Subnetting: Difference between revisions

From HackOps
Jump to navigation Jump to search
← Older editNewer edit →
VisualWikitext
Line 16: Line 16:
== Components of a Subnet ==
== Components of a Subnet ==


Each subnet includes addresses with distinct roles:
A subnet defines a logical range of IP addresses. Within this range, different addresses serve specific roles:
 
* The '''network address''' represents the subnet itself and defines the scope of connected hosts.
* A '''host address''' is assigned to an individual device within that subnet.
* The '''default gateway''' is a designated host address responsible for forwarding traffic to external networks.


{| class="wikitable"
{| class="wikitable"
Line 27: Line 31:
| Default Gateway || Routes traffic to external networks or other subnets || 10.20.40.254
| Default Gateway || Routes traffic to external networks or other subnets || 10.20.40.254
|}
|}
Within any subnet, IP addresses serve different purposes. The **network address** defines the subnet itself, while a **host address** identifies an individual device within that subnet.


== IP Addresses and Subnet Masks ==
== IP Addresses and Subnet Masks ==

Revision as of 15:37, 7 June 2025

Subnetting

Subnetting divides an IP network into smaller logical sections called subnets. This structuring improves efficiency, isolates traffic, and defines boundaries between systems and functions.

A deep understanding of subnetting reveals how internal environments are organized, and how access and visibility are controlled across segments.

What Subnetting Enables

Subnetting assigns defined IP ranges to roles, departments, or zones. It introduces:

  • Predictable address allocation
  • Containment of broadcast traffic
  • Segmentation between trust levels
  • Flexible internal routing logic

Components of a Subnet

A subnet defines a logical range of IP addresses. Within this range, different addresses serve specific roles:

  • The network address represents the subnet itself and defines the scope of connected hosts.
  • A host address is assigned to an individual device within that subnet.
  • The default gateway is a designated host address responsible for forwarding traffic to external networks.
Address Type Role Example
Network Address Defines the subnet’s starting point 10.20.40.0
Host Address Assigned to endpoints or systems within the subnet 10.20.40.17
Default Gateway Routes traffic to external networks or other subnets 10.20.40.254

Within any subnet, IP addresses serve different purposes. The **network address** defines the subnet itself, while a **host address** identifies an individual device within that subnet.

IP Addresses and Subnet Masks

An IPv4 address consists of 32 bits. A subnet mask determines how many bits define the network portion and how many are reserved for hosts.

Examples of subnet divisions:

  • `/23` → 255.255.254.0 → 510 usable hosts
  • `/26` → 255.255.255.192 → 62 usable hosts
  • `/30` → 255.255.255.252 → 2 usable hosts

Smaller subnets reduce broadcast impact and expose fewer devices to lateral access.

Each octet in a subnet mask ranges from 0 to 255, depending on how many bits are allocated to the network portion.

Operational Relevance

Subnets reveal the boundaries of where one can move, what is reachable, and how systems relate to each other. Recognizing subnet layout supports:

  • Identifying target clusters
  • Locating edge devices and chokepoints
  • Planning internal traversal across routing paths
  • Matching IP observations to physical or functional layout

Example Layout

A segmented internal network might include:

Subnet Function Range
10.10.0.0/24 Core servers and directory services 10.10.0.1 – 10.10.0.254
10.10.1.0/25 General employee workstations 10.10.1.1 – 10.10.1.126
10.10.2.128/26 Printers and embedded devices 10.10.2.129 – 10.10.2.190
10.10.3.0/28 External-facing DMZ zone 10.10.3.1 – 10.10.3.14

Each of these zones may route differently, log independently, or apply unique firewall rules.

Strategic Benefits

  • Minimized exposure – Only devices within the same subnet share direct access
  • Tactical segmentation – Movement between zones requires deliberate routing
  • Logical clarity – IP ranges reflect organizational structure

See Also

Retrieved from "https://hackops.wiki/index.php?title=Subnetting&oldid=179"