Networking Refresher: IP, CIDR, Subnetting

Revise the fundamental networking concepts like IP, CIDR, and subnetting.

We'll cover the following

Internet Protocol
- IPv4
- IPv6
Classful IPv4 addressing
Subnet mask
Classless Inter-Domain Routing (CIDR)
Subnetting

Building resilient and secure infrastructures and workloads requires a fundamental understanding of networking. In the context of the cloud, we don’t have to manage our own physical hardware, but the task of configuring the virtual resources to meet our requirements and operate effectively lies with us.

Keeping this in perspective, let's familiarize ourselves with the basics of the Internet Protocol used by AWS services to communicate with each other.

Internet Protocol

Internet Protocol outlines the set of rules for addressing and routing data on the internet. It enables communication between two host machines over a network. Every host machine or device on the internet is assigned a unique identifier, namely an IP address. The Internet Protocol delivers the packets over the network using these unique identifiers. Once delivered, the transport layer protocols take over further processing the packets and handing them over to the respective applications.

The Internet Protocol addresses come in two flavors:

IPv4
IPv6

IPv4

Internet Protocol version 4, or IPv4, is a 32-bit addressing scheme where each IP address is denoted by four octets separated by dots, for example: 10.0.0.0. Each octet in the IP address represents 8 bits, which means that the value can range from 0 to 255. Similarly, since IPv4 supports 32 bits, we can have $2^{32}$ or approximately 4 billion uniquely identifiable IP addresses, which in our day and age are insufficient.

IPv6

To deal with the limited number of addresses in IPv4, Internet Protocol version 6 or IPv6 supports 128-bit addresses, which are represented by a hexadecimal notation. Each IPv6 address has eight 16-bit sections, each separated by a colon, for example: d14c:1368:3e4a:0c9f:fcf5:460c:e7dd:3205. With 128 bits, we can uniquely identify $2^{128}$ devices, which is $2 ^ {96}$ times more than IPv4.

IPv6 comes with other protocol enhancements, such as better security and privacy, but for the sake of simplicity, we have only covered the address space enhancement.

IPv4 is still the most commonly adopted version, so we will focus on IPv4 addressing for the rest of the lesson.

Classful IPv4 addressing

The IPv4 addresses can be divided into two parts:

Network: The network address corresponds to the number of bits used to uniquely identify a network.
Host: The host address represents the unique identifier of a device/host on that network.

In the traditional context, the IP addresses were divided into smaller groups/classes via classful addressing. Each class uses different bits to represent the network and host addresses. The three primary classes available for general use are A, B, and C:

Class A: This class uses the first octet (8 bits) as the network address and the remaining octets for host addresses. The first bit from the network address is always 0 so we can’t use it. Therefore, the remaining 7 bits make $2 ^ 7 = 128$ networks. The 24 bits from the host part make $2 ^ {24} = 16777216$ hosts in each network. For example, let’s consider 20.0.0.1 address where 20 represents the network address, and the 0.0.1 is the host address.
Class B: This class uses the first two octets (16 bits) for the network and the remaining octets for host addresses. In Class B, the first bits from the network bits are always 10, which makes the network space of $2^{14} = 16384$ addresses. There are $2^{16} = 65536$ hosts in each network. For example, let's consider 131.17.0.3, where 131.17 represents the network address, and the 0.3 is the host address.
Class C: This class uses the first three octets (24 bits) for the network and the last octet for host addresses. The first three network bits are fixed to 110 and the remaining 21 bits make $2^{21} = 2097152$ networks in this class with $2 ^ {8} = 256$ hosts in each network. For example, let’s consider 200.168.1.19, where 200.168.1 represents the network address, and the 19 is the host address.

Note: The first and the last address in each class are reserved as host identifier/address and broadcast address, respectively and can not be used.

The classes can be summarized in the table below:

Apart from the above classes, we have class D and E networks, which are inaccessible for general use. While classful addressing is useful in organizing the IP addresses, it comes with limitations as well:

Inefficient IP allocation: Each class has a fixed number of hosts in the classful addressing system, which can be wasteful in many instances. For example, an organization with 300-350 devices would have to go for the class B network, which would have left the other 65,000+ IP addresses unused.
Limited network design: Similarly, the classful system wouldn’t allow combining networks as required. For example, the IP addresses 128.0.0.0 and 128.1.0.0 belong to different networks of class B in the classful architecture.

To address these limitations, Classless Inter-Domain Routing (CIDR) was introduced. But, before we discuss it, let’s first review an important concept: subnet mask.

Subnet mask

In classful addressing, each class had a fixed number of network and host bits, which makes it easier to identify the class a particular IP belongs to. For example, the IP 10.0.0.1 belongs to class A, with the first octet representing the network address and the remaining octets representing the host address.

A subnet mask is an alternative binary representation of the network and host portions of the IP address. The network bits are represented by 1's whereas the host bits are presented by 0's. For example, the default subnet mask for IP addresses in class A would have the first 8 bits set to 1, as the first octet in class A represents the network part, while the remaining bits would be set to 0 signifying the host part: 11111111.00000000.00000000.00000000. A router in a network topology uses the subnet mask to determine and route the messages to the appropriate network and, subsequently, the appropriate host.

Classless Inter-Domain Routing (CIDR)

Coming back to the discussion around the limitations of classful addressing, Classless Inter-Domain Routing (CIDR) was introduced to bypass those limitations and effectively manage IP allocations. It does so with the help of the Variable Length Subnet Mask (VLSM). Instead of relying on a fixed number of bits for the network, CIDR enables using variable lengths of bits to represent the network. This helps with the underutilization of IP addresses, as mentioned above.

But how does a router, in this case, identify the appropriate network? The answer lies in the CIDR notation, which includes the IP block, followed by a slash and the number of selected network part bits.

Let’s look at a few examples to further cement our understanding:

In x.x.x.x/24, /24 represents the number of network bits, which means the given address block contains 2⁸ or $256$ hosts or IP addresses.
Similarly, in x.x.x.x/20, /20 represents the number of network bits, which means the given address block contains $2^{12}$ or $4096$ hosts or IP addresses.
In the edge case of /32 network bits, there would only be $1$ host IP address. While /0 represents all the $2^{32}$ IP addresses in IPv4.

This makes the underutilization of IP addresses disappear while also enabling us to combine networks by specifying the number of network bits.

Subnetting

Subnetting enables splitting up large networks’ address spaces into smaller subnetworks, which in turn makes network routing more efficient. With the help of subnetting, messages can be delivered efficiently without having to go through several unnecessary hops/routers in the network.

Create a free account to view this lesson.

Continue your learning journey with a 14-day free trial.

By signing up, you agree to Educative's Terms of Service and Privacy Policy

Network Class	IP Range	Network Bits	Host Bits
Class A	`0.0.0.0` - `127.255.255.255`	8	24
Class B	`128.0.0.0` - `191.255.255.255`	16	16
Class C	`192.0.0.0` - `223.255.255.255`	24	8

Introduction

AWS Fundamentals

Understanding Cloud Computing Essentials— From Zero to Hero

Identity and Access Management

Securing AWS Resources: Managing Access with IAM

AWS IAM Permission Boundaries

Using AWS IAM Access Analyzer

Compute Services

Understanding AWS Compute Services — From Zero to Hero

Amazon EC2: Elastic Compute Cloud

Working with Instances: An Amazon EC2 Walkthrough

Managing Instance Volumes Using EBS

Networking

Understanding Networking Services in AWS—From Zero to Hero

Controlling VPC Traffic Using Network ACLs

Managing Peer Connections between Amazon Virtual Private Clouds

Accessing AWS Services over AWS PrivateLink Using VPC Endpoints

Monitoring IP Traffic Using VPC Flow Logs

Route 53

Serverless Computing

Getting to Know AWS Lambda

Building and Deploying Serverless Applications with AWS SAM

Developing RESTful Microservices with API Gateway and DynamoDB

Building a WebSocket-Based Chat Application Using API Gateway

Mastering AWS AppSync Lambda Resolvers

Application Integration

Getting Started with Amazon Simple Queue Service (SQS)

Handling Amazon SNS Notifications with AWS Lambda

Build a Fanout Serverless Architecture using SNS, SQS, and Lambda

Decoupling Serverless Applications with Amazon EventBridge

Getting Started with AWS Step Functions

Containers

Getting Started with Amazon ECS

Create an EKS Cluster and Deploy an Application

High Availability and Scalability

Managing Application Traffic Using Elastic Load Balancers

Understanding Auto Scaling Group (ASG) in AWS

Mastering Amazon EC2 Dynamic Scaling Policies

Storage

Understanding AWS Storage Options—From Zero to Hero

Simple Storage Service (S3)

Working with AWS S3 Cross-Region Replication

Resizing Images with S3 Batch Operations and AWS Lambda

Managing Data Access with Amazon S3 Access Points

File Storage and Transfer

Getting Started with Amazon FSx for Windows File Server

Databases

Working with Relational Databases: A Beginner's Guide to AWS RDS

Getting Started with Amazon Aurora Database Engine

Working with NoSQL Databases: A Beginner's Guide to AWS DynamoDB

Exploring Graphs with Amazon Neptune

Getting Started with Amazon Keyspaces

Achieving Ultra-Fast Performance Using Amazon MemoryDB for Redis

Improving Database Performance with Amazon ElastiCache for Redis

Migration and Transfer

Use of AWS Database Migration Service from Aurora MySQL to S3

Security and Compliance

Getting Started with AWS Key Management Service (KMS)

Encrypting S3 Buckets and EBS Volumes Using KMS

Protecting Web Applications Using AWS WAF

Managing Aurora DB Credentials and API Keys Using Secrets Manager

Finding Vulnerabilities on EC2 Instances Using AWS Inspector

Deployment Services

Mastering AWS Deployment Services—From Zero to Hero

CloudFormation

Getting to Know AWS CloudFormation

AWS CloudFormation Updates: Change Sets and Stack Policies

Mastering AWS CloudFormation Helper Scripts

Machine Learning

Understanding Machine Learning Services on AWS—From Zero to Hero

Deploying a Machine Learning Model with Amazon SageMaker

Getting Started with Amazon Fraud Detector

Build an Educative Chatbot with Conversational AI Using AWS Lex

Content Delivery and Optimization

Analytics

Analyzing S3 Data and CloudTrail Logs Using Amazon Athena

Getting Started with Amazon EMR

Getting Started with Amazon Redshift

Building ETL Pipelines on AWS

Create a Data Lake with Lake Formation and Analyze It with Athena