Editing
Subnetting
Jump to navigation
Jump to search
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
= Subnetting = Subnetting divides an IP network into smaller logical sections called subnets. This structuring improves efficiency, isolates traffic, and defines boundaries between systems and functions. A deep understanding of subnetting reveals how internal environments are organized, and how access and visibility are controlled across segments. == What Subnetting Enables == Subnetting assigns defined IP ranges to roles, departments, or zones. It introduces: * Predictable address allocation * Containment of broadcast traffic * Segmentation between trust levels * Flexible internal routing logic == Components of a Subnet == A subnet is a defined range of IP addresses divided into roles: * The '''network address''' identifies the subnet itself. * A '''host address''' is assigned to devices within the subnet. * The '''default gateway''' forwards traffic beyond the subnet. {| class="wikitable" ! Address Type !! Role !! Example |- | Network Address || Identifies the subnetβs starting point || 10.20.40.0 |- | Host Address || Assigned to individual systems || 10.20.40.17 |- | Default Gateway || Sends traffic to external destinations || 10.20.40.254 |} == IP Addresses and Subnet Masks == An IPv4 address consists of 32 bits. A subnet mask determines how many bits define the network portion and how many are reserved for hosts. Examples of subnet divisions: * `/23` β 255.255.254.0 β 510 usable hosts * `/26` β 255.255.255.192 β 62 usable hosts * `/30` β 255.255.255.252 β 2 usable hosts Smaller subnets reduce broadcast impact and expose fewer devices to lateral access. Each octet in a subnet mask ranges from 0 to 255, depending on how many bits are allocated to the network portion. == Operational Relevance == Subnets reveal the boundaries of where one can move, what is reachable, and how systems relate to each other. Recognizing subnet layout supports: * Identifying target clusters * Locating edge devices and chokepoints * Planning internal traversal across routing paths * Matching IP observations to physical or functional layout == Example Layout == A segmented internal network might include: {| class="wikitable" ! Subnet !! Function !! Range |- | 10.10.0.0/24 || Core servers and directory services || 10.10.0.1 β 10.10.0.254 |- | 10.10.1.0/25 || General employee workstations || 10.10.1.1 β 10.10.1.126 |- | 10.10.2.128/26 || Printers and embedded devices || 10.10.2.129 β 10.10.2.190 |- | 10.10.3.0/28 || External-facing DMZ zone || 10.10.3.1 β 10.10.3.14 |} Each of these zones may route differently, log independently, or apply unique firewall rules. == Strategic Benefits == * '''Minimized exposure''' β Only devices within the same subnet share direct access * '''Tactical segmentation''' β Movement between zones requires deliberate routing * '''Logical clarity''' β IP ranges reflect organizational structure == See Also == * [[IP Addressing]] * [[CIDR Notation]] * [[Routing Basics]] * [[NAT]] * [[LAN Topologies]]
Summary:
Please note that all contributions to HackOps may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
HackOps:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Navigation menu
Personal tools
Not logged in
Talk
Contributions
Create account
Log in
Namespaces
Page
Discussion
English
Views
Read
Edit
Edit source
View history
More
Search
Navigation
Tools
What links here
Related changes
Special pages
Page information