Sorta... You're two out... Or not as the case may be, depending on whether you're trying to count the number of hosts, or the number of actual address, including non-host addresses.
255.255.255.255 is a special case - it points to a single host.
Everything else can be looked at as:
Where netmask is 255.255.255.d, number of hosts is 256-d-2 - a trick of logic vs binary arithmetic, but it works.
Really, it's as you and others have said, a binary mask applied to various things for various reasons... Most commonly, routing tables and suchlike. I think this is what Vint Cerf invented on the back of a napkin in some hotel, and thus created the idea of routing. Clever, eh?
Just take your netmask, as a binary number, AND a prospective IP address (also as a binary number), and if the IP address is in the network, you'll end up with the network address. In other words:
Network = Netmask & Address : True for any Address in Network
Now, the reason why there's two less than you might have thought is actually pretty simple.
The bottom address, also known as "all zeros", because the host part of the address is entirely 0's, is known as the Network Address, and is used to refer to the network specifically.
The top address, also known as "all ones", is known as the Broadcast Address, and is used to refer to *every* host on the network.
One more thing about network masks - they're always of the form *1 *0 - in other words, they have 0 or more 1's at the beginning, followed by 0's. They're always 32 bits long, and there's never any mixing. Hence the reason that some people use CIDR, or 'slash' notation, which gives the number of 1 bits in a netmask as the 'x' in a.b.c.d/x
IP Chains, IPFW, and other firewalling/routing systems use this notation heavily, so it's worth picking up.
So:
Netmask (Last octet only) Slash Number of hosts
255 32 1
254 31 *NONE* - This is illegal.
252 30 2
248 29 6
240 28 14
224 27 30
192 26 62
128 25 126
0 24 254
You'll notice that 255.255.255.0 is /24 is a Class C.
Incidentally, the values on the left aren't just sensible - they're the only ones that can be used. CIDR notation leaves a lot less ambiguosity, hence the reason I prefer it.
The 255.255.255.252 is generally used as a 'wire' network... Used to encapsulate a leased line. These are being phased out for IPv6, incidentally, because they're almost entirely useless. I've never seen one used for a dialup before.
-----Original Message-----
From: Wookey [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 28, 1999 1:28 PM
To: Diald list
Subject: Re: Netmasks (was: Fine tuning Filter Policy)
On Tue 28 Sep, Bob Chiodini wrote:
> When I initially setup Linux and pppd to my ISP, they (my ISP) told me
> that the netmas k would be 255.255.255.252. This mask allows a subnet
> with two hosts, you and your ISP. I really do not understand a subnet
> mask of 255.255.255.255, this would imply zero hos ts (invalid?).
> Maybe someone else could enlighten me.
Well, I'm not an expert, but I think you have it nearly right, (4, not 2)
and Sam Gyepi:
> A netmask of 255.255.255.252 does not mean that you and the ISP share a
> subnet but rather that the associated IP address belongs to a network
> with a maximum of 251 hosts.
has this wrong.
I can't find the doc right now, but the point is that the netmask is a
_mask_. Sensible values are ones with all ones on the left and all zeros
on the right. IPs deemed to be on the local net are ones that fit in the
mpart of the field that is zero.
So (considering just the last byte) we get this table:
last byte number of
of netmask IPs in local network
255 1
254 2
252 4
248 8
240 16
224 32
192 64
128 128
0 256
Now I'm not exactly sure what happens at the 'edges' so it may be + or -
1, (ie maybe 2 local IPs for a 255 netmask?) but that's essentially it.
Hopefully a genuine expert will be along shortly to give a full
explanation.
Wookey
--
Aleph One Ltd, Bottisham, CAMBRIDGE, CB5 9BA, UK Tel (00 44) 1223 811679
work: http://www.aleph1.co.uk/ play: http://www.chaos.org.uk/~wookey/
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
