The easiest approach for subnetting across a network is to make all the subnets the same size – giving them all the same subnet mask. However this can be very inefficient if the number of hosts on each subnet differs. It can become a major problem if the size of subnet isn’t big enough for the number of hosts that we need on one of the subnets. In this case, we want to ‘borrow’ some host space from a subnet which has less hosts on it. VLSM (Variable Length Subnet Masks) enables us to do this by having subnets with different subnet masks. It can almost be thought of as subnetting a subnet.
Historically, networks were expected to use the same subnet mask throughout – every interface would have that mask. This is a classful address space. Because all subnet masks are the same, we don’t need to share the mask between the routers when we share routing information – if a network uses a classful address space of 192.168.0.0/24 and a router advertises a route to 192.168.101.0 then all the other routers just assume that this means 192.168.101.0/24. This is called classful routing and it does not support VLSM because there is no way for routers to communicate different sized subnets. The original Routing Information Protocol (RIPv1) is a classful routing protocol and therefore cannot support VLSM. Therefore if we want to use VLSM, we must implement a classless network design with a classless routing protocol which will include the subnet mask for all of the routes being advertises.
More efficient use of allocated IP address space
Multiple networks can be shared with a single ‘summary’ address. This reduces routing table size and makes route lookups faster.
EIGRP (Enhanced Interior Gateway Protocol): Yes
OSPF (Open Shortest Path First): Yes
With VLSM, we can assign different subnets different numbers of host bits in order to support different number of hosts. The blocks will still have to be a ‘power of 2’ size (e.g. 4, 8, 16 etc) and each subnet will still have 2 reserved addresses for the Network Address and the Broadcast Address.
If we are starting with a ‘Class C’, or /24 network, such as 192.168.101.0/24, then our subnets could range from two /25s to sixty four /30s or, using VLSM, some combination.
Host Bits (h) = 32 – Subnet Bits (Prefix) Block Size = 2 ^ h Hosts = 2 ^ h – 2
Remember that number of hosts is 2 less than the block size because of the Network Address and the Broadcast Address.
The following table shows possible VLSM block sizes within a /24 range.
|Prefix||Host Bits||Block Size||Hosts|
Although VLSM offers a more flexible approach to addressing, we must be careful which subnets we choose.
The network address, or subnet ID, for each subnet must have all host bits set to zero.
In other words, the subnet can’t just start anywhere you want.
The following could be a valid subnet within the 192.168.101.0 Class C network with VLSM.
Subnet: 192.168.101.64/26 Mask (/26): 255.255.255.192 Host Bits: 6 Block Size: 2 ^ 6 = 64 Supported Hosts: (2 ^ 6) – 2 = 62 255 255 255 192 Mask: 11111111 11111111 11111111 11000000 nnnnnnnn nnnnnnnn nnnnnnnn nnhhhhhh 192 168 101 64 Subnet ID: 11000000 10101000 01100101 01000000 192 168 101 127 Broadcast: 11000000 10101000 01100101 01111111 Address
Notice that all of the host bits (the last 6) are zero.
The following is not a valid subnet within the 192.168.101.0 network.
Subnet: 192.168.101.80/26 Mask (/26): 255.255.255.192 255 255 255 192 Mask: 11111111 11111111 11111111 11000000 nnnnnnnn nnnnnnnn nnnnnnnn nnhhhhhh 192 168 101 80 Subnet ID: 11000000 10101000 01100101 01010000
This is not a valid subnet because all of the host bits (the final 6 bits of the 3rd octet) are not set to zero: 010100000.
Subnet address ranges must not overlap.
If subnets did overlap then hosts on supposedly different subnets could have the same IP address. This would break the network as packets destined for one host could inadvertently be sent to a host sharing the same IP address. The router wouldn’t know which is the correct interface to send the packets out of. This can result in conditions such as not being able to ping across the network.
You can check for overlaps by listing the subnets in numerical order and comparing the broadcast address of each subnet with the network address (subnet ID) of the next subnet
Imagine we have a network with the following subnets but some hosts are having trouble reaching each other. We’re going to check to see whether any of the subnets overlap which could be causing the network issues.
Subnet A: 192.168.101.0/28
Subnet B: 192.168.101.16/28
Subnet C: 192.168.101.32/27
Subnet D: 192.168.101.64/26
Subnet E: 192.168.101.96/27
Subnet F: 192.168.101.128/25
Now we’re going to list them in a table and look for any subnets which begin before the previous subnet ends.
|Subnet||Subnet ID||Broadcast Address||Next Subnet ID|
Notice that the Subnet ID / Network Address of Subnet E, is lower than the broadcast address of Subnet D. Therefore we have an overlap. In this case, removing Subnet D from the IP addressing scheme will fix the problem. We may wish to split one of the larger subnets, such as Subnet F, to provide an additional subnet.
Summarization, also known as route aggregation, in VLSM is using a single address to describe multiple networks. Where a router has interfaces in multiple consecutive subnets, routing protocols can us summa-rization to advertise them using just one prefix which means that routing tables can smaller and therefore route lookups can be faster.
The summary is then given as the starting address of the summary block and the subnet mask that de-scribes the range – often written using CIDR notation.
We can manually generate VLSM summarizations with the following steps
Identify the consecutive networks we want to advertise
Select the largest blocksize which can describe them (and only them)
Add any networks that weren’t included in the block
Sometimes you can do step two just by looking at the group of addresses. Otherwise you can start with the smallest address spaces and combine them, gradually combining larger groups until you can combine any-more. Converting the addresses to binary can help identify the common host bits which can then be set to zeroes and ones to find the network and broadcast address. The network/subnet bits will give you the sub-net mask.
There are a couple of rules that we must remember when aggregating routes:
The advertised address must have all of the host bits set to zero.
The advertised network should not advertise addresses which you don’t have.
Rule 2 is relevant when the networks that you’re advertising don’t exactly fit a block size. For example, if you have 18 addresses, it could be tempting to use a summary with a block size of 32 addresses. However the additional twelve addresses could be used by a different network. Therefore you should advertise a summary with a block size of 16 and the remaining 2 addresses would be advertised individually.
We have the following networks:
Here we can start by combining the two /25 networks in the 192.168.101.x range to make them 192.168.101.0/24.
We now have 4 networks from 192.168.100.0/24 to 192.168.103.0/24
192 168 100 0 11000000 10101000 01100100 00000000 192 168 101 0 11000000 10101000 01100101 00000000 192 168 102 0 11000000 10101000 01100110 00000000 192 168 103 0 11000000 10101000 01100111 00000000
If you look closely, you can see that the first 22 bits in each address are the same so we can keep them fixed to form the network address. We then have 10 host bits. Now we can find the subnet mask (it will be a /22), network address to advertise and the highest address in the range.
nnnnnnnn nnnnnnnn nnnnnnhh hhhhhhhh 255 255 252 0 11111111 11111111 11111100 00000000 192 168 100 0 11000000 10101000 01100100 00000000 192 168 103 255 11000000 10101000 01100111 11111111
Therefore we can advertise 192.168.100.0/22 or 192.168.100.0 with a subnet mask of 255.255.252.0.
The range is from 192.168.100.0 to 192.168.103.255.