There are plenty of these netmask references out there, but I prefer myown: hence this Tech Tip. We've never seen anybody use a network largerthan a /4 (256M hosts), so we've truncated the table at that point.
| # bits | # hosts | Usable hosts | netmask | Cisco mask | |
|---|---|---|---|---|---|
| /4 | 268435456 | 268435454 | 240.0.0.0 | 15.255.255.255 | |
| /5 | 134217728 | 134217726 | 248.0.0.0 | 7.255.255.255 | |
| /6 | 67108864 | 67108862 | 252.0.0.0 | 3.255.255.255 | |
| /7 | 33554432 | 33554430 | 254.0.0.0 | 1.255.255.255 | |
| /8 | 16777216 | 16777214 | 255.0.0.0 | class A network | 0.255.255.255 |
| /9 | 8388608 | 8388606 | 255.128.0.0 | 0.127.255.255 | |
| /10 | 4194304 | 4194302 | 255.192.0.0 | 0.63.255.255 | |
| /11 | 2097152 | 2097150 | 255.224.0.0 | 0.31.255.255 | |
| /12 | 1048576 | 1048574 | 255.240.0.0 | 0.15.255.255 | |
| /13 | 524288 | 524286 | 255.248.0.0 | 0.7.255.255 | |
| /14 | 262144 | 262142 | 255.252.0.0 | 0.3.255.255 | |
| /15 | 131072 | 131070 | 255.254.0.0 | 0.1.255.255 | |
| /16 | 65536 | 65534 | 255.255.0.0 | class B network | 0.0.255.255 |
| /17 | 32768 | 32766 | 255.255.128.0 | 0.0.127.255 | |
| /18 | 16384 | 16382 | 255.255.192.0 | 0.0.63.255 | |
| /19 | 8192 | 8190 | 255.255.224.0 | 0.0.31.255 | |
| /20 | 4096 | 4094 | 255.255.240.0 | 0.0.15.255 | |
| /21 | 2048 | 2046 | 255.255.248.0 | 0.0.7.255 | |
| /22 | 1024 | 1022 | 255.255.252.0 | 0.0.3.255 | |
| /23 | 512 | 510 | 255.255.254.0 | 0.0.1.255 | |
| /24 | 256 | 254 | 255.255.255.0 | class C network | 0.0.0.255 |
| /25 | 128 | 126 | 255.255.255.128 | 0.0.0.127 | |
| /26 | 64 | 62 | 255.255.255.192 | 0.0.0.63 | |
| /27 | 32 | 30 | 255.255.255.224 | 0.0.0.31 | |
| /28 | 16 | 14 | 255.255.255.240 | 0.0.0.15 | |
| /29 | 8 | 6 | 255.255.255.248 | 0.0.0.7 | |
| /30 | 4 | 2 | 255.255.255.252 | 0.0.0.3 | |
| /31 | point to point links only | ||||
| /32 | 1 | 1 | 255.255.255.255 | single IP address | use host notation |
All devices on a local network have a unique IP address, but eachaddress is inherently divided into two parts, a shared network part,and a unique host part, and this information is used by the TCP/IP stackfor routing. When sending traffic to a machine with a different networkpart, it must be sent through a router for final delivery.
The dividing line between the network and host parts is determinedby the subnet mask, and it's often seen in 255.255.255.0notation. It looks like an IP address, and it uses a "1" bit toselect, or "mask" the network part.
In this case, the netmask of 255.255.255.248 represents 29bits of network and 3 bits of host (totalling 32 bits, of course),and this give 8 possible IP addresses in this range. The first andlast of the range are reserved addresses, giving 6 usable addressesthat may be assigned to a device.
| 216.39.106.160 | zero broadcast |
| 216.39.106.161 | available |
| 216.39.106.162 | available |
| 216.39.106.163 | available |
| 216.39.106.164 | available |
| 216.39.106.165 | available |
| 216.39.106.166 | available |
| 216.39.106.167 | ones broadcast |
When creating ACLs for Cisco routers,one specifies networks using a base IP address and what looks like an invertednetmask: rather than set a one bit for each part of the address that's a network,they set a one bit for each part that's a host.
Many consider this quite annoying, as it's one more thing to have to remember.
First published: 2005/07/17
