that in this Class B address the mask has effectively canceled out the HOSTID, leaving only the NETID. The concept of address class was used in the early days of the Internet. As the Internet growth exploded there was significant concern regarding the potential exhaustion of IP addresses. Today we have temporarily solved this problem by moving from the class structure with defined masks to a classless address structure where the HOSTID length is explicitly defined by a mask. This new approach is referred to as CIDR.

## Extending a Default Mask

### Requirements

In this example an ISP has assigned company X one Class C address, 200.6.2.0, to use within its corporate network. The 200.6.2.0 address is for use on the LAN side of the router, not the WAN side that connects to the ISP. The addresses on the WAN side of the router come from the ISP address space. Using the 200.6.2.0 address with a default Class C mask of 255.255.255.0 allows up to 254 hosts to exist within the one corporate network.

Company X’s network administrator has identified the requirements of the new corporate network to be 4 subnets with no more than 60 hosts attached to any one of the subnets. How can these requirements be met since company X’s ISP has provided them with only one Class C address?

The solution is to extend the default mask associated with the Class C address (255.255.255.0 or /24) so that more bits are allocated to the network portion of the address and fewer bits are allocated to the host portion. With a default mask of /24 we have 8 hosts’ bits to work with. The question becomes, how many of the 8 bits are required to create 4 subnets, and can the remaining hosts’ bits support 60 hosts on each subnet?

### Subnetting

To find the solution, take the number of subnets required (4) and round up to the nearest power of 2. Or stated differently, 2 raised to what power will yield four (2^{X} = 4)? The answer is 2. So by using 2 of the 8 host bits we can address 4 subnets. Since we’re using 2 of the 8 hosts’ bits to represent subnets, that leaves 6 bits for identifying hosts on each of the subnets. How many hosts can be identified with 6 bits? Or shown another way, solve for Y, 2^{6} = Y? Y equals 64 but the all 1s and all 0s values are reserved; so, the total number of hosts on any subnet is 64-2=62.

It’s easy to see how the slash notation changes from /24 to /26, since we need 2 additional bits to represent a subnet, but where does the 192 of 255.255.255.192 come from? It is the dotted decimal value of the new extended mask, 11000000 (128+64=192).

Now we have a new mask, 255.255.255.192, that all end stations need to use in company X’s corporate network. Now comes the task of assigning those end stations proper addresses. On each subnet there are 62 addresses that can be used. The last question is, what are the host addresses to be used on each subnet?

### Address Assignment

Originally we had 8 bits to represent the host number, which gave us a maximum of 256-2=254 hosts on the one network. If we create four subnets, there are 256/4 addresses (64) available on each. Since the host number field of an IP address cannot contain all 0 bits or all 1 bits, we subtract 2 from the 64 and end up with 62 addresses on each subnet. Stated differently, if we have 6 bits to represent the host number we have a maximum of 62 hosts (26 - 2=62).

Let’s number the four subnets 0–3. Only the last octet of the address will change, so that’s the only address that has been written in binary. The first three octets, 200.6.2, will not change so it was not expanded. On each subnet the 6 hosts’ bits represent a block of 62 addresses. The hosts are numbered 1–62.

Let’s look at the range of host addresses for subnet 0. The subnet portion is fixed at 00, and the host portion ranges from 000001 to 111110. Looking at all 8 bits this becomes:

Binary range | Dotted decimal range |

000000001–00111110 | 1–62 |

The host addresses on subnet 0 in dotted decimal form are 200.6.2.1–200.6.2.62.

Let’s look at the range of host addresses for subnet 1. The subnet portion is fixed at 01, and the host portion ranges from 000001–111110. Looking at all 8 bits this becomes:

Binary range | Dotted decimal range |

01000001–01111110 | 65–126 |

So the host addresses on subnet 1 in dotted decimal form are 200.6.2.65–200.6.2.126. The host addresses on subnets 2 and 3 in dotted decimal form are 200.6.2.129–200.6.2.190 and 200.6.2.193–200.6.2.254, respectively.