Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Creating Network/Subnets from Existing Network


  • Please log in to reply
11 replies to this topic

#1 GG49

GG49

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 07 March 2018 - 06:35 PM

Hi all,

I am trying to create two network/subnets divised from an existing main network address.

For instance, the network address is 192.168.16.0
The mask is: 255.255.255.0

How would I go about doing this? I want the two subnet to be on the Network Address, but in their own separate division from the main network address.

Also from creating the subnets, would the mask change from 255.255.255.0 to another number or would that stay the same as the initial mask?



BC AdBot (Login to Remove)

 


#2 Orecomm

Orecomm

  • Members
  • 261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roseburg, Oregon
  • Local time:10:46 PM

Posted 08 March 2018 - 10:33 AM

There are a couple of pieces to this puzzle. One is that you will need a router to get between the two networks, make sure that's in the plan. As for splitting the network, the mask is the key - it determines how many hosts are in each subnetwork. If you want your current network of 256 addresses split down the middle into two subnets of 128 each you would use a mask of 255.255.255.128, also known as a /25, because in binary notation it is 25 consecutive 1's followed by 7 0's in the 32 bit mask field. This means there are up to 128 (0-127) addresses available for hosts (two of those, 1111111 and 0000000, are reserved for broadcast use and not generally usable as a host address, leaving 126 actual hosts.) 

So, just changing the mask on every device on the subnet will cleanly split it, and suddenly anything with an address above 128 won't be able to talk (using TCP/IP V4) to anything with an address below the line without going through a router. Using your example the addresses 192.168.16.0 to 192.168.16.127 would be one subnet, with .0 and .127 reserved, using a 255.255.255.128 (/25) mask, while 192.168.16.128 to 192.168.16.255 would be the other, with .128 and .255 reserved. If your router is normally at .1 your second router port would probably be a .129, and your gateways would have to change on the upper range to match. Most routers will automatically add a route between attached interfaces, but in some cases you may need to add it or set firewall rules, depending on the router.

 

There are many good tutorials on subnetting out there (search for "Subnet Tutorial"), and if the above sounds like some foreign language I'd really recommend you peruse a couple until it starts to sink in. It's not all that difficult, but you have to get your head wrapped around thinking in binary (which IP doesn't help by converting to dotted decimal format - it's much easier to teach subnetting with just 0's and 1's).



#3 GG49

GG49
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 08 March 2018 - 08:37 PM

There are a couple of pieces to this puzzle. One is that you will need a router to get between the two networks, make sure that's in the plan. As for splitting the network, the mask is the key - it determines how many hosts are in each subnetwork. If you want your current network of 256 addresses split down the middle into two subnets of 128 each you would use a mask of 255.255.255.128, also known as a /25, because in binary notation it is 25 consecutive 1's followed by 7 0's in the 32 bit mask field. This means there are up to 128 (0-127) addresses available for hosts (two of those, 1111111 and 0000000, are reserved for broadcast use and not generally usable as a host address, leaving 126 actual hosts.) 

So, just changing the mask on every device on the subnet will cleanly split it, and suddenly anything with an address above 128 won't be able to talk (using TCP/IP V4) to anything with an address below the line without going through a router. Using your example the addresses 192.168.16.0 to 192.168.16.127 would be one subnet, with .0 and .127 reserved, using a 255.255.255.128 (/25) mask, while 192.168.16.128 to 192.168.16.255 would be the other, with .128 and .255 reserved. If your router is normally at .1 your second router port would probably be a .129, and your gateways would have to change on the upper range to match. Most routers will automatically add a route between attached interfaces, but in some cases you may need to add it or set firewall rules, depending on the router.

 

There are many good tutorials on subnetting out there (search for "Subnet Tutorial"), and if the above sounds like some foreign language I'd really recommend you peruse a couple until it starts to sink in. It's not all that difficult, but you have to get your head wrapped around thinking in binary (which IP doesn't help by converting to dotted decimal format - it's much easier to teach subnetting with just 0's and 1's).

 

Hi, thanks for the response.

 

What I have is the main building network which is 192.168.16.0 but I need to divide from this current network into two more networks. Basicually, i'm trying to set up what would be for an office/business space with x amount of floors with two designated places. Yes the potential host amount would be 254 because of subtraction for the reserved network and broadcast address. I see how the IP addresses could split with the 255.255.128 mask, but they also need to still have access the main building network without being their own complete networks. 

 

Such as 192.168.16.0-192.168.16.10 (10 PC) but, since they are a division of the existing network, wouldn't it be something like 192.168.17.0-192.168.17.10 for the splitted subnetwork? Also, wouldn't the mask change as well based upon the new subnetworks?   



#4 Orecomm

Orecomm

  • Members
  • 261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roseburg, Oregon
  • Local time:10:46 PM

Posted 09 March 2018 - 01:02 AM

OK, so if I read right, you want the main building network to remain, and add two new subnetworks in the same address space? If this is the case, here is one possible scenario:

 

Main building network 192.168.16.0-192.168.16.127     mask 255.255.255.128 (/25)  router 192.168.16.1     allows 126 hosts

New network A:           192.168.16.128-192.168.16.191  mask 255.255.255.192 (/26) router 192.168.16.129  allows 62 hosts

New network B:           192.168.16.192-192.168.16.255  mask 255.255.255.192 (/26) router 192.168.16.193  allows 62 hosts

 

If you don't need to stay in the same address space as the existing network you could create the new networks with any valid network address block and mask, but you still need a router to get between subnets. 

 

One thing in your message is a bit off, though. You mention that the new networks "need to access the main building network without being their own complete networks". Can you explain this a bit please? A subnet is a complete network, by definition. There are only two levels in the IPV4 address scheme, either you are a network or you are a host. "Subnet" is only a syntactical construction generally taken to mean a network formed by partitioning a larger address space (usually owned by one administrative authority) into smaller address spaces, each of which becomes a network with a smaller number of hosts (by a factor of a multiple of 2) than the original allowed. Once you have created multiple networks the only way to get between them is to Inter-network, aka Route, between them. There are other ways to segregate systems such as on a campus using bridging and simply administratively controlling host address assignments to make them match the building (or organizational) layout, but this does not involve creating new networks or splitting existing ones. No router is needed because all of the hosts are still on the same broadcast domain, i.e. the same network as seen by IP.



#5 GG49

GG49
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 09 March 2018 - 08:06 PM

OK, so if I read right, you want the main building network to remain, and add two new subnetworks in the same address space? If this is the case, here is one possible scenario:

 

Main building network 192.168.16.0-192.168.16.127     mask 255.255.255.128 (/25)  router 192.168.16.1     allows 126 hosts

New network A:           192.168.16.128-192.168.16.191  mask 255.255.255.192 (/26) router 192.168.16.129  allows 62 hosts

New network B:           192.168.16.192-192.168.16.255  mask 255.255.255.192 (/26) router 192.168.16.193  allows 62 hosts

 

If you don't need to stay in the same address space as the existing network you could create the new networks with any valid network address block and mask, but you still need a router to get between subnets. 

 

One thing in your message is a bit off, though. You mention that the new networks "need to access the main building network without being their own complete networks". Can you explain this a bit please? A subnet is a complete network, by definition. There are only two levels in the IPV4 address scheme, either you are a network or you are a host. "Subnet" is only a syntactical construction generally taken to mean a network formed by partitioning a larger address space (usually owned by one administrative authority) into smaller address spaces, each of which becomes a network with a smaller number of hosts (by a factor of a multiple of 2) than the original allowed. Once you have created multiple networks the only way to get between them is to Inter-network, aka Route, between them. There are other ways to segregate systems such as on a campus using bridging and simply administratively controlling host address assignments to make them match the building (or organizational) layout, but this does not involve creating new networks or splitting existing ones. No router is needed because all of the hosts are still on the same broadcast domain, i.e. the same network as seen by IP.

 

Hi,

 

Yes what I meant is that they are derived from the main building network 192.168.16.0/24 address but split into 5 subnets afterwards.

 

Sorry for the confusion, but it would be 1 subnet per floor which would total 5 floors divided between 1 user space and 1 admin space for each floor.

 

Most subnets are split evenly with even numbers so the last 5th floor is what is throwing off the calculations since it would split up evenly up to 4. 

 

Thank you for your responses too, you've been a good help



#6 Orecomm

Orecomm

  • Members
  • 261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roseburg, Oregon
  • Local time:10:46 PM

Posted 10 March 2018 - 10:05 AM

OK, so the practical subnet splits available from a single /24 (255.255.255.0) yield:

256 addresses (/24) 1 network

128 addresses (/25) 2 networks

  64 addresses (/26) 4 networks

  32 addresses (/27) 8 networks

  16 addresses (/28) 16 networks

   8 addresses (/29)  32 networks

   4 addresses (/30)  64 networks

These can be arranged in any manner that adds up to less than the total addresses available, as long as you can arrange them from largest to smallest block (i.e. you can't put a single /30 between two /28's)

So your five networks, if all equal size, would require you to define 8 networks of 32 addresses each (/27), because that's the next split "up" from 4 networks (/28). You could combine two of the 32's into a single 64 for the main building, leaving one 32 host block "wasted" for the moment (unless you needed another 64 host block).

 

This is all much easier to explain with a whiteboard or (my favorite) a box of Legos, let me know if it's not clear and I will try again. 



#7 GG49

GG49
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 10 March 2018 - 10:27 AM

OK, so the practical subnet splits available from a single /24 (255.255.255.0) yield:

256 addresses (/24) 1 network

128 addresses (/25) 2 networks

  64 addresses (/26) 4 networks

  32 addresses (/27) 8 networks

  16 addresses (/28) 16 networks

   8 addresses (/29)  32 networks

   4 addresses (/30)  64 networks

These can be arranged in any manner that adds up to less than the total addresses available, as long as you can arrange them from largest to smallest block (i.e. you can't put a single /30 between two /28's)

So your five networks, if all equal size, would require you to define 8 networks of 32 addresses each (/27), because that's the next split "up" from 4 networks (/28). You could combine two of the 32's into a single 64 for the main building, leaving one 32 host block "wasted" for the moment (unless you needed another 64 host block).

 

This is all much easier to explain with a whiteboard or (my favorite) a box of Legos, let me know if it's not clear and I will try again. 

 

Yes the other problem is either wasted IP's or not enough IP's. The constraint though is that there are 50 machines per floor so there has to be enough IP's available to cover this amount as well...8 networks would have worked but that covers only 32 addresses per room (minus 2 so leaving 30 technically) and the last floor would be missing.

 

I like the idea of combining...It is strict for only 1 subnet use per floor though so multiple subnets in a single floor is a no go.


Edited by GG49, 10 March 2018 - 10:38 AM.


#8 Orecomm

Orecomm

  • Members
  • 261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roseburg, Oregon
  • Local time:10:46 PM

Posted 10 March 2018 - 11:08 AM

So if you have 250 devices across 5 floors, and each subnet eats two addresses for broadcast, even if you could somehow subnet to 52 host addresses you would need 260 available addresses, and you only have 256. You are going to need another address block. Since you are using 192.168.16.0/24 now, do you have 192.168.17.0/24 and/or others available? Are you limited to just one /24 block? If not, I'd just assign a separate /24 to each floor and be done with it. More room for expansion and less confusion. You are going to need to route between floors in any case. You might as well keep it as simple as possible.



#9 Orecomm

Orecomm

  • Members
  • 261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roseburg, Oregon
  • Local time:10:46 PM

Posted 10 March 2018 - 11:17 AM

If you are looking at two subnets per floor, one admin and one user, the two don't have to be the same size. So you might use a /27 (32 addresses) for Users and a /28 (16 addresses) for Admin. You'd have five User /27's, one per floor, and split the remaining 3 /27's into 6 /28's for your admin space, so you have one for each floor and only one block of 16 addresses "left over".  This still doesn't solve your total number of addresses problem, though.



#10 GG49

GG49
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 10 March 2018 - 12:07 PM

So if you have 250 devices across 5 floors, and each subnet eats two addresses for broadcast, even if you could somehow subnet to 52 host addresses you would need 260 available addresses, and you only have 256. You are going to need another address block. Since you are using 192.168.16.0/24 now, do you have 192.168.17.0/24 and/or others available? Are you limited to just one /24 block? If not, I'd just assign a separate /24 to each floor and be done with it. More room for expansion and less confusion. You are going to need to route between floors in any case. You might as well keep it as simple as possible.

 

Yes the only network address to work with is from the 192.168.16.0/24 for the entire building (which is the main network address). There are 250 devices in-use with 4 left over (Max amount 254, not including 2 broadcast). I believe we are limited to the network address mentioned above, but we cannot have more than 1 subnet per floor. 

 

I'm curious about the 192.168.17.0/24...it sounds like it's for another /24 block though which we don't have.

 

What I had charted originally was using a /27 to fill the requirement for five subnets but this is only 30 addresses per floor. You mentioned earlier about combining a subnet...if I can combine a subnet to produce 1 subnet via floor it might work...

 

Also the amount of machines available for admin and user will be same... such as 19 for the admin and 31 for the users...but the total machines will be 50 per floor.


Edited by GG49, 10 March 2018 - 10:07 PM.


#11 GG49

GG49
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 11 March 2018 - 04:41 PM

After talking to owner I have been able to resolve the issue now since we would run out of space with the constraint...they have decided to postpone the other 25 machines until demand goes up...



#12 Orecomm

Orecomm

  • Members
  • 261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roseburg, Oregon
  • Local time:10:46 PM

Posted 11 March 2018 - 09:29 PM

The 192.168.0.0 through 192.168.255.255 addresses are reserved for private use, so unless your company has an address plan that uses all of the rest of the address block you have up to 255 /24 subnets to play with. There are also other reserved address blocks, 10.0.0.0 to 10.255.255.255 and 172.16.0.0 to 172.31.255.255, reserved for use on private networks. These cannot (or are not supposed to be) routed through the Internet, so each user of these addresses has to use NAT or similar to translate them to a routable public address. You have a lot of address space as long as you can handle the NAT and needed routing internally. I've done this several times with large company or agency networks, with dozens of networks sharing a single Internet access link. 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users