April 21, 2004

SysAdmin to SysAdmin: IP's binary roots

Author: Brian Jones

A wise man once said, "There are only 10 kinds of people in the world -- those
who understand binary, and those who don't." OK, so I saw it on a T-shirt. Fact
is, if you're in charge of a network, or just want to understand how your
network ticks, understanding binary is a requirement. Luckily, binary isn't very difficult when it's applied to something you already know -- namely, IP addresses and subnet masks.

If you've ever run /sbin/ifconfig from a command line to see your IP
address (or to see if you even have an IP address), you've undoubtedly
seen something similar to This is referred to as "dotted
decimal notation," and it's a simplification created to make IP
addressing more digestible to humans. Much as DNS resolves host names to IP
addresses, the IP stack resolves dotted decimal addresses into binary format,
so that the address above,, resolves to
11000000101010000000001000010110. And a hearty thanks goes to the good folks
who gave us dotted decimal notation!

If you want to make efficient use of your IP space, or you
have more hosts than available IP addresses on a given network, or
just the opposite problem -- not enough networks to properly maintain and
control the traffic flow -- knowledge of binary IP addressing becomes critical. With a good
knowledge of how binary and IP are related, and a thorough knowledge of your
network's needs, you can perform various bit-munging maneuvers to
make the most of your address space.

First, some basics

How did I come up with that crazy binary string? Well,
I know (and it's written all over the place) that IP uses a 32-bit address
space. Note that every binary digit is known as a
"bit." Also note that there are 32 of these bits in the above binary string.
Dotted decimal notation breaks the address down into four decimal numbers
separated by, well, dots. Each decimal number represents 8 bits of the
address's binary equivalent (which is why you'll hear them often referred to as
"octets"). So, 4 numbers, multiplied by 8 bits that each number represents,
equals 32 bits.

Let's take it even more slowly. We know that each decimal number in a
dotted-decimal address represents 8 bits in the binary equivalent. So what's
the largest number represented in 8-bit binary? Well, that would be 11111111,
which is 128+64+32+16+8+4+2+1, or 255. If I don't use all 1s, clearly the
equation changes. In the case of 192, the binary equivalent is
128+64+0+0+0+0+0+0, or 11000000. For 168, it's 128+0+32+0+8+0+0+0, or 10101000.
I think you get the point; if not, here's your homework.

IP addresses never travel alone

The networking world would be quite a mess if not for the existence of subnet
masks. A subnet mask really makes an IP address meaningful, because it's what
defines which portion of the IP address is used to identify the network
and which part is used to identify the host. It does this by
providing a "mask" over the network portion of the address. A subnet mask
places a 1 in every bit used by a given IP address to identify a network. The
rest of the bits are used to identify the host.

Let's look at a host with an IP of and subnet mask This one's easy if you've brushed up on your binary. We know
that each octet in a dotted decimal address has a maximum value of 255. We also
know that 255 in 8-bit decimal is all 1s (so this mask in binary is
1111 1111 1111 1111 1111 1111 0000 0000). We've just learned that a subnet mask uses 1s to
identify the network portion of an address. It should be quite clear, then,
that this subnet mask defines the network portion of the IP address using the
first 24 bits (or, the first three octets) of the IP address! In other words,
our network is The rest of the address (the last octet) is used to identify
the node or host on that network -- in this case, we're talking about "node 2."

Next time we'll take a closer look at how to create a
custom subnet mask and how it can help you get a handle on your network.
Until then, practice your binary math.

Click Here!