A. Contiguous VLSM
Classful IP addressing wastes IP addresses. Classless
InterDomain Routing (CIDR) and Variable Length Subnet Masks (VLSM)
give us a way to subnet subnets, conserving network addresses
and gaining additional subnets per network address.
Contiguous VLSM can be thought of as splitting subnets into a
binary tree. essentially, we subnet a subnet. This
tree then forks so that we are subnetting a subnet of a subnet.
Each time we progress further down in the tree, a greater number
of bits become "stuck" and can not be turned on or off.
CIDR replaces subnet masks as a more flexible way of declaring
which bits represent the network IDs and which bits represent
the host IDs. It is represented by a slash / and the number
of bits used for the network ID. Heres some examples:
Address Class 
Subnet Mask 
# network bits 
CIDR Notation 
CLASS A 
255.0.0.0 
8 
/8 
CLASS B 
255.255.0.0 
16 
/16 
CLASS C 
255.255.255.0 
24 
/24 
Variable Length Subnetting a Class B Network
Remember we said VLSM is a way to subnet subnets? Lets look
at a class B example.
Default Class B
Range =
128191 (in 1st
octet by RFC) 
Subnet Mask = 255.255.0.0 
CIDR = /16 
#
hosts = 65,534 Formula =
(2^{x} 2)
so ( 2^{16} 2 ) 
#
networks = 16,384 Formula = 2^{(y2)}
so ( 2^{(162)} so 2^{14} ) 
*Note: Remember that RFC standards state that the first 2 bits are fixed
for class B.
One single class B network would give us 65,534 host
addresses.
157.54.0.0 /16 = 65,534 host addresses
If we divide this network into two subnets, we could get about
half of that, or 32,000 hosts per subnet.
Class B in 2 Subnets
N_{1} = 157.54.0.0 /17 =
approximately 32,000 hosts addresses Mask =
255.255.128.0
N_{2} = 157.54.128.0 /17 =
approximately 32,000 hosts addresses Mask =
255.255.128.0

Since the first two octets are the network address in class B
networks, we will subnet the third octet and steal bits from the
host side. Notice that our old classful 2 rules are being
bent here. Under VLSM, we use subnet bits that are all on
and all off sometimes.
Subnet 1 (128 bit off) =
2^{7} 
2^{6} 
2^{5} 
2^{4} 
2^{3} 
2^{2} 
2^{1} 
2^{0} 
128 
64 
32 
16 
8 
4 
2 
1 
0 
x 
x 
x 
x 
x 
x 
x 
Subnet 2 (128 bit on) =
2^{7} 
2^{6} 
2^{5} 
2^{4} 
2^{3} 
2^{2} 
2^{1} 
2^{0} 
128 
64 
32 
16 
8 
4 
2 
1 
1 
x 
x 
x 
x 
x 
x 
x 
We can further divide one of the 2 subnets above of our class B
address into more subnets. Using CIDR and two subnets, we are
currently using 17 bits for the network address /subnetting. Remember that when we
use 4 bits to subnet a typical octet, we get 14 subnets and 14
hosts. In this case, we can use the subnet we are subnetting as
first subnet, so in place of 14, we could get 15 subnets. We
just add 4 more bits to the 17 bits we are already using with
CIDR. 17 + 4 will give us a total of 21 bits. Adding 4 more
bits to the 1 we are already using gives us what appears to be 5
bits to subnet with, however, the first bit, the 128 bit, is
special. Because it represents a subnet itself, if we further
subnet this address it will become like the network address. It
will be stuck on, and we can only manipulate the 4 new bits we
have added for subnets. Look at the third octet, the 128 bit is
shaded since it is now stuck. Remember, we are now subnetting
what was already a subnet.
2^{7} 
2^{6} 
2^{5} 
2^{4} 
2^{3} 
2^{2} 
2^{1} 
2^{0} 
Base
10 
128 
64 
32 
16 
8 
4 
2 
1 
1 
0 
0 
0 
0 
x 
x 
x 
128 
1 
0 
0 
0 
1 
x 
x 
x 
136 
1 
0 
0 
1 
0 
x 
x 
x 
144 
1 
0 
0 
1 
1 
x 
x 
x 
152 
1 
0 
1 
0 
0 
x 
x 
x 
160 
And so on and so on
Because the 128 bit is stuck, every subnet from here on out
must add the 128 bit, we have no choice. Here, using CIDR, the
no subnet or host bits all on/all off rule can be bent,
allowing us to use 128 itself as the first subnet. With this in
mind, the next lowest value we can come up with will be 8 + the
128 that is stuck on. Therefore, the next subnet will be 136,
and we will keep adding 8 (the BLOCK) until we have 15
subnets. So, 128, 136, 144, 152, 160 and so on.
The number of bits left for hosts would be 8 from the 4^{th}
octet plus the 3 left from the 3^{rd} octet, for a total
of 11 bits. Now we have the facts we need. We are using 4 bits
for subnetting and 11 bits are left for hosts. Lets use our
formulas.
Subnets = (2^{x} 2) = (2^{4} 2) =
14. Remember that we are using CIDR now and can bend the rules
a little, so we actually get our 15 networks here since we can
use 128 as the starting subnet.
Hosts = (2^{x} 2) = (2^{11} 2) =
(2048  2) = 2046. So, when using CIDR /21, we can get
approximately 2000 hosts on each subnet. Lets sum things up so
far:
Class = B 
Subnet Mask = 255.255.248.0 
CIDR = /21 
BLOCK size = 8 
Hosts per subnet = (2^{x} 2) = (2^{11}
2) = (2048 2) = 2046 hosts 
15 Subnets of previous Class B N^{2}
N_{1} of N_{2} = 157.54.128.0
/21
N_{2} of N_{2} =
157.54.136.0
/21
N_{3} of N_{2} =
157.54.144.0
/21
N_{4} of N_{2} =
157.54.152.0
/21
N_{5} of N_{2} =
157.54.160.0
/21
N_{6} of N_{2} =
157.54.168.0
/21
N_{7} of N_{2} =
157.54.176.0
/21
N_{8} of N_{2} =
157.54.184.0
/21
N_{9} of N_{2} =
157.54.192.0
/21
N_{10} of N_{2} =
157.54.200.0
/21
N_{11} of N_{2} =
157.54.208.0
/21
N_{12} of N_{2} =
157.54.216.0
/21
N_{13} of N_{2} =
157.54.224.0
/21
N_{14} of N_{2} =
157.54.232.0
/21
N_{15} of N_{2} =
157.54.240.0
/21
Now suppose that we want to take one of
the 15 subnets subnetted from the 2^{nd} subnet of the
class B network and subnet one of those. Remember that we are
now subnetting a subnet of a subnet of a class B network. Lets
say we want to approximate about 8 Class C networks using our
class B address. We are already using CIDR
/21,
and remember that with CIDR we can bend our 2 rule a little
bit. Lets pick the last subnet of the previous stage
157.54.240.0
/21
. To get 8 more subnets, we need to add 3
more bits. 2^{x} = 2^{3} = 8, and no minus 2
this time, we are bending the rules with CIDR. Therefore, our
new CIDR notation is
/24,
which is, coincidentally, leaving us with the same number of
host bits we would be left with a normal class C network.
Lets choose the last subnet in the previous stage, the 240,
to subnet. Since we are subnetting a subnet of a subnet, the
original 128 bit will be stuck this time as well as the 4 we
added. A total of five bits have now become stuck:
2^{7} 
2^{6} 
2^{5} 
2^{4} 
2^{3} 
2^{2} 
2^{1} 
2^{0} 
Base
10 
128 
64 
32 
16 
8 
4 
2 
1 
1 
1 
1 
1 
1 
0 
0 
0 
248 
1 
1 
1 
1 
1 
0 
0 
1 
249 
1 
1 
1 
1 
1 
0 
1 
0 
250 
1 
1 
1 
1 
1 
0 
1 
1 
251 
1 
1 
1 
1 
1 
1 
0 
0 
252 
1 
1 
1 
1 
1 
1 
0 
1 
253 
1 
1 
1 
1 
1 
1 
1 
0 
254 
1 
1 
1 
1 
1 
1 
1 
1 
255 
To sum things up:
Class = B 
Subnet Mask = 255.255.255.0
(looks like a class C, but
its a VLSM subnetted class B) 
CIDR = /24 
BLOCK size = 1 (Interesting, huh?) 
Hosts per subnet = (2^{x} 2) = (2^{8}
2) = 254 
#
of subnets = 2^{x} = 2^{3} = 8 
8 Subnets of previous N^{15} of Class B N^{2}
N_{1} of N_{15} of N_{2}
= 157.54.248.0
/24
N_{2} of N_{15} of N_{2}
= 157.54.249.0
/24
N_{3} of N_{15} of N_{2}
= 157.54.250.0
/24
N_{4} of N_{15} of N_{2}
= 157.54.251.0
/24
N_{5} of N_{15} of N_{2}
= 157.54.252.0
/24
N_{6} of N_{15} of N_{2}
= 157.54.253.0
/24
N_{7} of N_{15} of N_{2}
= 157.54.254.0
/24
N_{8} of N_{15} of N_{2}
= 157.54.255.0
/24
B. NonContiguous VLSM
But wait! It gets even weirder my friend! The classful
subnetting rules that make our lives so safe and predictable are
about to be twisted and contorted even more. Ofcourse, if
you didn't have a truly twisted mind you wouldn't be into VLSM
in the first place. Come to think of it, have you ever met
anyone in this business that's "normal" ? Thinking ...
Hmmm ... Nope. If you're into this stuff, you're a fruitcake, myself included.
Denial. It's not just a river in Egypt.
Anyway, another way to look at VLSM is in terms of BLOCK sizes
and hosts/subnets required. Remember that the BLOCK is always
the lowest bit that belongs to the subnet bits. It can also be
calculated by subtracting the subnet mask value from 256.
Example:
2^{7} 
2^{6} 
2^{5} 
2^{4} 
2^{3} 
2^{2} 
2^{1} 
2^{0} 
Subnet Mask 
BLOCK 
128 
64 
32 
16 
8 
4 
2 
1 
1 
1 
0 
0 
0 
0 
0 
0 
.192 
64 
1 
1 
1 
0 
0 
0 
0 
0 
.224 
32 
1 
1 
1 
1 
0 
0 
0 
0 
.240 
16 
1 
1 
1 
1 
1 
0 
0 
0 
.248 
8 
1 
1 
1 
1 
1 
1 
0 
0 
.252 
4 
Or, if you prefer:
256 192 = 64
256 224 = 32
256 240 = 16
256 248 = 8
256 252 = 4
You can see the BLOCKs as they are associated with each subnet
mask above. Using this information, we can construct a table
that will assist us when using VLSM. To apply VLSM to a class C
network, we would start with a /24 due to the subnet mask of
255.255.255.0. We would then simply continue adding subnet bits
to /24 like so:
CIDR Subnet 
Mask 
Subnets 
Hosts 
BLOCK 
/26 
.192 
2 
62 
64 
/27 
.224 
6 
30 
32 
/28 
.240 
14 
14 
16 
/29 
.248 
30 
6 
8 
/30 
.252 
62 
2 
4 
*Notice the inverse relationship between the subnets and hosts
columns.
Suppose we had a network, 192.168.20.x, and we needed 8 subnets
for that network. If the number of hosts needed for each subnet
is in the range from 30 hosts 2 hosts, we would be forced into
using only 6 subnets, since we would need 5 bits for hosts. The
only way we could get 8 subnets out of a single class C network
address, and still allow for up to 30 hosts on a subnet, is if
we use VLSM.
The
goal is to continuously use the smallest BLOCK size possible to
accommodate the number of hosts.
Example:
Subnet 
Hosts Needed 
CIDR Subnet 
Mask 
BLOCK 
Hosts Provided 
N_{1} 
11 
/28 
.240 
16 
14 
N_{2} 
19 
/27 
.224 
32 
30 
N_{3} 
23 
/27 
.224 
32 
30 
N_{4} 
5 
/29 
.248 
8 
6 
N_{5} 
2 
/30 
.252 
4 
2 
N_{6} 
2 
/30 
.252 
4 
2 
N_{7} 
2 
/30 
.252 
4 
2 
N_{8} 
2 
/30 
.252 
4 
2 
*Notice the interesting minus two relationship between the BLOCK
and the number of hosts provided. Subtract two from the block
and that is the # hosts.
Once we have our BLOCK table figured out, we need to decide
where to place our BLOCKed subnets in the range of available
addresses 1254. The rule to follow here is that, we must
either start from 0, or else an increment of the current
BLOCK. In other words, if we started with a BLOCK value of 64,
we would have to start with 0, 64, 128, or 192. If we had other
BLOCK values of 32, we would have to squeeze them in between the
64 BLOCK ranges, and where we squeeze them would have to be an
increment of 32. The same could be said for any other BLOCK
sizes such as 16, 8 or 4.
Its usually easiest to start with the largest BLOCKs, fit them
in, then move to the smaller BLOCKs. Remember that you must
START with the block size or a multiple thereof, so if the block
size were 32, you would start at 32 and then 64 and so on. Here, we will therefore
start with the two 32sized BLOCKs above. We can place
one 32sized BLOCK between 3264, and another 32sized BLOCK between 6496.
That takes care of those two. Now the next largest BLOCK is
16. Where can we place that? We might place it between 1632,
since it has not yet been used. We could place the 8 BLOCK
between 816, since it has not been used, and the remaining 4 BLOCKs will be easy to place at the end since they are so
small. We could place them respectively between 96100,
100104, 104108, and 108112.
As an illustrated example:
Class C IP Address Range Table
0 
4 
8 
12  N_{4
} (BLOCK 8)
16 
20 
24  N_{1}
(BLOCK 16)
28 
32 
36 
40 
44  N_{2}
(BLOCK 32)
48 
52 
56 
60 
64 
68 
72 
76 
80  N_{3}
(BLOCK 32)
84 
88 
92 
96 
100 N_{5}
(BLOCK 4)
104 N_{6}
(BLOCK 4)
108 N_{7}
(BLOCK 4)
112 N_{8}
(BLOCK 4)
116 
120 
124 
128  
132 
136 
140 
144 
148 
152 
156 
160 
164 
168 
172 
176 
180 
184 
188  FREE AND UNUSED
192 
196  ADDRESS SPACE
200 
204 
208 
212 
216 
220 
224 
228 
232 
236 
240 
244 
248 
252 
256  
©2005 C. Germany