Networking

Expand your network by supernetting IP addresses

If you're looking to segment a TCP/IP network, subnetting is not your only option. CIDR, or supernetting, is another way to accomplish the task and offers some unique solutions. Here's how to use supernetting on your network.

Put simply, supernetting a TCP/IP network address is the opposite of subnetting it. Supernetting is also known as CIDR (classless interdomain routing) as defined by RFCs 1517, 1518, 1519, and 1520. In IPv4, CIDR is one way of attempting to manage the shortage of TCP/IP addresses until IPv6 takes over. 

Supernetting in itself does not give you more TCP/IP addresses; however, it provides larger single networks for use. Here's how to implement supernetting on your network or support a supernetted network that you may have inherited.

How supernetting works
Supernetting acts to bridge the gap between a Class C network that is limited to 254 addresses and a Class B network that is too large, with over 65,000 addresses. In this way, it's possible to have a "logical" network that offers the number of hosts that best suits your situation.

Supernetting achieves this by making a single network that has your specified number of hosts and corresponding supernet (like a subnet mask). A supernetted address will look like any other TCP/IP address in dotted decimal format (XXX.XXX.XXX.XXX), but it will have a supernetted subnet mask. This looks like a normal subnet mask, but the last octet is not 0 (however, the leading octets of the supernet mask are still 255). Supernetted addresses will require a default gateway that needs to be supernetted as well.

Address ranges, or blocks, are important in supernetting. They allow you to identify the valid addresses in a tabular format that helps identify boundaries on networks. There are many tables you can create or find on the Internet to plan your networks when using supernetting. Figure A shows a supernetting chart using an example configuration that we'll examine in this article.
Figure A
Supernetting Class C addresses
This represents part of the CIDR/supernetting chart to help determine which supernet option to choose.
CIDR Block Supernet Mask # of Networks* # of Hosts**
/17 255.255.128.0 128 32766
/18 255.255.192.0 64 16382
/19 255.255.224.0 32 8190
/20 255.255.240.0 16 4094
/21 255.255.248.0 8 2046
/22 255.255.252.0 4 1022
/23 255.255.254.0 2 510
/24 255.255.255.0 1 254
/25 255.255.255.128 Less than 1* 126
/26 255.255.255.192 Less than 1* 62
/27

255.255.255.224

Less than 1* 30
/28 255.255.255.240 Less than 1* 14
/29 255.255.255.248 Less than 1* 6
/30 255.255.255.252 Less than 1* 2
*Number of full Class C networks—256 or more available addresses
**Available addresses—network and broadcast addresses excluded

This is a chart of the /17 through the /30 block of Class C supernets. These ranges are scalable, helping you select how many networks and hosts you would like to use. You may notice that /24 CIDR block looks familiar, as that is really not a supernetted network but a subnetted single Class C network with a standard 24-bit subnet.

Calculating supernet addresses
Calculating a supernet address is easy if the approach is organized. Using the chart in Figure A, determine how many hosts you want to have available on your network and reference that against the # of Hosts column to select the best match. Then, once you select the appropriate number of hosts, you can look across the chart and see the corresponding supernet mask. With that, you will need to determine a valid starting network.

This starting network must meet certain criteria:
  • All networks are consecutive from your starting network.
  • The third octet of the first network must be an even number (zero is valid for certain situations).
  • When combining eight networks (like the example below), the third octet of the network number must be evenly divisible by eight.
  • Create a table listing the available networks(s), addresses, supernet mask(s), default gateway(s), and other networking objects to outline the network.

Usage scenario
In this example, we'll need approximately 1,220 IP addresses for a training lab scenario that involves 150 people, each of whom requires two servers, five network-attached, multiport serial devices, and their own laptop. We'll also need extra addresses for a few routers (including one for Internet access) and addresses for the instructors. This example would be a good candidate for using CIDR. I'll use the 192.168.16.0 network for our starting address.

To satisfy the 1,220 TCP/IP addresses for this scenario, we can use many of the different CIDR blocks. We will use eight Class C networks, or CIDR /21, to give us 2,048 possible addresses. The 2,048 possible addresses are calculated by taking eight networks that will have 256 addresses each (8 x 256 = 2048). We have to subtract two for the network and broadcast addresses (as in a subnetted network), giving us 2048 – 2 = 2046 possible addresses. Starting with 192.168.16.0, all "connected" networks must be consecutive in the numbering of the third octet. Table A outlines the networks and available addresses.

Table A
Network Available Addresses Usage Circumstances
192.168.16.0           1-255                  First address not available
192.168.17.0           0-255 All addresses in range available
192.168.18.0           0-255 All addresses in range available
192.168.19.0           0-255 All addresses in range available
192.168.20.0           0-255 All addresses in range available
192.168.21.0           0-255 All addresses in range available
192.168.22.0           0-255 All addresses in range available
192.168.23.0           0-254 Last address not available

Note that certain IP addresses are valid with atypical numbers in the last octet of the address. For example, both 192.168.19.0 and 192.168.22.255 are valid addresses for a client, but they may not be available for use by all clients that connect to this network. This is because certain operating systems may not allow these types of addresses to be assigned as an IP address, since they may view the address as a network or broadcast address and as invalid for use as a client address (based on standard TCP/IP usage).

Specifically, Windows NT and 2000 do not allow the use of the X.X.X.255 or X.X.X.0 IP addresses. (For more information on this, see Microsoft Knowledge Base Article 281579.) Because the available hosts for this range of addresses will exceed our requirements, the loss of these few addresses will not be an issue. 

The resulting networks will start at 192.168.16.0 and increase in single increments up to 192.168.23.0. The supernet mask (functions as a subnet mask for all involved network devices/systems) for these networks will be 255.255.248.0. This same supernet and default gateway will be used for all of the networks on this supernet. Rendering the 255.255.248.0 supernet mask is easy from the chart in Figure A, but we will now prove how this is achieved.

We obtain our example supernet mask by taking the number of Class C networks we would like (eight in our case) and subtracting that from 256. This result is 248. We take this value and place it into the third octet of the mask, making our result 255.255.248.0. If we want to have 256 or more Class C networks, this quick rule will not work. The addresses listed in Table A will all be on the same network. For example, there is no route necessary for host 192.168.17.49 to access 192.168.19.244, or any other hosts in the range. 

Implementing a supernetted network
I set up a supernetted network in a lab that I have access to. While I do not have over 1,000 computers, I did allocate all of my computers and virtual machines to reside on each network of this supernetted network. The supernetted network required no settings beyond the IP address, supernet mask, and default gateway options of the operating systems in question. There were no special routing requirements or hardware necessary to quickly implement this network. The supernetted network was implemented easily, and I was able to perform all network activities as if it were a more typical 24-bit subnet mask (255.255.255.0). Addressing, name resolution, and network-based applications all performed without incident.

You can also use supernetting in a reverse fashion by decreasing the number of hosts per network. This is common in ISP situations where you need only a limited number of addresses on the Internet, and the carrier provides you with a subnet mask of 255.255.255.248, for example. This particular supernet means that you will have six available hosts on the network. In this scenario, the first and last addresses are removed for the network and broadcast addresses, so dividing 256 hosts by 32 gives us eight hosts in 32 networks. Removing the first and last addresses for each network gives us six available hosts per network.

Why would I want to use supernetting?
ISPs frequently use supernetting to allocate IP addresses most effectively. There may be scenarios where you have many LANS, WLANs, or VLANs that might be optimally suited for supernetting to best administer your network needs. Keep in mind that supernetting introduces complexity to network administration that needs thorough planning, testing, documentation, and administrator competence.

Most new routing equipment and current operating systems support CIDR in their implementation of the TCP/IP protocol. However, before a supernetting implementation, it is critical to ensure that all components of your network are supernetting-aware. This includes operating systems, network services, routers, routing protocols (RIP2, for example does not support CIDR), and any network-based services used on your network.

For more information
I've shown how you can take advantage of the flexibility offered by CIDR, commonly know as supernetting. These links can provide you with more examples, usage situations, and details on using supernetting:

 

About

Rick Vanover is a software strategy specialist for Veeam Software, based in Columbus, Ohio. Rick has years of IT experience and focuses on virtualization, Windows-based server administration, and system hardware.

1 comments
Moocherkhan
Moocherkhan

Figure A shows at /17 with 128 networks and 32766 hosts, if at a full class B network with a /16 notation is 1 Network with 65534 usable IP address (Hosts), shouldn't a /17 be 2 Networks with 32766 hosts? Now this should give you 2 networks - one with a network address of 192.168.0.0/17 255.255.128.0 and the 2nd network with a network address of 192.168.128.0/17 255.255.128.0? Or am I wrong in my understanding of this?