Well, to be blunt, itās something you probably never need to knowĀ about. Sure, you may have to enter oneĀ into a router configuration, butĀ itās typically something youāll be given without needing to know exactly what it means.
You want to know anyway, donāt you? Fair enough.
A subnet mask is just a nifty way to define sub-networks. Besides being completely unhelpful, that definition actually opens up a slightly larger can of worms.
Become a Patron of Ask Leo! and go ad-free!
Phone numbers
Iām going to use phone numbers as an analogy. Itās an imperfect comparison, but I think itāll help make theĀ point.
In North America, phone numbers are 10 digits long, and consist of threeĀ parts 1:
|
So: what we take for granted as a 10-digit āphone numberā isĀ really a construction of three distinct numbers, each with a specificĀ meaning.
Internet addresses
Now letās look at the internet.
You already know that each computerĀ connected to the internet has its own equivalent of a phone number, calledĀ its Internet Protocol, or IP āaddressā. Names, likeĀ āaskleo.comā, actually map to these numeric addresses, such asĀ ā50.28.23.175ā³.
Each network administrator assigned a range of IP addresses is free to create subnets to divide things within that rangeĀ and to define how large they are.
Itās the subnet maskĀ that defines how big a part of the internet address is to be used as theĀ subnet number.
Unfortunately, this is also where we have to start thinking likeĀ computers, meaning we needĀ to think in binary.
Basic subnet mask examples
Weāll use these addresses:
1) 164.109.28.3Ā Ā Ā [binary: 10100100Ā 01101101Ā 00011100Ā 00000011] 2) 164.109.27.233Ā [binary: 10100100Ā 01101101Ā 00011011Ā 11101001] 3) 164.109.139.4Ā Ā [binary: 10100100Ā 01101101Ā 10001011Ā 00000100] 4)Ā 50.28.23.175 Ā [binary: 00110010 00011100 00010111 10101111]
A subnet mask is a binary number (usually expressed in decimal, like an IP address) whose digits are set to 1 to indicate the positions ofĀ an internet address that should be āpaid attention toā as the subnet.Ā Conversely, itās set toĀ zero for that portion of the address that defines the specific computer onĀ that subnet.
For example. letās look at this subnet mask:
255.0.0.0
In binary, thatās:
11111111 00000000 00000000 00000000
Now compare that with the four IP addresses I listed above, and only pay attention to that portion of the IP address where the subnet mask is a 1.
Youāll notice that the subnet mask is only set to one for the binary digits that correspond toĀ the first number of the IP address. With this subnet mask, the IP addresses that begin with ā164ā are all on the same subnet, and the one beginning with 50 is not.
That could mean that a router would route traffic for all the 164. addresses one way and the traffic for the 50. address another ā all by paying attention only to what the subnet mask indicated was significant.
Advanced subnet mask example
As internetĀ traffic approaches its destination, itās common to useĀ subnet masks to further refine how things are divied up on the network.
Letās look at this subnet mask:
255.255.128.0
or in binary:
11111111 11111111 10000000 00000000
The ones in the first two groups of eightĀ binary digits are all set, which means that each of the first two numbers in a decimal IP address would be āpaid attention toā.Ā But that third group of eightĀ only has a single one. That means only a part of the third number is significant.
Letās look at our first three example IP addresses again:
1) 164.109.28.3Ā Ā Ā [binary: 10100100Ā 01101101Ā 00011100Ā 00000011] 2) 164.109.27.233Ā [binary: 10100100Ā 01101101Ā 00011011Ā 11101001] 3) 164.109.139.4Ā Ā [binary: 10100100Ā 01101101Ā 10001011Ā 00000100]
Iāve highlighted the portions of the binary addresses that this subnet mask tells us we need to āpay attention toā. With that highlighting, itās easy to see that the highlighted portions of the first two IP addresses are identical ā theyāre on the same subnet. The third is different, albeit only in that last binary digit. Thatās enough ā itās in a different subnet than the Ā first two.
Your subnet mask
Chances are, if youāre using a traditional consumer router of some sort, you have a very simple network configuration and subnet mask.
If youāve ever looked at your IP configuration by running āipconfigā in Windows Command Prompt, it probably included informationĀ like this:
IPv4 Address. . . . . . . . . . . : 192.168.0.83 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.0.1
If we apply the rules weāve talked about so far, the subnet mask used here ā 255.255.255.0 ā tells us a couple of interesting things:
- All IP addresses encountered on this network that begin with ā192.168.0.ā are on the same subnet.
- Thus, all devicesĀ with IP addresses beginning with ā192.168.0.ā are on our local network. The router doesnāt need to touch the internet at all when dealing with IP addresses like this.
- Conversely, IP addresses that do not begin with ā192.168.0.ā are not in the same subnet, are not on our local network, and the router must reach out to its external connection ā the internet ā to send data destined for them.
The āDefault Gatewayā? Thatās the IP address of the router itself on our local network, also within the same subnet.
Subnet masks: why care?
All this brings us to an even more relevantĀ question:Ā why should we care?
Normally, you donāt. Thereās little, if any, reason for the average consumer to know about subnets, subnet masks, and routing. Networking is more than complex enough as it is. If you ever need it, youāll either be told what network maskĀ to type in to some configuration, it will default to the right thing, or a network engineer or technician will set it up for you.
With that pressure out of the way, subnets and subnet masks are all about routing āĀ specifically, making sure that the information you send from your computer makes it to the intended destination computer, and vice versa.
When information flows across the internet,Ā it flows through equipment called routers. Routers look at theĀ IP address the information is destined for, and decide the best way toĀ get it there. A subnet is a quick way to know where the informationĀ belongs. For example, a packet from our example #1 to example #2 is on theĀ same subnet, so a router can take advantage of that information, know that itās ālocalā, and not sendĀ the packet anywhere else. A packet from #1 to our example #3, however, is probablyĀ destined for a computer on a different subnet, and the router handlingĀ that packet will know to send it along a different path to get there.
To use our telephone analogy again, if Iām in Duvall, making a callĀ on my 788-xxxx telephone to another 788-xxxx telephone, then the phone equipmentĀ knows that it doesnāt have to try anywhere else ā it all happens withinĀ the Duvall exchange. On the other hand, if I try to call a 483-xxxx number, thenĀ the 788 exchange needs to route my call to other equipment within my areaĀ code that knows how to find the 483 exchange.
As you can imagine, Iāve only scratched the surface here. Networking and the internet are incredibly complex.
Do this
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
I'll see you there!
Best explanation Iāve ever seen on the subject!
I just now went from āwhat the heck is that all about, letās just use 255.255.255.0ā to āAHA.. Now I get it !!ā (but will for now still use 255.255.255.0 :-) )ā¦
Thank you so much for clearing this up ;-)
can u help, im tryin to set upmy xbox live and its askin me 4 my subnet mask .how do i find this
Iād need to know a lot more about your network setup, but 95% chance itās 255.255.255.0.
Good. All the other places confused me
according to the tech guy at verizon my āppp subnet maskā has been changed to all 255ās by what he refered to as a fragment of some sort of spyware, now my computer apparently tries to log onto itself and after a few minutes my internet just crawls because of the lag. is there any way i can change that subnet mask back to another figure, the other two subnets are set to 255.255.0.0.
any help would be appreciated
i like this site
tell me how to devise subnet? thanks
What is a subnet mask. How we define it and whz it purpose in network.
Hi. I am supposedly on a two computer network in my home, but have a subnet mask address. Does this mean there is at least one other computer involved? I ask because I believe that there is another one involved in a situation where my internet activities are actually being monitored from a computer outside my home.
Your explanation was the only one of the ones on the internet that I could understand. Thank you for using the analogy.
Thereās always a subnet mask, so seeing one doesnāt really tell you anyting about the presence of any other computers on the network.
This may be the wrong thread for this, butā¦.
This is the analogy I use for people when I try and explain ip addysā¦ Lets use the default ip for home networks, 192.168.1.1, and actual street addresses as an example.
192 = the country you live in
168 = the state you live in
1 = the city you live in
the second 1 = your actual street address
If you have an address of 192.168.1.1 and you send a letter to your neighbor, they would (theroiectily) have an ip address of 192.168.1.2
When the mail man picks up your letter to deliver it (acting like a router), he would look at the ip addy and see that the address is on the same street, so there would be no need to take it back to the office and send it to the recipientā¦ He could simply walk next door and drop it off himself and it would get there very fast.
If you were sending a letter to the next city over, but they have the same street address as youā¦ say 192.169.1.1 the mail man (router) would know to bring the letter back to the office and ārouteā it from there to the next city over and in turn, to the actual street address.
So on and so on up the line for country (192) and state (168).
Thatās the best way Iāve found to explain it. Bringing dynamic ipās (mobile homes) into the picture makes things a little more difficult.
hi iām just getting into subnet masking, but i still donāt get it, is there any where which explainās this in a more simple way
thanks
Just read it again. slowly. Let it sink in.
We have a dsl service that splits in our home and my husband uses one and myself the other on my computer for internet access. When I click on the icon it shows me surrounding area wireless users. Some with Secure Access and others with Unsecure access. In a discussion with neighbors, there is a concern that someone can get access into the computer by somehow overriding the subnet mask (router #ās). Is that even possible and should we be concerned or take any precautions to prevent it?
They donāt even have to play with the subnet mask. An unsecured wireless network can be used by anyone close enough to get a signal.
In cases like that, I strongly suggest enabling WEP, or āWired Equivalent Privacyā on your wireless networks. It takes a little doing, and education.
hi mike. if what you said is true you live very close to me because my ip address is 192.168.0. not saying the rest. and my friend had 192.168.1. not telling rest but we live in the same town. i dont think that the third number means city.
192.168 mean that youāre behind a router, and could be anywhere on the planet.
Mike was just using it as an example, he didnāt mean specificly that IP addresses implied physical location to that degree.
How do I find my subnet mask. Iām trying to ser up a router?
On the internet side, itās something you should get from your ISP.
here is free subnet calculator- find your subnet in a snap!!
http://www.wildpackets.com/products/free_utilities/ipsubnetcalc/overview
That tool will not tell you what your subnet should be. Itās simply a calculator that assists in determining the values to use. You still need to know, and enter, the details of your network configuration by hand ā¦ including what the subnet characteristics are.
i can prevent users accessing my computer using firewall settings for IP address and a subnet mask.
does that mean i can use the subnet mask to limit access to certain geographic areas ?
dear sir how can i calculat the subnet mask and what would be the subnet mask of the following Destination Addresses
182.220.10.4
121.10.3.4
140.10.34.30
164.9.2.1
220.64.32.4
92.1.3.8
waiting for your positive response.
best regards
Hi sir it is very nice but u can explen it. very esy way plz. how to we caluculet very esy way plz explen sir.
tanks
somu
Hi,
I need to find my IP-adress, Subnet Mask, Gateway, Primary DNS and Secondary DNS of my router to make a wireless connection. can you help me find em?
To find your IP-adress, Subnet Mask, Gateway, Primary DNS and Secondary DNS, do the following
click START -> RUN -> (type cmd in the text box on the RUN, click OK!) -> ipconfig /all (type it in the command prompt!)-> you got what you wanted!
how do i get my primary and my secondary dns
If you have a dynamic IP address, they should be set up automatically. Otherwise you get them from your ISP.
Leo, you ROCK!!!!
You just saved me a ton of headaches with the ipconfig /all tip!!
Thanks so much!!!
Thank you SO MUCH for the DOS helpā It saved me HOURS of time on the phone with my ISP!
i still dont know how to find my subnet mask on my labtop after i did all of these
Leo, how will you determine the number of possible subnet masks available and the number of possible hosts available on the subnetwork?
How do i easily convert binary numbers to decimal, vice versa. I can do with my calculator, but have no clue how to manually. I googled it, but I just canāt understand it.
Subnet is broken down into 4 parts called octets (255.255.255.255) each 255 is an octet. Each octet is broken down into 8 bits which are either turned on (1) or off (0). Here is where 255 comes from: (8 bits) 1 1 1 1 1 1 1 1 <ā 8 bits all turned on, still following? The bits break down like this 128 64 32 16 8 4 2 1 <ā breakdown of what the bits stand for, still following? All bits turned on = 128 + 64 + 32 + 16 + 8 + 4 + 2 + 1 = 255 If the subnet mask was 255.255.255.248 the bits would look like this 11111111.11111111.11111111.11111000 (128 + 64 + 32 + 16 + 8 = 248) you donāt need the last three bits so they are turned off. Hope this helps, Iām not a teacher but this is the best I could do to try to explain it.
I just bought a router and its asking me for my IP address, Subnet mask, Gateway, and DNS1 and DNS2. Could you help me find those?
Normally thatās all information the router will get automatically from your ISP, OR your ISP will have to provide to you.
how do i find my subnet mask, gateway, and dns settings for my internet
āāBEGIN PGP SIGNED MESSAGEāā
Hash: SHA1
Ask your ISP.
Leo
āāBEGIN PGP SIGNATUREāā
Version: GnuPG v1.4.6 (MingW32)
iD8DBQFGES5vCMEe9B/8oqERAhTTAJ99A8kNbPIZTLJwlU2MuD1AVcpp8wCdHN8H
UuwQ3kTSohohCWprzH7OzPI=
=KWce
āāEND PGP SIGNATUREāā
im compltely and thourly confused how do u get from having the 3 ip adress and the subnet mask to tell that their on the same subnet?
is it just b/c the the first number in the 3rd octet for #1 and 2 is 0 while on #it starts w/ 1?
Basicly what im asking is u said āIf we do the masking and converting and other what-have-you, ā at one part. could u show what the āconverting and other what-have-you,ā b/c i basily have to be able to do a few wxample problems like this for my class and i have no clue what u did
I think itās about using AND logic operator on every bit. 1*1=1, 0*1 = 0, 1*0=0, 0*0=0. Apply this on both ip#1 and ip#3 and see that results are different. In other words, the bits on 1 in the subnet mask says where the received packet address should be the same with the local address.
how do i get to know what my subnet mask is and my gateway is
quit good info keep it up leo
Is the network mask the same as the subnet mask ?
Open a command prompt and type
ipconfig /all
this will tell you or IP settings, default gateway IP, etcā¦
where can i find the sub mask, gateway, the dns1 and dns2 at please help
11-Oct-2008
im very confused with your explanation of subnet masks if i provide you my ip address could you please work out my subnet mask 78.145.35.16. thank you very much.
14-Oct-2008
Thank you for this! Iām in CCNA, and Iāve known how to subnet, and how to do the number crunching, but I just couldnāt figure out what the mask actually DIDā¦Pretty bad, I know. Awesome tutorial though, pretty sure I understand now
good info indeed..but im pretty much confuzd on the binary numbers how do u convert into those?
how do i find my subnet mask number. iām trying to log onto my router and i need my subnet mask number, gateway, dns 1 and dns 2 numbers
PLEASE HELP!!!
[email address removed]
āThe day you stop learning is the day you start becoming obsolete.ā
Thank you Leo for taking the time to shed some Light on these,[Quote]ā¦translation; the internetās a complicated world. [/Quote]
So true.
And I also thank you for the links U provided 4 further reading on,,,
A+
Luc from Montreal, Qc, Canada
A man TQ i undustand this but i want how to claluc
Onbard a boat, I have multiple computers connected to the Lan side of a Router (192.168.133.241/ 255.255.255.240 DHCP on 242-250) and a wireless Bridge (DHCP off) connected to the WLAN side of the Router (DHCP client from whoever the Bridge connects with on land). I want the computers on the Lan side of the Router to have access to each other, to the internet (through the WAN port to the Bridge) and (HERE IS THE PROBLEM) to the BRIDGE itself (currently 192.168.133.192 on the router side. Except for the last step all of this works properly.Please help
I have one that says canāt find network location.
how do i find my subnet mask number. iām trying to connect my sons x-box onto my router and i need my subnet mask number and gateway
PLEASE HELP!!!
Linda (āhow do i find my subnet mask numberā):
If using Windows VISTA just click once on the little circle in the lower left corner.
Then in āstart searchā type RUN.
It will prompt āopenā type CMD.
That will prompt a DOS window.
Type: IPCONFIG
Press Enter and all your info will appear.
In Windows XP
just click once on the little START button in the lower left corner.
Then click on RUN.
It will prompt a DOS window.
Type: IPCONFIG
Press Enter and all your info will appear.
Good Luck
An IP range is given for exemple 10.110.5.248/32. This means??? Helpā¦.
A small detail:
With a subnet mask of 255.255.255.0 any IP address beginning with 192.168.0 is an address that is defined as being in private address space.
That is why it is part of our local network. Addresses in private address space will never be assigned to any organization.
Thatās actually independent of the subnet mask. IP address ranges beginning with 192.168, as well as the 10.x.x.x and the 172.16.0.0 ā 172.31.255.255 range are all defined as private/local and would never appear on the open Internet.
Isnāt that a typo, Leo? I believe you meant 192.168 not 168.192. As a friend of mine used to say āI used to be dyslexic, but now Iām KOā (smiley)
You caught it, itās fixed now.
It seems to me that with a subnet mask of 255.0.0.0, 192.168.x.x is not a local address but a good IP address.
The 192 being a good Network address, and the 168.x.x being the host address.
Am I looking at this wrong?
Iām not really sure what youāre saying. 192.168.x.x is, always, a private IP address you would never see in the internet. 192.168.x.x with a subet mask of 255.0.0.0 simply means that anything starting with 192 is local to the device configured with that mask (or included in whatever that device is configured for).
Mohammad was trying to get Leo to do his homework for him.
Leo, I have worked in computing since 1967 and that is the BEST (and the MOST understandable) explanation of subnet masks I have ever seen.
BRILLIANT! (as usual) ā THANK YOU!
The mask divides the IP address into the network portion and what is left over for host addressing.
It does this by all using those numbers which tends to cause confusion.
Hi Leo, thanks for making so much of this so easy to grasp! The part that confused me was where you gave the example of 255.255.128.9 and wrote, āThe ones in the first two groups of eight binary digits are all set, which means that each of the first two numbers in a decimal IP address would be āpaid attention toā. But that third group of eight only has a single one. That means only a part of the third number is significant.ā Would that type of subnet mask ever exist? I have only ever seen where 255 & O were used for the octetsā¦ THANKS!!
First off thatās 255.255.128.0, not 9. But absolutely. In fact ANY value can be used in some very bizarre networking scenarios. Very commonly, though, (and thinking in binary) the values that represents some number of 1ās all set beginning at the left are very common. 128 in binary is 10000000.
So Leo -is it possible for someone to change something in the subnet mask that allows them to receive all your e-mails ( you still receive them too) to spy on you or like a hack to get important information about you. History on spouses phone show attempts to alter the subnet mask, is this him attempting to change this or outside hack attempt?
No. An improperly set network mask would only result in network confusion.
Leo, a simply magnificent explanation of the subnet process using IPv4. How about an update on the subnet process using IPv6 since they are close to running out of IPv4 addresses. Lots more to play with there.
Hey Leo, thanks for the article!
What happens when I need to communicate to an IP address outside of my network that shares an IP with something on my LAN? So, say my printer is 10.49.2.13 but a website I want to access is also 10.49.2.13. Does this kind of thing happen?
Thanks!
That couldnāt happen. IP addresses outside of a local area network (LAN) are unique. The IP address of a device in a LAN canāt have the same IP number as a site on the internet. There is a set of internal IP numbers reserved for use within a LAN. For example, your printer may have the same internal IP address a somebodyās computer within their LANk, but those would be invisible outside their LANs and your computer could only see the IP address of the router controlling that LAN.