Intranets come in different sizes. In a small company, an intranet can be composed of only a handful of computers. In a medium-sized business, it may include dozens or hundreds of computers. And in a large corporation, there may be thousands of computers spread across the globe, all connected to a single intranet. When intranets get large, they need to be subdivided into individual subnets or subnetworks.
To understand how subnetting works, you first need to understand IP addresses. Every IP address is a 32-bit numeric address that uniquely identifies a network and then a specific host on that network. The IP address is divided into two sections: the network section, called the netid, and the host section, called the hostid.
Each 32-bit IP address is handled differently, according to what class of network the address refers to. There are three main classes of network addresses: Class A, Class B, and Class C. In some classes, more of the 32-bit address space is devoted to the netid, while in others, more of the address space is devoted to the hostid. In a Class A network, the netid is composed of 8 bits, while the hostid is composed of 24 bits. In a Class B network, both the netid and the hostid are composed of 16 bits. In a Class C network, the netid is composed of 24 bits, while the hostid is composed of 8 bits. There's a simple way of knowing what class a network is in. If the first number of the IP address is less than 128, the network is a Class A address. If the first number is from 128 to 191, it's a Class B network. If the first number is from 192 to 223, it's a Class C network. Numbers above 223 are reserved for other purposes. The smaller the netid, the fewer number of networks that can be subnetted, but the larger number of hosts on the network. A Class A rating is best for large networks while a Class C is best for small ones.
To create a subnet, the demarcation line on the IP address is moved between the netid and the hostid, to give the netid more bits to work with and to take away bits from the hostid. To do this, a special number called a subnet mask is used.
Subnetting is used when intranets grow over a certain size and they begin to have problems. One problem is management of host IP addresses-making sure that every computer on the network has a proper, up-to-date host address, and that old host addresses are put out of use until needed in the future. In a corporation spread out over several locations-or across the world-it's difficult, if not impossible, to have one person responsible for managing the host addresses at every location and department in the company.
Another problem has to do with a variety of hardware limitations of networks. Dissimilar networks may all be part of an intranet. An intranet may have some sections that are Ethernet, other sections that are Token Ring networks, and conceivably other sections that use different networking technologies altogether. There is no easy way for an intranet router to link these dissimilar networks together and route the information to the proper places.
Another set of problems has to do with the physical limitations of network technology. In some kinds of networks, there are some strict limitations on how far cables can extend in the network. In other words, you can't go over a certain distance of cabling without using repeaters or routers. A "thick" Ethernet cable, for example, can only be extended to 500 meters, while a "thin" Ethernet cable can only go to 300 meters. Routers can be used to link these cables together, so that an intranet can be extended well beyond those distances. But when that is done, each length of wire is essentially considered its own subnetwork.
Yet one more set of problems has to do with the volume of traffic that travels across an intranet. Often in a corporation, in a given department, most of the traffic is intradepartmental traffic-in other words, mail and other data that people within a department send to each another. The volume of traffic outside to other departments is considerably less. What's called for is a way to confine intradepartmental traffic inside the departments, to cut down on the amount of data that needs to be routed and managed across the entire intranet.
Subnetting solves all these problems and more. When an intranet is divided into subnets, one central administrator doesn't have to manage every aspect of the entire intranet. Instead, each subnet can take care of its own administration. That means smaller organizations within the larger organization can take care of problems such as address management and a variety of troubleshooting chores. If an intranet is subnetted by divisions or departments, it means that each division or department can guide the development of its own network, while adhering to general intranet architecture. Doing this allows departments or divisions more freedom to use technology to pursue their business goals.
Subnets also get around problems that arise when an intranet has within it different kinds of network architecture, such as Ethernet and Token Ring technologies. Normally-if there is no subnetting-a router can't link these different networks together because they don't have their own addresses. However, if each of the different networks is its own subnet-and so has its own network address-routers can then link them together and properly route intranet traffic.
Subnetting can also cut down on the traffic traveling across the intranet and its routers. Since much network traffic may be confined within departments, having each department be its own subnet means that all that traffic need never cross an intranet router and cross the intranet-it will stay within its own subnet.
Subnetting can also increase the security on an intranet. If the payroll department, for example, were on its own subnet, then much of its traffic would not have to travel across an intranet. Having its data traveling across the intranet could mean that someone could conceivably hack into the data to read it. Confining the data to its own subnet makes that much less likely to happen.
Dividing an intranet into subnets can also make the entire intranet more stable. If an intranet is divided in this way, then if one subnet goes down or is often unstable, it won't affect the rest of the intranet.
This all may sound rather confusing. To see how it's done, let's take a look at a network, and see how to use the IP address to create subnets. Let's say we have a Class B network. That network is assigned the address of 188.8.131.52. When a network is given an address, it is assigned the netid numbers-in this case, the 130.97-and it can assign the host numbers (in this case, 0.0) in any way that it chooses.
The 184.108.40.206 network is a single intranet. It's getting too large to manage, though, and we've decided to divide it into two subnets. What we do is fairly straightforward. We take a number from the hostid field and use it to identify each of the subnets. So one subnet gets the address 220.127.116.11, and the other gets the address 18.104.22.168. Individual machines on the first subnet get addresses of 22.214.171.124, 126.96.36.199, and so on. Individual machines on the second subnet get addresses of 188.8.131.52, 184.108.40.206 and so on.
Sounds simple. But we have a problem. The Internet doesn't recognize 220.127.116.11 and 18.104.22.168 as separate networks. It treats them both as 22.214.171.124 since the "1" and "2" that we're using as a netid is only known to the Internet as a hostid. So our intranet router will not be able to route incoming traffic to the proper network.
To solve the problem, a subnet mask is used. A subnet mask is a 32-bit number in IP form used by intranet routers and hosts that will help routers understand how to route information to the proper subnet. To the outside Internet, there is still only one network, but the subnet mask allows routers inside the intranet to send traffic to the proper host.
A subnet mask is a number such as 255.255.255.0 (the built-in default for Class C addresses; the Class B default is 255.255.0.0 and the default for Class A is 255.0.0.0). A router takes the subnet mask and applies that number against the IP number of incoming mail to the network by using it to perform a calculation. Based on the resulting IP number, it will route mail to the proper subnet, and then to a particular computer on the subnet. For consistency, everyone in a particular intranet will use the same subnet mask.
When intranets are over a certain size, or are spread over several geographical locations, it becomes difficult to manage them as a single network. To solve the problem, the single intranet can be subdivided into several subnets, subsections of an intranet that make them easier to manage. To the outside world, the intranet still looks as if it's a single network.