15-441

Communications and Networking

Lecture 8
Gregory Kesden
Subnetting
 It might be useful for the same administrative domain to contain
several different networks:
 Different link layer protocols without complex bridges

 Different administrative subdomains

 Smaller tables on routers

 But Class-B network addresses are running out, so we can’t waste

them by assigning them where they won’t be densely populated

 And Class-C network addresses can only accommodate networks off

255 machines, which is too small for even modest networks.

 The solution is to carve sub-networks (“subnets”) out of

larger Class-B networks
Subnetting, cont.
 If all routers needed to be aware of subnets, this would
drastically increase the size of routing tables.

 To avoid this problem, routers outside of a network only

know about whole networks

 Routers within a network however, need to know about the

subnets of their network.

 This is achieved by having routers inside and outside of a

network interpret the IP address differently.
Subnetting, cont.
 For compatibility, routers outside of a particular network must operate
“exactly as before” – they make routing decisions based only on the
network number.

 But, once within a network, the routers are all within the same
administrative domain, and can be configured to operate a little
differently

 The portion of the address space that is normally used to identify the
host number is partitioned into a subnet number and host number. This
is done in much the same way as the IP address itself was partitioned
into a network number and host number.

 But, unlike the IP address as a whole, the number of bits used for each
is not fixed. Instead it is determined by the subnet mask.
Subnetting, cont.
 Each host can be part of one subnet. This subnet has a subnet number and a
subnet mask.

 For example 128.96.64.0 is a subnet of network 128.96

 The network number is parsed exactly as it is before, based on the packet’s

prefix and the class of the address.

 Within a particular address, the subnet mask is used to separate the subnet
number from the host number.

 The subnet mask is the same length as an IP address and contains a 1 in every
position that is part of the subnet number (including network number) and a 0
everywhere else. It might also need to contain additional 1s to distinguish it
from other subnets.

 By ANDing the subnet mask with the IP address, the host number is
eliminated, leaving only the subnet number. In this way a host knows if a
destination is on its own network.
 Subnetting, cont.
Subnets and subnet masks

Subnet Num: 128. 96. 0. 0 10000000.01100000.00000000.00000000

Subnet Mask: 255.255.255. 128 11111111.11111111.11111111.10000000
~127 hosts

Notice that the network mask hides host numbers:

IP Address: 128. 96. 0. 82 10000000.01100000.00000000.01010010

Subnet Mask: 255.255.255. 128 11111111.11111111.11111111.10000000
Subnet Num: 128. 96. 0. 128 10000000.01100000.00000000.0d0000000
Subnetting, cont.
 When a router within a network gets a hold of a
packet, it knows that the packet belongs within its
network because of the network number.

 It then walks through its forwarding table and

masks the packet’s IP address with each of the
subnet masks. If the subnet address match, the
packet is forward to the subnet.

 Note that this means that the forwarding tables

must contain not only the subnet numbers, but also
the subnet masks.
 Subnetting, cont.
Packet destined for same subnet as source (send directly)
Subnet Num: 128. 96. 10. 0 10000000.01100000.00001010.00000000

IP Address: 128. 96. 10. 15 10000000.01100000.00001010.00001111

Subnet Mask: 255.255.255. 0 11111111.11111111.11111111.00000000

--AND-- 128. 96. 10. 0 10000000.01100000.00001010.00000000

Packet destined for different subnet than source (send to router)

Subnet Num: 128. 96. 10. 0 10000000.01100000.00001010.00000000

IP Address: 128. 96. 11. 15 10000000.01100000.00001011.00001111

Subnet Mask: 255.255.255. 0 11111111.11111111.11111111.00000000

--AND-- 128. 96. 11. 0 10000000.01100000.00001011.00000000

 Subnetting, cont.

Mask Subnet number Next Hop

255.255.255.128 128.196.34.0 Interface 0
255.255.255.128 128.96.34.128 Interface 1
255.255.255.0 128.96.33.0 Some_Router
(Not on attached LAN)
Subnetting, cont
 Bottom Lines:
 Subnetting increases the utilization of the IP address
space by reducing the demand for networks, making
existing networks more densely populated

 Unnecessary subnetting decreases the utilization of the

IP address space by fragmenting a network, creating
more unusable “pockets” of addresses.

 Without subnetting, either more networks would be

required or more bridges would be used (which can be
difficult with large or heterogeneous systems)
Fragmentation and Reassembly
 One more real world detail: different link layers have
different maximum payload sizes. The maximum size is
known as the Maximum Transmission Unit (MTU).

 The network layer is responsible for ensuring that packets

fit into the datagrams.

 This gets a bit complicated, because a sender is limited by

not only the attached LANS, but also intermediate LANs –
which may or may not be known or constant.

 The sender must either send packets small enough to fit

into the frame of the smallest network along the way, or
the packet must be broken up along the way and then
reassembled.
Fragmentation and Reassembly
 IPv4 uses fragmentation and reassembly.

 If a router cannot place a packet “whole” onto a LAN, because of the

MTU, it breaks it into pieces that will fit.

 Each piece is flagged as being a fragment and numbered with its byte
offset into the original.

 Fragment sequence numbers cannot be used, because fragments might

need to be re-fragmented again later.
Fragmentation and Reassembly
 The recipient collects the fragments, reassembles
them using the offsets, and the passes the packet
up the stack.

 If all of the pieces do not arrive within a certain

time period, the partially assembled packet is
dropped and any future pieces will also be
dropped.

 Packets can be flagged as non-fragmentable.

These are dropped if they are too large. When this
happens, an ICMP message is dispatched to the
original sender.
Fragmentation and Reassembly, cont.
 IPv6 does not fragment packets. If they are too large, it
simply drops them.

 This is because fragmentation and reassembly takes time

and resources at the router – this is too expensive. In
modern, high-speed networks, routers are way to busy for
this time consuming task.

 As before, if a packet is dropped, an ICMP message is

dispatched to the sender. This will allow the sender to try
again with a smaller packet size, if desired.
 Supernetting: CIDR
 Whereas Class-B network addresses are scarce, there are plenty of
Class-C addresses, but no one wants them
 It is much easier to manage one Class-B network, with
subnets, as needed, than a collection of Class-C
networks, that cannot be combined.

 To solve this problem, Classless Interdomain Routing (CIDR) was

created.

 It allows the aggregation of contiguous blocks of Class-C addresses

into larger networks.

 Whereas subnetting is the division of networks into smaller units,

supernetting is the combination of smaller networks into larger ones.

 It is important to remember that only contiguous blocks of Class-C

addresses can be supernetted.
Supernetting: CIDR
 Typically, a router knows how to interpret an IP address by
looking at the prefix (first two bits). This indicates whether
it is Class-A, Class-B, or Class-C.

 In turn, the class of the network determines how many of

the bits are network number bits and how many of the bits
are host number bits.

 CIDR-capable routers do not use this system. Instead they

explicitly store the number of bits used to name the
network in the router.

 This enables them to view several contiguous Class-C

networks as a single network.
Supernetting: CIDR
 For example, if we consider the 16 Class-C networks in the range of
192.4.16 through 192.4.31, we will find that they share the same 20-bit
prefix:

 1100 0000.0000 0100.0001

 So, if we know that we are using CIDR routing, we AND the IP

address with a mask that has 20 1’s, followed by 0s. If the result
matches the network number, the packet gets forwarded to that
address.

 It is important to note that it is possible for some network numbers to

be substrings of others. To avoid ambiguities, the largest matching
network number is used.

 Once the backbone gets the packet to the right network, it can be
subnetted and handled by the intra-domain routers as usual. (Thus,
Classless InterDomain Routing
Supernetting: CIDR

Width Network Number Next Hop

20 11000000.00000100.0001 Interface 0
23 11000000.00001000.0000111 Interface 1
17 11000000.00001000.1 Interface 2
Supernetting: CIDR
 CIDR was actually intended as a quick fix to solve the
addressing crisis until IPv6 was finalized and deployed.

 IPv6 increases the address size form 32-bits to 128-bits

and streamlined some other issues (such as eliminated
fragmentation and reassembly)

 Unfortunately, CIDR has been widely adopted – and IPv6

deployment has proven to be very, very slow.

 CIDR “is here and now” – but IPv6 is not compatible with
IPv4 which generates a big migration problem.
How Does a Router Know Where
to Send a Packet?
 So, a router sees an IP packet with a particular address. It
can parse this address and determine what network it
should go to. How does it know where to send this packet?

 In thinking about this question, please remember that the

two networks may not be directly attached – there may be
one or more intermediate networks.

 Please also remember that there might be more than one

possible path between the two – and they may be of
different qualities.
Answer: It Consults a Table
 The superficial answer to this question is that it consults a special
table, called a forwarding table.

 This table contains a mapping from network number to outgoing

interface (network card) and MAC address of the “next hop” (next
router along the way).

 The router simply looks up the network number in the packet’s

destination address and sends it on its way.

 Once there, the next router will do the same thing, until it arrives at the
right network, where it will be passed down to the data link layer and
ultimately the physical layer for delivery.

 But, this answer just begs the question, “Where does the forwarding
table come from?”
Answer: From Another Table
 The forwarding table is a subset of another table called the
routing table.

 The routing table is a super-set of the forwarding table. In

addition to the network numbers and MAC addresses of
other routers, the routing table contains other “accounting”
information that is used to determine the “best route” and
build the forwarding table.

 The two tables are separate, because the forwarding table

needs to be very fast. As a consequence, it needs to be as
small as possible.

 Okay, so again, we find ourselves asking the question,

“Where does this [routing] table come from?”
Answer: By Talking With Other Routers
 The routing table is built by exchanging information with
other routers.

 The goal of this exchange is to “map out” the network.

 Each router wants to know who it can talk to directly, and

who those routers can talk to.

 In the end, it can get a packet to any host that it can talk to
directly and, it can get to other networks by asking other
routers to act as “middle men” and deliver packets for it.

 By talking with other routers it can build the routing table

– the collection of routes, including those through other
routers, to different networks.