Visual Subnets is a tool that makes it easier to understand how IP subnetting works. Here's how you use it:
That's all there is to it. Play with the non-focused mode, roll your mouse over the IPs and try different block sizes. If you're like me, you'll understand subnets a lot better afterwards.
Q: Why aren't the gateway IPs labeled?
A: There's no such thing as a "gateway IP." This is a term of convenience that network techs use, and almost everyone puts the gateway (or "default route") on the first usable IP in a block, but the gateway for a network device can be anywhere within the subnet. Comcast, for instance, universally puts their gateways at the end of the block, not the beginning.
Q: Can I see a /16?
A: Sorry, not at the moment. I used some shortcuts in my code that make it hard, but I'll try my best to add larger blocks when I can.
Q: It doesn't highlight the IP when I click Focus IP.
A: That's a bug, my bad. Click again and it'll go.
What does "the block can be divided[...]" mean?
Read "Dividing Blocks" down below.
Q: It's great that I can use this, but I'd like to understand better, and the tutorials out there are just terrible.
A: Read the "Theory" section, I've tried my best to put this in really layman-y terms.
It's not surprising or something to be ashamed of. They're based on "bitmasks", an efficient, but very archaic computer programming trick. A lot of subnetting and CIDR tutorials or "cheatsheets" will show you these binary masks. Unless you're a programmer, they probably don't make a lot of sense.
I am a programmer, they do make sense to me, and I still can't use them - the information's too abstract. I had to make this tool to model it for myself because I couldn't figure it out either, after years of trying.
I want you to succeed in networking, and you shouldn't need to understand binary to do it. You probably aren't going to use that knowledge anywhere else, and 95% of the time you don't need it as much as you just need a practical understanding.
Try selecting different subnets and rolling your mouse over the IPs. You'll probably come to understand what's going on very quickly. Read the blue infobox and even more of it will make sense. The concepts are simple once you understand the rules - see the Theory section below for a little more on that.
The real secret is in this phrase: "A /29 must begin on a multiple of 8."
For every subnet size, the block has to begin on a particular multiple. /30 has to start on a multiple of 4, so 0, 4, 8, 12, etc. /29 has to start on a multiple of 8, so 0, 8, 16, etc.
You can find the edges of an IP block very easily once you know this. Say you have the IP 20.30.40.53, and the CIDR size is /29:
That is precisely how this tool works, and now you can do it on the calculator on your phone - the only trick is learning the size of the blocks, which you can get from any reference sheet. For convenience, here's everything you'll need for most non-enterprise jobs:
Starts on | Netmask | |
---|---|---|
/30 | 4 | 255.255.255.252 |
/29 | 8 | 255.255.255.248 |
/28 | 16 | 255.255.255.240 |
/27 | 32 | 255.255.255.224 |
/26 | 64 | 255.255.255.192 |
/25 | 128 | 255.255.255.128 |
/24 | 0 | 255.255.255.0 |
When using this tool you might notice the phrase in the infobox, "The block can be divided into a maximum of n blocks". This gets to the core of IP routing.
Say your ISP provides you with a /29 block, 25.30.100.24/29.
You have a router hooked up to your modem, and it's using a public IP. Your IP layout looks like this:
25.30.100.24 | Network address |
25.30.100.25 | ISP gateway |
25.30.100.26 | Router WAN |
25.30.100.27 | |
25.30.100.28 | |
25.30.100.29 | |
25.30.100.30 | Broadcast address |
Now you want to put a server behind that router, on a public IP. Some routers have methods for passing just a single IP through, but perhaps yours doesn't. You need to divide the block.
Because this block contains eight IPs, it can be divided into two blocks of four IPs - two /30s.
To do this, you need to find where the second block begins and set the first usable IP as the LAN-side address of your router. Then the second usable IP goes on your server. Both devices change from a .248 subnet mask to a .252. That looks like this:
25.30.100.24 | Network address |
25.30.100.25 | ISP gateway |
25.30.100.26 | Router WAN |
25.30.100.27 | Broadcast address |
25.30.100.28 | Network address |
25.30.100.29 | Router LAN |
25.30.100.30 | Server WAN |
25.30.100.31 | Broadcast address |
The servers IP is the second usable address of the new block, its subnet mask is 255.255.255.252, and its default gateway is the first usable address of the new block.
You'll notice that it causes you to lose three IPs (broadcast, network, router LAN). This makes it inconvenient for small blocks in particular, hence the aforementioned single-IP passthrough capability some routers have.