# Ip ranges notations

## dob

Daemons firewalls etc all seem to use a common notation to  name ip ranges.

like 3.2.1.0/32

However, since I use linux for fun and never had tcp/ip classes at school, I don't understand that notation.

It seems that 1.0.0.0/8 equals the ip range from 1.0.0.0 to 1.255.255.255

But how about /12 /16 etc.? Could someone explain me in simple terms how it works?

Thanks   :Wink: 

----------

## fbleagh

The /8 /16 /24 notation is just a shorthand version of the old datted quad system

without going into the whys and wherefores here is a basic conversion table

255.0.0.0  = /8

255.255.0.0 = /16

255.255.255.0 = /24

if you want a bit more of an explanation then read on.

255.0.0.0 in binary = 11111111 00000000 00000000 00000000

funnily enough 255 in binary is 11111111

and 255.255.0.0 in binary = 11111111 11111111 00000000 00000000

getting the idea ?

The new notation just says how many bits are being masked.

if you look at the above u can see that 255.0.0.0 is masking 8bits. 

and 255.255.255.0 is masking 16 bits

I hope this is of some help.

Cheers from Down Under

Fbleagh

----------

## dob

yep this sure helps, thanks   :Smile: 

However, I'm not sure I fully understand how it works just yet.

1.0.0.0/12 = 1.0.0.0 -> 1.15.255.255 (since 11110000 = 240)   :Question: 

If that's correct, now how do I proceed the other way around?

For ex what would be the notation for 192.168.1.13 -> 192.168.1.47

----------

## fbleagh

there isn't one subnet that would only do from 192.168.1.13 192.169.1.47

the closest you would get would be the 192.168.1.0 network with the subnet mask 255.255.255.192.

As subnets start at specific points along 1--255

for example

192.168.1.0 network with the subnet mask 255.255.255.192  ( /26 )

column 1 -- Network

column 2 -- first host in subnet

column 3 -- last host in subnet

column 4 -- Broadcast Address

192.168.1.0	192.168.1.1	192.168.1.62	192.168.1.63

192.168.1.64	192.168.1.65	192.168.1.126	192.168.1.127

192.168.1.128	192.168.1.129	192.168.1.190	192.168.1.191

192.168.1.192	192.168.1.193	192.168.1.254	192.168.1.255

so if i was given the address 192.168.1.13 with a subnet mask of /26

i would be able to see addresses 192.128.1.1 --> 62 without going through a router.

or if i was  192.168.1.140/26 i would be able to see 192.168.1.129-190

I may be easier for you to explain where you are tryng to get to and i'll see what i can do to step you through it  :Smile: 

----------

## dob

Actually I'm just trying to understand how to tell a daemon what ip range he should accept connections from without typing all of them 1 by 1, same for allowing/blocking ip ranges with iptables.

For instance the first time I tried to setup exim, I wanted it to relay mail for the 2 computers of my internal lan, and I assumed 192.168.0.2/2 would only let 192.168.0.2 and 192.168.0.3 send mail through it  :Smile:  Hopefully I realized it was not correct minutes later by running an open relay test before any spammer could abuse it.

If I understood what you told me correctly, I should have used 192.168.0.0/30

I feel confused by what this has to do with routers, and your 192.168.1.140/26 example  :Shocked: 

Regarding routers I assume you're talking about the calculation of the netmask to use to have several subnets within say 192.168.0.xxx

Regarding 192.168.1.140/26, here's my understanding of how you get 192.168.1.129->190.

As I'm trying to find the calculation by knowing the solution, I put my fantasy to work but I don't get the same figures

26 means we have the 1st two bits masked, ie 11000000, that makes 192 in decimal

255-192=63

Then we divide the 1-255 range in pieces of 63 ips

We get 1->63, 64->127, 128->191, 192-255

128<140<191 so 192.168.1.140/26 = 192.168.1.128-191

Where am I wrong  :Question:   :Smile: 

----------

## digitalnick

the /8 ect ... is called CIDER notation

its used because the regular class based ranges are limiting with classless routing its easy to setup supernets and subnets

the /number stands for how many network bits there are in the address

192.168.1.1/24 is a class c address for example its subnet is 255.255.255.0 but if we want to say buy 2 class c ranges and make them into one bigger network we need to borrow bits so we could have say a /20 netmask which would be 

11111111 11111111 11110000 0000000 in binary

or

255.255.240.0

that leaves you 12 bits for hosts so you could have 2^12-2 hots instead of 2^8-2 hosts

 :Wink: 

----------

## rtn

 *digitalnick wrote:*   

> the /8 ect ... is called CIDER notation

 

Isn't that CIDR?  :Smile: 

--rtn

----------

## dasalvagg

yep...its CIDR

Look up classless interdomain routing.  You're right, you're likely to see /xx notation on routers...its right in the name.  In most cases its used to allow ISP to give customers a block of continous IP address without forcing them to buy an entire class...which you cant even do anymore.  Its a good idea to understand subetting and supernetting too, these all have the same princibles in mind.  Breaking apart ranges or addresses to create more useable systems.  Let me give you a warning...breaking down too many ip addresses to binary will hurt your head.

----------

## Major Nugzz

This may help too, especially if all that binary stuff makes your head hurt.   :Smile: 

http://www.telusplanet.net/public/sparkman/netcalc.htm

----------

## digitalnick

lol i spelled it wron cider heh /me smacks himself

----------

