VLSM Subnetting in Networks
The most straightforward approach for subnetting across a network is to make all the subnets the same size – giving them all the same subnet mask. However, this can be very inefficient if the number of hosts on each subnet differs. It can become a significant problem if the size of the subnets isn’t big enough for the number of hosts that we need on one of the subnets. In this case, we want to ‘borrow’ some host space from a subnet which has fewer hosts on it. VLSM (Variable Length Subnet Masks) enables us to do this by having subnets with different subnet masks. It can almost be thought of as subnetting a subnet.
Historically, networks were expected to use the same subnet mask throughout – every interface would have that mask. This approach uses a 'classful' address space. Because all subnet masks are the same, we don’t need to share information about the mask between the routers when we share routing information. If a network uses a classful address space of 192.168.0.0/24 and a router advertises a route to 192.168.101.0, then all the other routers assume that this means 192.168.101.0/24. This is an example of 'classful' routing, and it does not support VLSM because there is no way for routers to communicate different sized subnets. The original Routing Information Protocol (RIPv1) is a classful routing protocol and therefore cannot support VLSM. Therefore if we want to use VLSM, we must implement a classless network design with a classless routing protocol which will include the subnet mask for all of the routes being advertises.
- More efficient use of allocated IP address space
- Multiple networks can be shared with a single ‘summary’ address which reduces routing table size and makes route lookups faster.
- VLSM can be more complex to implement than using subnets of all the same size.
Routing protocol support for VLSM
- RIPv1: No
- RIPv2: Yes
- EIGRP (Enhanced Interior Gateway Protocol): Yes
- OSPF (Open Shortest Path First): Yes
With VLSM, we can assign different subnets different numbers of host bits to support different quantities of hosts on each part of the network. The blocks will still have to be a ‘power of 2’ size (e.g. 4, 8, 16 etc.) and each subnet will still have two reserved addresses for the Network Address and the Broadcast Address.
If we are starting with a ‘Class C’, or /24 network, such as 192.168.101.0/24, then our subnets could range from two /25s to sixty four /30s or, using VLSM, some combination.
How to Calculate VLSM Blocks
Host Bits (h) = 32 – Subnet Bits (Prefix) Block Size = 2 ^ h Hosts = 2 ^ h – 2
Remember that number of hosts is two less than the block size because of the Network Address and the Broadcast Address.
VLSM Block Size Table
The following table shows possible VLSM block sizes within a /24 range.
|Prefix||Host Bits||Block Size||Hosts|
Selecting Subnets with VLSM
Although VLSM offers a more flexible approach to addressing, we must be careful which subnets we choose.
VLSM Rule 1
The network address, or subnet ID, for each subnet must have all host bits set to zero.
In other words, the subnet can’t just start anywhere you want.
Correct Subnet Example
The following could be a valid subnet within the 192.168.101.0 Class C network with VLSM.
Subnet: 192.168.101.64/26 Mask (/26): 255.255.255.192 Host Bits: 6 Block Size: 2 ^ 6 = 64 Supported Hosts: (2 ^ 6) – 2 = 62 255 255 255 192 Mask: 11111111 11111111 11111111 11000000 nnnnnnnn nnnnnnnn nnnnnnnn nnhhhhhh 192 168 101 64 Subnet ID: 11000000 10101000 01100101 01000000 192 168 101 127 Broadcast: 11000000 10101000 01100101 01111111 Address
Notice that all of the host bits (the last 6) are zero.
Incorrect Subnet Example
The following is not a valid subnet within the 192.168.101.0 network.
Subnet: 192.168.101.80/26 Mask (/26): 255.255.255.192 255 255 255 192 Mask: 11111111 11111111 11111111 11000000 nnnnnnnn nnnnnnnn nnnnnnnn nnhhhhhh 192 168 101 80 Subnet ID: 11000000 10101000 01100101 01010000
This is not a valid subnet because all of the host bits (the final 6 bits of the 3rd octet) are not set to zero: 010100000.
VLSM Rule 2
Subnet address ranges must not overlap.
If subnets did overlap then hosts on supposedly different subnets could have the same IP address. Doing this would break the network because packets destined for one host could inadvertently be sent to a host sharing the same IP address. The router wouldn’t know which is the correct interface to send the packets out of. This type of misconfiguration can result in conditions such as not being able to ping across the network.
You can check for overlaps by listing the subnets in numerical order and comparing the broadcast address of each subnet with the network address (subnet ID) of the next subnet.
Finding Overlapping Subnets
Imagine we have a network with the following subnets, but some hosts are having trouble reaching each other. We’re going to check to see whether any of the subnets overlap which could be causing the network issues.
- Subnet A: 192.168.101.0/28
- Subnet B: 192.168.101.16/28
- Subnet C: 192.168.101.32/27
- Subnet D: 192.168.101.64/26
- Subnet E: 192.168.101.96/27
- Subnet F: 192.168.101.128/25
Now we’re going to list them in a table and look for any subnets which begin before the previous subnet ends.
VLSM Overlap Table
|Subnet||Subnet ID||Broadcast Address||Next Subnet ID|
Notice that the Subnet ID / Network Address of Subnet E is lower than the broadcast address of Subnet D. Therefore we have an overlap. In this case, removing Subnet D from the IP addressing scheme will fix the problem. We may wish to split one of the larger subnets, such as Subnet F, to provide an additional subnet.
VLSM Route Summarization
Summarization, also known as route aggregation, in VLSM is using a single address to describe multiple networks. Where a router has interfaces in multiple consecutive subnets, routing protocols can use summarization for advertising routes using just one prefix. Summarization enables smaller routing tables which makes route lookups faster.
The route summary is given as the starting address of the summary block and the subnet mask that describes the range – often written using CIDR notation.
Calculating a VLSM Route Summary
We can manually generate VLSM summarizations with the following steps
- Identify the consecutive networks we want to advertise
- Select the largest block size which can describe them (and only them)
- Add any networks that weren’t included in the block
Sometimes you can do step two just by looking at the group of addresses. Otherwise, you can start with the smallest address spaces and combine them, gradually combining larger groups until you can combine any-more. Converting the addresses to binary can help identify the common host bits which can then be set to zeroes and ones to find the network and broadcast address. The network/subnet bits will give you the subnet mask.
There are a couple of rules that we must remember when aggregating routes:
- The advertised address must have all of the host bits set to zero.
- The advertised network should not advertise addresses which you don’t have.
Rule 2 is relevant when the networks that you’re advertising don’t precisely fit a block size. For example, if you have 18 addresses, it could be tempting to use a summary with a block size of 32 addresses. However, the additional twelve addresses could be used by a different network. Therefore you should advertise a summary with a block size of 16, and the remaining two addresses would be advertised individually.
We have the following networks:
Here we can start by combining the two /25 networks in the 192.168.101.x range to make them 192.168.101.0/24.
We now have four networks from 192.168.100.0/24 to 192.168.103.0/24
192 168 100 0 11000000 10101000 01100100 00000000 192 168 101 0 11000000 10101000 01100101 00000000 192 168 102 0 11000000 10101000 01100110 00000000 192 168 103 0 11000000 10101000 01100111 00000000
If you look closely, you can see that the first 22 bits in each address are the same so we can keep them fixed to form the network address. We then have 10 host bits. Now we can find the subnet mask (it will be a /22), network address to advertise and the highest address in the range.
nnnnnnnn nnnnnnnn nnnnnnhh hhhhhhhh 255 255 252 0 11111111 11111111 11111100 00000000 192 168 100 0 11000000 10101000 01100100 00000000 192 168 103 255 11000000 10101000 01100111 11111111
Therefore we can advertise 192.168.100.0/22 or 192.168.100.0 with a subnet mask of 255.255.252.0.
The range is from 192.168.100.0 to 192.168.103.255.