Netmask

In connection with the IP address of a device, the network mask defines which IP addresses this device can reach in its own network without the aid of a router and for which target networks the device must deliver packets to a router for the purpose of further switching to other networks . The network part must be the same for all devices in the respective network and therefore all communication participants in this IP network usually use the same subnet mask (or prefix length). The device part of the IP address is assigned individually for each device within the network.

Regardless of the assigned IP addresses, network masks or prefix lengths are used for the representation of IP networks in routing tables and filter definitions both in routing protocols and in packet filters . However, some manufacturers of network components use the inverted form of the subnet mask here. The above device part is given in all binary digits with zero or omitted.

Analogy: In the case of a nationally valid telephone number, consisting of the area code and connection number, if all digits are written one after the other, there is no information about where the area code ends and the connection number begins. That is why the two parts are usually separated from each other by a separator (e.g. space) or the area code is put in brackets. This type of information is contained in the network mask or prefix length when specifying an IP network. In this analogy, the representation of an IP network corresponds to the specification of the mere area code.

presentation

Bits

A network mask is exactly as long as an IPv4 address, i.e. 32 bits . A 1 in the network mask indicates that the bit in the same position in the IP address is used for addressing networks. A 0 in the same position in the IP address indicates address information for the device part. The network part of an IPv4 address results from its bit-by-bit logical AND link with the network mask. After the bit-by-bit negation of the network mask, the device part is also disconnected.

example

With such a 32-bit wide network mask with 24 set bits, 8 bits remain and thus 2 ⁸  = 256 addresses for device parts. One speaks of a 24-bit network. Because the smallest address (all bits in the device part are zero) describes the network itself and the largest address (all bits in the device part are one) is reserved for the broadcast , they do not count among the addresses that are used by devices as host addresses . With a 24-bit mask, 254 addresses are available for addressing devices in this network.

IPv4

The notation of network masks such as IPv4 addresses is usually not in the dual system , but in the decimal system . Then the IP address of the above example is 192.168.1.129 and the netmask is 255.255.255.0 or / 24 for short. Thus the network part is 192.168.1 and the device part 129. The IP network can also be described as 192.168.1.0/24.

While the CIDR notation / 24 indicates the number of bits set in the network mask, in the dotted decimal notation the network mask is broken down into four octets , which are represented by decimal numbers. The decimal number 255 has the same value as the binary number 11111111, which corresponds to 8 bits set. In the example, 8 + 8 + 8 + 0 = 24 set bits result. An overview of all IPv4 network masks larger than / 8 in different notations can be found in the article CIDR .

Example 2: 172.16.0.0/16 and 172.16.0.0/24 differ in that the first network includes the IP addresses 172.16.0.1 to 172.16.255.254, while the second only includes the range 172.16.0.1 to 172.16.0.254.

IPv6

IPv6 uses a different network mask than IPv4 . The main differences are summarized in RFC 5942 (IPv6 Subnet Model).
With the prefix length for IPv6, the number of bits in the network part is simply written after the IPv6 address, separated by "/", as in the CIDR, for example 2001: 0db8: 85a3: 08d3: 1319: 8a2e: 0370: 7347/64. The prefix length in this case is / 64, the network 2001: 0db8: 85a3: 08d3: 0000: 0000: 0000: 0000/64 and the device part or interface identifier is 1319: 8a2e: 0370: 7347. This notation is also becoming more and more popular for IPv4.

A less plausible example is 2001: 0db8: 85a3: 08d3: 1319: 8a2e: 0370: 7347/57, the associated network is 2001: 0db8: 85a3: 0880: 0000: 0000: 0000: 0000/57 and contains the addresses 2001: 0db8: 85a3: 0880: 0000: 0000: 0000: 0000 to 2001: 0db8: 85a3: 08ff: ffff: ffff: ffff: ffff, some of which are also intended for special functions. The freely available tool sipcalc makes it easier to deal with poorly structured IPv6 networks :

$ sipcalc 2001:0db8:85a3:08d3:1319:8a2e:0370:7347/57
-[ipv6 : 2001:0db8:85a3:08d3:1319:8a2e:0370:7347/57] - 0

[IPV6 INFO]
Expanded Address        - 2001:0db8:85a3:08d3:1319:8a2e:0370:7347
Compressed address      - 2001:db8:85a3:8d3:1319:8a2e:370:7347
Subnet prefix (masked)  - 2001:db8:85a3:880:0:0:0:0/57
Address ID (masked)     - 0:0:0:53:1319:8a2e:370:7347/57
Prefix address          - ffff:ffff:ffff:ff80:0:0:0:0
Prefix length           - 57
Address type            - Aggregatable Global Unicast Addresses
Network range           - 2001:0db8:85a3:0880:0000:0000:0000:0000 -
                          2001:0db8:85a3:08ff:ffff:ffff:ffff:ffff

-

Prefix lengths as mesh sizes

The network mask (IPv4) or prefix length (IPv6) can also be understood as the size of an IP network, whereby larger prefix lengths mean smaller networks, since not as many bits are available for device parts.

Examples

More examples: All values .

See also

• Subnet
• Variable Length Subnet Mask
• Telephone code
• Traffic elimination rate

Specifications

• RFC 950 , Internet Standard Subnetting Procedure, 1985
• RFC 3021 , Using 31-Bit Prefixes on IPv4 Point-to-Point Links
• RFC 5942 , IPv6 Subnet Model

Web links

• IP network computer for IP address, network mask, broadcast address, Cisco wildcard mask, host area, sub and supernets
• Network Calculators

Individual evidence

1. ↑ Created: 04 Jan 2011-Last updated: 14 Mar 2019 - ipv4, ipv6: Understanding IP Addressing and CIDR Charts. Retrieved July 18, 2019 .