IP Subnetting Tutorial (Classful Subnetting)

This is a small subnetting tutorial that I prepared for my students back in 2015. It explains how you can “classfully” subnet an IPv4 address space. I’ll try to put together another tutorial for classless subnetting soon.

In this tutorial, we will go through steps of subnetting a network address space using a single subnet mask. After the detailed steps, we will go through two completely solved example and three more unsolved examples for you to solve. Grab a pencil and a piece of paper and let’s go.

To start with, we will assume that you have a specific number of subnets with a specific number of hosts in each subnet. What we will do in the process of subnetting is identifying the subnet address, subnet mask, subnet broadcast address, range of available host addresses for each subnet.

Subnetting generally means using some bits of the host address to generate subnet address.

Subnetting Steps:

Step 1: Choosing the Network Address

If you were given a specific network address to use in subnetting, jump to step 2. If it is up to you to choose the network address and IP address class, you may select it based on the following steps:

  1. Identify the subnet with the highest number of hosts. Let’s call the highest number of hosts HiHost.
  2. Round HiHost+2 to the next power of 2 (ex: 2, 4, 8, 16, 32, 64..etc which is actually 21, 22, 23, 24, 25,..etc). When we say “round to the next”, it means that 17 is rounded to 32 and 5 is rounded to 8. Let’s call the result of rounding the BlockSize.

Note: We put +2 because the subnet address and the broadcast address cannot be used by hosts.

  1. Multiply the BlockSize by the number of required subnets. If the result is 256 or less, you can go for Class C address. If the result is higher than 28(which equals 256) but less than 216 (which equals 65,536), go for Class B. If the result is more than 216, go for Class A.
  2. Since subnetting mostly happens for LANs within an internal network, the addresses that we will use are in the Private ranges of each class as shown in the table:
Address Class Private Range of IP addresses
C 192.168.0.0 – 192.168.255.255
B 172.16.0.0 – 172.16.255.255
A 10.0.0.0 – 10.255.255.255

For the sake of simplicity, we usually choose 192.168.0.0 for Class C, and 172.16.0.0 for Class B.

Step 2: Choosing the Subnet Mask

Since, in our subnetting, we are planning to use only one subnet mask, we can calculate it now. The calculation is really simple.

Using the BlockSize that you have calculated in Step 1, you can find the number of bits required for host address after subnetting (Lets call it HBits) by the following calculation:

BlockSize=2HBits

This means that only HBits number of bits will be used for host addresses and the rest of the bits will be used for subnet addresses.

From that, you can easily calculate the number of bits used for subnet address (lets call it NBits) by:

NBits=32-HBits

Now can produce the subnet mask by starting (from the left) with NBits ones and HBits zeros afterwards.

For example, if NBits=20 and HBits=12

1111 1111.1111 1111.1111 0000.0000 0000

255.255.240.0

Step 3: Filling-up the Table

Now that we know the subnet mask, we will need to find the rest of the parameters (subnet address, broadcast address,…etc)

S/N No S/N Address S/N Mask Broadcast Address Range of Host Addresses
0
1
2
  1. Calculating the Subnet Address:

The first subnet address is usually the main network address. Next subnet address can be easily calculated by adding 1 to the network part of the previous subnet address. Remember to do the addition in binary, so that carry bits can be pushed to the next octet (8-bits) on the left.

For example:

The first subnet 192.168.0.0 and the subnet mask is 255.255.255.240. In binary:

Subnet Mask (255.255.255.240)
1111 1111 . 1111 1111 . 1111 1111 . 1111       0000
Network (and also the address of subnet 0, 192.168.0.0) Host
1100 0000 . 1010 1000 . 0000 0000 . 0000 0000
Subnet 1 (192.168.0.16)
1100 0000 . 1010 1000 . 0000 0000 . 0001 0000
Subnet 2 (192.168.0.32)
1100 0000 . 1010 1000 . 0000 0000 . 0010 0000
Subnet 3, 4, 5,….

 

You can see in the table that the subnet addresses are calculated by adding 1 to the network-part of the previous subnet address.

  1. Subnet mask is the same calculated for all subnets from Step 2.
  2. Broadcast address of each subnet is the last address before the next subnet. In follow-up of the previous example in 1, if subnet 0 address is 192.168.0.0 and subnet 1 is 192.168.0.16, then the broadcast address of subnet 0 is 192.168.0.15.
  3. Usable host range is simply all addresses between the subnet address and the broadcast address. Again following-up on the previous example in 1, and 2, for subnet 0 the subnet address is 192.168.0.0 and broadcast address 192.168.0.15, then the usable host range is 192.168.0.1-192.168.0.14

Example 1:

You have been assigned the duty of subnetting a network for an organization’s branch office. The headquarter’s IT manager said that you need to use the network address 192.168.12.0 with the default subnet mask (255.255.255.0). The number of hosts is shown in the diagram below.

Example 1 Network Diagram

Solution:

Since the main network address is already selected by the main office, we will directly start calculating the block size

HiHost=12

BlockSize= 12+2 rounded-up to the nearest power of 2.

BlockSize=16

Now we calculate the resulting subnet mask:

2HBits=16 → 2HBits=24 → HBits=4

NBits=32-4=28

Thus,

Subnet Mask is 1111 1111.1111 1111.1111 1111.1111 0000 → 255.255.255.240

Now we start calculating subnets

Subnet Mask (255.255.255.240)
1111 1111 . 1111 1111 . 1111 1111 . 1111       0000
Network (and also the address of subnet 0, 192.168.12.0) Host
1100 0000 . 1010 1000 . 0000 1100 . 0000 0000
Subnet 1 (192.168.12.16)
1100 0000 . 1010 1000 . 0000 1100 . 0001 0000
Subnet 2 (192.168.12.32)
1100 0000 . 1010 1000 . 0000 1100 . 0010 0000
Subnet 3 (192.168.12.48)
1100 0000 . 1010 1000 . 0000 1100 . 0011 0000
Subnet 4 (192.168.12.64)
1100 0000 . 1010 1000 . 0000 1100 . 0100 0000

 

You can clearly notice the gradual increment in the subnet address within its first part on the right while host bits remain zero all the time.

Now we start filling the table:

S/N No S/N Address S/N Mask Broadcast Address Range of Host Addresses
0 192.168.12.0 255.255.255.240 192.168.12.15 192.168.12.1 – 192.168.12.14
1 192.168.12.16 255.255.255.240 192.168.12.31 192.168.12.17 – 192.168.12.30
2 192.168.12.32 255.255.255.240 192.168.12.47 192.168.12.33 – 192.168.12.46
3 192.168.12.48 255.255.255.240 192.168.12.63 192.168.12.49 – 192.168.12.62
4 192.168.12.64 255.255.255.240 192.168.12.79 192.168.12.65 – 192.168.12.78

 

First we start inserting the Subnet addresses, and the subnet mask. Then we start using the last address in each subnet as the broadcast address. Last column to fill would be the range of host addresses which will start from the first address after the subnet address to the last address before the broadcast address.

Example 2:

You have been assigned the duty of subnetting a network for an organization. The choice of class and network address is up to you. Take into consideration the host numbers mentioned in the diagram below.

Example 2 Network Diagram

Solution:

In order to make a proper network address and class choice, let us calculate the BlockSize first.

HiHost=541 → BlockSize=541+2 rounded-up to the nearest power of two= 1024

Since the BlockSize is higher than 28 and lower than 216, we will choose class B

Let the network address be 172.16.0.0 and the default subnet mask be 255.255.0.0

Now we will calculate the subnet mask after subnetting,

BlockSize=2HBits → 1024=2HBits → 210=2HBits ® HBits=10

NBits=32-10=22

The chosen subnetmask will be:

1111 1111.1111 1111.1111 1100.0000 0000 → 255.255.252.0

Now we start calculating subnets

Subnet Mask (255.255.252.0)
1111 1111 . 1111 1111 . 1111     11 00 . 0000       0000
Network (and also the address of subnet 0, 172.16.0.0) Host
1010 1100 . 0001 0000 . 0000     00 00 . 0000 0000
Subnet 1 (172.16.4.0)
1010 1100 . 0001 0000 . 0000     01 00 . 0000 0000
Subnet 2 (172.16.8.0)
1010 1100 . 0001 0000 . 0000    10 00 . 0000 0000
Subnet 3 (172.16.12.0)
1010 1100 . 0001 0000 . 0000    11 00 . 0000 0000
Subnet 4 (172.16.16.0)
1010 1100 . 0001 0000 0001    00 00 . 0000 0000

 

You can clearly notice the gradual increment in the subnet address within its first part on the right while host bits remain zero all the time.

Now we start filling the table:

S/N No S/N Address S/N Mask Broadcast Address Range of Host Addresses
0 172.16.0.0 255.255.252.0 172.16.3.255 172.16.0.1 – 172.16.3.254
1 172.16.4.0 255.255.252.0 172.16.7.255 172.16.4.1 – 172.16.7.254
2 172.16.8.0 255.255.252.0 172.16.11.255 172.16.8.1 – 172.16.11.254
3 172.16.12.0 255.255.252.0 172.16.15.255 172.16.12.1 – 172.16.15.254
4 172.16.16.0 255.255.252.0 172.16.19.255 172.16.16.1 – 172.16.19.254

 

First we start inserting the Subnet addresses, and the subnet mask. Then we start using the last address in each subnet as the broadcast address. Last column to fill would be the range of host addresses which will start from the first address after the subnet address to the last address before the broadcast address.

Unsolved Examples:

  1. You have been assigned the duty of subnetting a network for an organization. The choice of class and network address is up to you. Take into consideration the host numbers mentioned in the diagram below.

Example 3

  1. You have been assigned the duty of subnetting a network for an organization’s branch office. The headquarter’s IT manager said that you need to use the network address 172.18.0.0 with the default subnet mask (255.255.0.0). The number of hosts is shown in the diagram below.

Example 4

  1. You have been assigned the duty of subnetting a network for an organization. The choice of class and network address is up to you. Take into consideration the host numbers mentioned in the diagram below.

Example 5

A Look Back on 2020

I think that everyone agrees that 2020 has been a truly different year in most aspects. It has impacted the lives of billions of people around the globe. Stress levels are at all-time high and the statistics on depression and anxiety are just shocking. I have not lived a year that had such a deep impact in people’s lives like 2020 did. Social media, and media in general, has severed the malicious purpose of scaring people and reinforcing the “if it bleeds, it leads” concept and kept us very well informed of everything that is going wrong in the world. However, this post is not about discussing what went wrong in 2020. It is just a holiday rant to remind us of all the good things in life that we need to shift the focus to.

Looking back at all the good things that happened in 2020 will help us overcome the great difficulties that we’ve faced, and still facing. I know it’s not easy. Coming from Middle-Eastern origin with a long heritage of negativity, I can assure you it’s not easy. Many great things have happened around the world that are worth mentioning. I’m not going to list all of them, obviously, but I need to mention a few. Nature, supported by the brave fire fighters, ended the Australian fires back in January. Humanity has come together to build multiple vaccines to end a global pandemic in a record time compared to the history of vaccines. Technology companies supported the world during the pandemic lock down and made it possible for millions of businesses to shift their work to online platforms, many of which were provided free of charge. People around the world showed unprecedented support to weaker communities and local small business during lock-down in many countries around the world. On a personal level, I look back and see more time to spend with the family during 2020. I see three cybersecurity certifications that I have achieved in only six weeks in 2020. I see 1 journal papers, 1 conference paper, and 1 book chapter published in 2020. I see a bunch of new people that I feel lucky to meet (although online) in this year. I choose to overlook the difficult other parts of 2020 to keep my sanity and mental well-being.

I’m not trying to say that this year was a great year. Because it simply wasn’t. It is just one of those years that we’ll tell our grandchildren about proudly. What I’m trying to say here is that how you feel about the tough times will not change what’s happening. It’ll change how you perceive these tough times. You can go through tough times stressed and overloaded with anxiety, or you can accept those tough times and make the best out of them. It is definitely difficult when almost all media around you is building a horrifying picture and magnifying the “the end is near” rhetoric. However, you can choose to filter-out bad news gradually and be able to live life one day at a time.

Finally, I’d like to wish everyone happy holidays and a great 2021 ahead!

Presenting CallForChapters.org

Edited books, or contributed volumes, are quite popular in the academic realm. Usually, the lead editor is an experienced scholar and one or more co-editors to handle the required work. Graduate students are usually hungry for this type of publication. Mostly because the required effort and time to produce a book chapter is less than that required to publish a paper in a good journal, and because the review process for book chapters is less rigorous in comparison to journal review.

A few days ago, I was looking for a “Call for Chapters” for one of my postgrad students who was complaining that he wasn’t able to find one within his specific area of research although he searched a lot. I spent a good couple of hours searching with no avail. Then, it hit me. We find a lot (and I mean aloooooot) of “Call for Papers” websites. But “Call for Chapters” websites are quite rare. So I thought, why not make one?

I know that most editors use wither their personal websites, or give in and use “Call for Papers” websites. But, as an editor as well, I understand how inconvenient that can be. Plus, it does not provide the required exposure to the appropriate audience of contributors.

So, I present to you CallForChapters.org. A free platform presented to support the academic community. Editors can publish their calls for chapters here for free, and contributors can search and browse through the available calls. No signup, no account, no cost. Just fill up the submission form and it will get published within 48-72 hours. I’ll try my best to maintain this website and keep it running for a long long time. Please spread the word and share the page through social media to widest possible audience. Of course your feedback is very welcomed to make the site better and help it serve the purpose.

On Neurocryptanalysis of DES and 3DES

In the past few years, and more often recently, I have received several emails asking questions about two papers that I have published back in 2012. The papers are:

Mohammed M. Alani, Neuro-Cryptanalysis of DES and Triple-DES, published in proceedings of the 19th International Conference on Neural Information Processing (ICONIP2012), Nov. 2012, Doha, Qatar.(LNCS 7667/2012, Springer, http://doi.org/jqm)

Mohammed M. Alani, Neuro-Cryptanalysis of DES, Proceedings of the World Congress on Internet Security 2012, June 10th-12th, 2012, University of Guelph, Ontario, Canada.(IEEE Xplore)

Hence, I would like to clarify a few things.

The work published in these two papers was done back in 2008-2010 based on the initial idea that I presented in my masters thesis in 2003. The first set of results I received at that time were unbelievable in comparison to other cryptanalysis techniques in terms of number of known-plaintext-ciphertext pairs, time, and processing needed. However, soon I came to know that they were not realistic.

I prepared the first version of the paper back in 2009 and sent it to the International Journal of Information Security. At that time, the EiC was Prof.Dieter Gollmann. I received a rejection letter from Prof.Gollmann only a few days later. I responded to the letter with some explanation of the points that I have apparently misrepresented in the paper. From there, we kept corresponding for about 6 months. I found that Prof.Gollmann’s support and comments were extremely useful and have shifted my thinking on how the experiment was supposed to be done. For that, I will remain thankful to him. Later on, I decided to send it to a conference instead. Seeking faster approval before someone else presents the same idea.

What is motivating me to write this post, is the fact that I have received several emails from different researchers around the world saying that they were not able to reproduce the same results. This actually got me to investigate the mater and see why these results could not be reproduced.

The first issue I faced was the loss of the original experiments data that were previously used. Since 2009, I have moved to live in 4 different countries, and apparently I have lost much of my old research data in the process of moving. Hence, I could not reproduce the same results because I did not have access to the same data. It needs to be clear to fellow researchers that it is absolutely normal to have varying degrees of success in the proposed method, as described in the second paper. Those of you who are experienced in training neural networks are aware that the success and failure can be heavily dependent on the initial weights among other variables, and not solely dependent on your data.

I have been asked several times to share the MATLAB code as well. There was no ‘code’ as in a complete program. Back then, I used the neural networks toolbox of MATLAB2008. I used direct commands like:

net = newff(input, output, … , {'logsig' 'logsig'}, 'trainscg');
train(....)

I used plaintext that was generated by a pseudo-random number generator. Then I encrypted the text using my own implementation of DES. Then, I wrote a small program to transform ciphertext into a matrix of zeros and ones so that I use this matrix for NN training in MATLAB. This transformation is done through removing the parity bit of each byte and then producing the ASCII code in bits.

I had success in about 10% of the experiments that I have done back then. I remember doing hundreds and hundreds of experiments. It is obvious that the presented results were selected from hundreds of failures. As I mentioned earlier, the starting conditions of training were a lot and in my experiments I left most of them to be handled by MATLAB. This might have reduced the time I needed to succeed in some of these experiences, but it definitely did not make the reproduction of these results any easier.

This post is not written in the intent of defending the papers, nor in arguing their accuracy. The intention behind this post is to clarify some issues and reasons why you might not be able to reproduce the exact same results.

The bottom line is that I can understand that some researchers are facing difficulties in reproducing the results due to my reliance on MATLAB in using default values, or MATLAB initialization of other important values. However, this does not nullify the importance and potential of the method presented in these two papers.

Paper: Android Users Privacy Awareness Survey

ABSTRACT

Having a share of over 80% of the smartphone market, Android has become an important mobile operating system that is used by billions of users on daily basis. With the widespread use of smartphones in general, and Android in specific, privacy concerns grow with that expansion in the user base. With the millions of applications being downloaded by users daily, it is becoming increasingly difficult to differentiate between the good and the bad in terms of security and privacy. In this paper, we present the results of a survey conducted among 4027 Android users worldwide. This survey was conducted to measure the awareness of Android users regarding their privacy. The study measures the users’ interaction with the permissions required by different applications they install. The results of the survey show apparent weakness in the awareness of Android users regarding the privacy of their data.

Citation Info:

Mohammed M. Alani, “Android Users Privacy Awareness Survey”, International Journal of Interactive Mobile Technology (i-JIM), Vol 11, No 3, pp 130-144.

Full-text (open-access) can be accessed through the link: https://doi.org/10.3991/ijim.v11i3.6605

Book: Elements of Cloud Computing Security

This work serves as a thorough, yet simple-to-read, reference on various aspects of cloud computing security. The text opens with an introduction to the general concepts of cloud computing necessary to build a basic understanding of the cloud, followed by a discussion of aspects of security. The work then examines how cloud security differs from conventional information security, and reviews cloud-specific classes of threats and attacks. A range of varying threats in cloud computing are covered, from threats of data loss and data breaches, to threats to availability and threats posed by malicious insiders. The text discusses cloud security attacks on different levels, including attacks on the hypervisor, and on the confidentiality of data. Newer attacks, such as side-channel attacks and resource-freeing attacks, are also described. The work concludes with a set of general security recommendations for the cloud.

 

eBook ISBN 978-3-319-41411-9

Softcover ISBN 978-3-319-41410-2

Link: Elements of Cloud Computing Security: A Survey of Key Practicalities

Are You Certified?

If you have a certification in any Information Technology field, you are invited to write a review of your certification. Express your thoughts about the certification. Tell other people what you think of the certifications, how you got it and how it affected your career. Share your opinion with certification seekers.

Certifications.Reviews invites you to write your review and have it linked to your twitter/Linkedin/website/blog/..etc . If you’re interested, you can find more information and fill the review form on this page:

https://www.certifications.reviews/be-a-reviewer/

If you don’t have a certification, you can help others by sharing this post with your friends and colleagues.

Thank you.