Subnet calculation


http://forum.parallels.com/showthread.php?70762-Plesk-Firewall-amp-IP-Range


You want to use the bitmask at the end, heres a quick cheat sheet:

11.11.11.11/32 <- just the host 11.11.11.11

11.11.11.0/24 <- the whole 11.11.11.0 network (254 ips)

11.11.0.0/16 <- the 11.11.0.0 network (64k ips)


11.0.0.0/8 <- the 11.0.0.0 network (16million ips)

Ahh taking out germany huh. So netmasks can be kind of daunting if you don't understand the guts of tcp/ip. Short version, the bitmask is a binary representation of a network block.

So what that means is that in binary this:

255.255.255.0

looks like
11111111.11111111.11111111.00000000

and if you add all those 1's up you get:

24

It helps if you can do math in binary. Which is probably one of the least useful skills a person can have. Its actually my 2nd least useful skill, my first is I can also read heiroglyphics. But I digress, the answer for your firewall netblocks question is you need 2 networks:

89.145.16.0/20 (89.145.16.1 - 89.145.31.254)
89.145.32.0/19 (89.145.32.1 - 89.145.63.254)

This is because TCP/IP is base 8, dividing each section of an IP address into an octet. We're dealing with subdividing a 16 bit network (2nd position), so we start all calculations from there. Cheat sheet:

bits 0 = 256
bits 1 = 128
bits 2 = 64
bits 3 = 32
bits 4 = 16
bits 5 = 8
bits 6 = 4
bits 7 = 2
bits 8 = 1



Forget about networks for a moment, and just do the math using into the largest group that fits into the above, in your case 89.145.16.0 - 89.145.64.0 is a total of 48 networks. So you need a block of 16 (4 bits) and a block of 32(3 bits) to get (16 + 32) 48. We're chopping up a class B (16 bit) network into smaller pieces so we start our math problem at 16. Using the network 89.145.16.0 as a jumping point, if we add 16 networks (or 4 bits) to our class B (16 bits) we get 16 + 4 = 20:
89.145.16.0/20 (89.145.16.1 - 89.145.31.254)

If you started at 89.145.32.0/20, you would be covering the network space from: 89.145.32.1 - 89.145.47.254


Another way to look at it is a 4 bit netmask breaks the network up into 16 pieces:
0-15
16-31
32-47
48-63
64-79
80-95
96-111
112-127
128-143
144-159
160-175
176-191
192-207
208-223
224-239
240-255



For the 2nd net block, I start at the IP 89.145.32.0, and add 32 networks to it. Again since we're playing in Class B (16 bit) network space, we start at 16, and add 3 bits (32 networks) to it: 16 + 3 = 19:
89.145.32.0/19 (89.145.32.1 - 89.145.63.254)

a 3 bit netmask breaks the network up into 8 pieces:
0-31
32-63
64-95
96-127
128-159
160-191
192-223
224-255

Confused yet? Oh and for your first question, while you can use .0 or .255 as IP addresses, it's not a good idea to use the starting or ending IP's for a netblock. This is because they are used for either defining the network (IE, 10.10.10.0/24 uses 10.10.10.0 to define the network) or for broadcasts on the network (10.10.10.255 is the broadcast IP).

Comments

Post a Comment

Popular posts from this blog

Using a Linux server to route packets between two private networks

Image
Reference: http://www.tecmint.com/setup-linux-as-router/ We want to route icmp (ping) packets from dev2 to dev4 and the other way around as well (note that both client machines are on different networks). The name of each NIC, along with its corresponding IPv4 address, is given inside square brackets. Our test environment is as follows: Client 1 : CentOS 7 [enp0s3: 192.168.0.17/24] - dev1 Router : Debian Wheezy 7.7 [eth0: 192.168.0.15/24, eth1: 10.0.0.15/24] - dev2 Client 2 : openSUSE 13.2 [enp0s3: 10.0.0.18/24] - dev4 Let’s view the routing table in dev1 (CentOS box): # ip route show and then modify it in order to use its enp0s3 NIC and the connection to 192.168.0.15 to access hosts in the 10.0.0.0/24 network: # ip route add 10.0.0.0/24 via 192.168.0.15 dev enp0s3 Which essentially reads, “Add a route to the 10.0.0.0/24 network through the enp0s3 network interface using 192.168.0.15 as gateway”. Route Network in Linux Likewise in dev4 (openSUSE box) to ping h
Read more

PHP Fatal error: Class 'JFactory' not found

I have faced this issue in Joomla site and searched the forums but none of the forums including joomla did not give solution for me. They simply suggest to check joomla version, php version compatibility and php extensions. Finally I have fixed the issue. Issue:- ---------  [26-Sep-2014 18:11:29 Europe/Berlin] PHP Fatal error: Class 'JFactory' not found in /home/test/public_html/index.php on line 31 Cause & Solution:- ----------------------- In my case, it seems file which gives the class JFactory was missed. /home/test/public_html/libraries/joomla/factory.php --->Core file for Joomla. Simply restore that file under proper path to fix the issue.
Read more

KVM & Qemu

QEMU is a powerful emulator, which means that it can emulate a variety of processor types. Xen uses QEMU for HVM guests, more specifically for the HVM guest's device model. The Xen-specific QEMU is called qemu-dm (short for QEMU device model) QEMU uses emulation; KVM uses processor extensions (intel-VT) for virtualization. Both Xen and KVM merge their various functionality to upstream QEMU, that way upstream QEMU can be used directly to accomplish Xen device model emulation, etc. Xen is unique in that it has paravirtualized guests that don't require hardware virtualization. Both Xen and KVM have paravirtualized device drivers that can run on top of the HVM guests. The QEMU hypervisor is very similar to the KVM hypervisor. Both are controlled through libvirt, both support the same feature set, and all virtual machine images that are compatible with KVM are also compatible with QEMU. The main difference is that QEMU does not support native virtualization. Consequently, QEMU has
Read more