8

I need to divide a network 172.16.0.0/12 into 3 different subnets for different purposes. One of them needs 6 host addresses, another 85 host addresses and the last 100 host addresses. It should be done so that as few addresses as possible goes unused.

Now, the first subnet is easy, I can make a subnet 172.16.0.0/29 which has 23 - 2 = 6 usable host addresses. I'm not sure how to approach the next subnet though. Is it possible to make a subnet from say 172.16.0.8-172.16.0.127? And perhaps continuing with the third from 128-255 (last octet)?

My second guess would be to divide the smallest subnet as before, then make the next subnet at 172.16.0.1/25 and the last at 172.16.0.2/25. This way the amount of unused addresses would be higher, though.

I should also mention that the subnets should have access to the Internet. How can this be assured? I read that the whole 172.16.0.0/12 address range is private and thus they do not work in the Internet. Is this true?

EDIT: This was what I had in mind:

http://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/13788-3.html

I understand that I cannot subnet my network in the same way they have done here because two of my subnets has to reserve an address space of 128 hosts. This means that I could create subnets 172.16.0.0/25,172.16.0.128/25 and 172.16.1.0/29. What I am wondering now is: does the space in "reserved for future use" count as some sort of subnet, or can they be used as normal addresses?

Patrick Mevzek
  • 173
  • 1
  • 1
  • 13
markus
  • 91
  • 1
  • 1
  • 3

4 Answers4

2

I need to divide a network 172.16.0.0/12 into 3 different subnets for different purposes. One of them needs 6 host addresses, another 85 host addresses and the last 100 host addresses. It should be done so that as few addresses as possible goes unused.

First off you have to decide what exactly you mean by "unused". The most sensible way to subnet depends on how you see your usage growing in the future. You clearly have a lot more space than you need so the real question becomes how do you place your current allocations into the space you have in a way that minimises the risk you will have to renumber in future.

If your expect your growth to come from adding more subnets and you expect some of your new subnets to be large then it makes sense to pack your subnets in a way that leaves large blocks free. On the other hand if you expect your existing subnets to grow larger then you may want to leave gaps after them which you can use to either expand the existing subnet or create another small subnet as needs dictate.

I would caution about being too stingy in private space. Using /24's throughout will waste some addresses sure but it makes it so much easier for humans to see what is going on. Most orgnaisations are small enough that exhaustion of private IP space is not a major issue.

Now, the first subnet is easy, I can make a subnet 172.16.0.0/29 which has 2^3-2=6 usable host addresses.

Fine

I'm not sure how to approach the next subnet though. Is it possible to make a subnet from say 172.16.0.8-172.16.0.127?

No, that is not possible. Subnets must be a power of two size and their boundry must be a multiple of their size.

So having made the allocation above the first palce you could put a /25 is 172.16.0.128/25 . You could also place them at 172.16.1.0/25 172.16.1.128/25

Which arrangement makes the most sense, again it depends on expected growth. If you expect one of the subnets may need to be expanded to a /24 then it would make sense to put that one at 172.16.1.0/25 and leave 172.16.1.128/25 free.

I should also mention that the subnets should have access to the Internet. How can this be assured? I read that the whole 172.16.0.0/12 address range is private and thus they do not work in the Internet. Is this true?

Those addresses cannnot be used directly on the internet. If you only need to make outbound connections to the itnernet then you can use NAT to hide multiple private addresses behind one public address. If you need to accept inbound connections then the NAT would have to be configured to forward those connections or you would need to get public space instead (which is gettign increasingly difficult nowadays).

Peter Green
  • 13,303
  • 2
  • 21
  • 47
0

You could use 172.16.0.128/25 and then 172.16.1.0/25 for the next. I like to avoid zero subnets though, but it is a valid range.

If you do the math you would see that the network address for 172.16.0.8/25 is actually 172.16.0.0. If you need 100 hosts and want to use a /25 subnet then you would have to start at 172.16.0.0 and count increments of 128.

You are correct that 172.16.0.0/12 is private address space. As long as you ensure that your internet router/firewall is performing some type of NAT your private addresses will be translated to a public IP address to reach the internet.

Robert
  • 538
  • 2
  • 10
0

You need to do this sort of thing in binary, then it becomes obvious, and you won't end up trying to do something as incorrect as, "make a subnet from say 172.16.0.8-172.16.0.127", which you would see is impossible. You should study this answer.

If you insist upon not doing it incorrectly, you could always remember that two consecutive, identical mask lengths equal a mask length one smaller. For example, two consecutive /27 networks make one /26 network. What you show, two /27, two /28, and a /30, could be reduced to, one /26, one /27, and one /30.

Yes, the 172.16.0.0/12 range is a private network range, as is 10.0.0.0/8 and 192.168.0.0/16`, and they cannot be routed on the public Internet.

The "space reserved for future use" is unallocated, and may be divided into more subnets and used when the need arises. You should strive not to create a subnet so small that there is no room for growth, and you should always want some unallocated space which can be used for new subnets when you need them.

Ron Maupin
  • 99,565
  • 26
  • 120
  • 195
  • Two consecutive /27 networks don't always make a /26 network. They must be correctly aligned for this to be true. – Xavier Nicollet Jan 20 '16 at 18:42
  • That's true, but in the context of this question, which is what I was answering,, the two consecutive /27 networks make a /26. – Ron Maupin Jan 20 '16 at 18:45
0

Do you own the entire Class B 172.16.0.0/12 allocation?

Reason for the ask? Planning for unexpected growth/expansion, avoiding overlaps, facilitating connectivity remediation. Consider taking a hard-look at Rob Maupins suggestion about "space reserved for future use." Don't learn the hard way as I did.

An overlooked by-product of IP Subnetwork design is network adjacencies. As Rob Maupin alluded too, creating too small of a network range for X amount of host? Can come back to bite you if there are there are unconventional IPAM or infrastructure design changes implemented around your allocation afterward.

Take advantage of the Class B allocation using what you create to ensure management and control. Consider at best creating a /28 (14 hosts) and two /25's (126 hosts each.) under the /12 Top Level Network.

Or at a minimum create a Class C /24 IP network range under the /12 and subnet the /24 into two /25 networks. Create a second /24 IP network range adjacent to the first Class C. Subnet the second /24 into a /28 network range. Resulting space for the number of IP hosts on three network's, you want to deploy. Enabling network conservation desired, and room for additional host assignments.

Most importantly consider implementing this or a similar design to avoid/eliminate the possibility of an IPv4 connectivity outage due to an IPAM misconfiguration or someone grabbing an IP address range between your network sub-domains.

  • first classfull networks are dead for 25 years, killed by CIDR, please forget about it. Second 172.16.0.0/12 is a private network as defined by RFC1918 and so the OP is free to use the whole range. But this is obviously a homework question. – JFL Mar 26 '18 at 09:54