VLSM – Part 1

Welcome back! In this installment, we’re going to examine VLSM (Variable-Length Subnet Masking, RFC 1878), and how to use the subnetting shortcuts to solve VLSM problems. I’m sure that it won’t surprise you to know that we’ll need the powers of two chart:

n = 8 7 6 5 4 3 2 1
2n = 256 128 64 32 16 8 4 2

So, let’s don our beanie caps and get to work. Suppose that we’re given an address space of 192.168.1.0/24, and asked to subnet it. As we know, this involves finding the mask, subnets, and ranges. We’re also told that we need four subnets, and that the four subnets need the following numbers of hosts:

  • 105 hosts
  • 50 hosts
  • 20 hosts
  • 10 hosts

Let’s see if we can do it with standard subnet masking (where the mask is the same for all subnets). We start out the usual way, verifying that the total number of hosts (185) will fit within our “/24” address space (which will support up to 254 hosts). Next, we observe that the number of hosts on the largest subnet is 105, which requires seven host bits (and allows for up to 126 hosts per subnet). Since there are four subnets, we need two subnet bits (which allows up to four subnets).

Oh-oh … big problem! Seven plus two is nine, but we have only eight bits to work with (the first 24 are fixed by the address space). Put another way, 32 minus 9 is 23, which means a “/23” mask. Unfortunately, this is to the left of the “/24” specified by the address space, so we can’t do it. Since standard subnet masking won’t work, let’s try VLSM.

In VLSM, we vary the mask to suit the size of the subnet. In other words, since not all subnets require the same number of hosts, why use the same mask? Put yet another way, if we don’t waste address space on one subnet, we can use that address space on another. Let’s give it a try…

As with standard subnet masking, we verify that the total number of hosts (185) will fit into the available address space (“/24”), which it will. Next, we handle the largest subnet (105 hosts), which requires seven host bits, or a “/25” mask (32 – 7 = 25, which would actually support up to 126 hosts). Thus, the first subnet is 192.168.1.0/25:

  • 105 hosts => 192.168.1.0/25

With a “/25 mask (seven host bits), the subnets increment by 128, so the next subnet begins at 192.168.1.128. The next largest subnet contains 50 hosts. Since 50 hosts require six host bits, the mask for this subnet is a “/26” (which would support up to 62 hosts). Thus, the second subnet is 192.168.1.128/26:

  • 105 hosts => 192.168.1.0/25
  • 50 hosts => 192.168.1.128/26

With a “/26” mask (six host bits), the subnets increment by 64, so the next subnet begins at 192.168.1.192 (128 + 64 = 192). The next largest subnet contains 20 hosts. Since 20 hosts require five host bits, the mask for this subnet is a “/27” (supporting up to 30 hosts). Thus, the third subnet is 192.168.1.192/27:

  • 105 hosts => 192.168.1.0/25
  • 50 hosts => 192.168.1.128/26
  • 20 hosts => 192.168.1.192/27

With a “/27” mask (five host bits), the subnets increment by 32, so the next subnet begins at 192.168.1.224 (192 + 32 = 224). The next largest subnet contains 10 hosts. Since 10 hosts require four host bits, the mask for this subnet is a “/28” (allowing up to 14 hosts). Thus, the fourth subnet is 192.168.1.224/28:

  • 105 hosts => 192.168.1.0/25
  • 50 hosts => 192.168.1.128/26
  • 20 hosts => 192.168.1.192/27
  • 10 hosts => 192.168.1.224/28

With a “/28” mask (four host bits), the subnets increment by 16, so the next subnet begins at 192.168.1.240 (224 + 16 = 240), but since we’ve taken care of all four of the required subnets, we don’t need that address space. Using VLSM, not only did we solve the problem, but we even have some address space left over!

Let’s try another problem. We’re given the address space 172.16.55.0/24 (a Class “C” sized piece of a Class “B” network), There are two routers, connected by a pair of point- to-point WAN links (for fault-tolerance). In addition to the P2P links, R1 has four directly-attached LAN subnets, as follows:

  • 50 hosts
  • 20 hosts
  • 10 hosts
  • 5 hosts

R2 also has four directly-attached LAN subnets, as follows:

  • 40 hosts
  • 25 hosts
  • 12 hosts
  • 4 hosts

Let’s see if we can solve this problem using standard subnet masking. The largest subnet must support 50 hosts (and thus needs six host bits), and there are a total of ten subnets (which requires four subnet bits). Since six plus four is ten, and we only have eight bits to work with, we can’t do it with standard subnet masking. Looking at it another way, since a “/22” (32 minus 10) is to the left of “/24”, it won’t work.

Okay then, let’s try VLSM. As before, we start out with the largest subnet, and work our way down. A subnet with 50 hosts requires a “/26” mask:

  • 50 hosts => 172.16.55.0/26

With a “/26” mask (six host bits), the subnets increment by 64, so the next subnet begins at 172.16.55.64. The next largest subnet contains 40 hosts. Since 40 hosts require six host bits, the mask for this subnet is also a “/26”. Thus, the second subnet is 172.16.55.64/26:

  • 50 hosts => 172.16.55.0/26
  • 40 hosts => 172.16.55.64/26

With a “/26” mask (six host bits), the subnets increment by 64, so the next subnet begins at 172.16.55.128 (64 + 64 = 128). The next largest subnet contains 25 hosts, and therefore requires five host bits, or a “/27”. Thus, the next subnet is 172.16.55.128/27:

  • 50 hosts => 172.16.55.0/26
  • 40 hosts => 172.16.55.64/26
  • 25 hosts => 172.16.55.128/27

With a “/27” mask (five host bits), the subnets increment by 32, so the next subnet begins at 172.16.55.160 (128 + 32 = 160). The next largest subnet contains 20 hosts, and therefore requires five host bits, or another “/27”. Thus, the next subnet is 172.16.55.160/27:

  • 50 hosts => 172.16.55.0/26
  • 40 hosts => 172.16.55.64/26
  • 25 hosts => 172.16.55.128/27
  • 20 hosts => 172.16.55.160/27

With a “/27” mask (five host bits), the subnets increment by 32, so the next subnet begins at 172.16.55.192 (160 + 32 = 192). The next largest subnet contains 12 hosts, and therefore requires four host bits, or a “/28”. Thus, the next subnet is 172.16.55.192/28:

  • 50 hosts => 172.16.55.0/26
  • 40 hosts => 172.16.55.64/26
  • 25 hosts => 172.16.55.128/27
  • 20 hosts => 172.16.55.160/27
  • 12 hosts => 172.16.55.192/28

With a “/28” mask (four host bits), the subnets increment by 16, so the next subnet begins at 172.16.55.208 (192 + 16 = 208). The next largest subnet contains 10 hosts, and therefore also requires four host bits, or another “/28”. Thus, the next subnet is 172.16.55.208/28:

  • 50 hosts => 172.16.55.0/26
  • 40 hosts => 172.16.55.64/26
  • 25 hosts => 172.16.55.128/27
  • 20 hosts => 172.16.55.160/27
  • 12 hosts => 172.16.55.192/28
  • 10 hosts => 172.16.55.208/28

With a “/28” mask (four host bits), the subnets increment by 16, so the next subnet begins at 172.16.55.224 (208 + 16 = 224). The next largest subnet contains five hosts, and therefore requires three host bits, or a “/29”. Thus, the next subnet is 172.16.55.224/29:

  • 50 hosts => 172.16.55.0/26
  • 40 hosts => 172.16.55.64/26
  • 25 hosts => 172.16.55.128/27
  • 20 hosts => 172.16.55.160/27
  • 12 hosts => 172.16.55.192/28
  • 10 hosts => 172.16.55.208/28
  • 5 hosts => 172.16.55.224/29

With a “/29” mask (three host bits), the subnets increment by eight, so the next subnet begins at 172.16.55.232 (224 + 8 = 232). The next largest subnet contains four hosts, and therefore requires three host bits, or another “/29”. Thus, the next subnet is 172.16.55.232/29:

  • 50 hosts => 172.16.55.0/26
  • 40 hosts => 172.16.55.64/26
  • 25 hosts => 172.16.55.128/27
  • 20 hosts => 172.16.55.160/27
  • 12 hosts => 172.16.55.192/28
  • 10 hosts => 172.16.55.208/28
  • 5 hosts => 172.16.55.224/29
  • 4 hosts => 172.16.55.232/29

That takes care of the eight LAN subnets, now let’s do the two WAN links. Taking up where we left off, with a “/29” mask (three host bits), the subnets increment by eight, so the next subnet begins at 172.16.55.240 (232 + 8 = 240). The WAN links need two hosts each, and therefore we can use a “/30” for each, and with a “/30” mask, the subnets increment by four. Therefore, the two WAN subnets could be:

  • 2 hosts => 172.16.55.240/30
  • 2 hosts => 172.16.55.244/30

The next available subnet would be 172.16.55.248, but since we’ve covered all ten required subnets, we don’t need it at present. Note that we could also have used “/31” masks on the WAN links (per RFC 3021), in which case (incrementing by two, instead of four) they could be:

  • 2 hosts => 172.16.55.240/31
  • 2 hosts => 172.16.55.242/31

In this case, the address space starting at 172.16.55.244 is unused (with a “/31” mask, the subnets increment by two).

Well, that’s the idea of VLSM, a technique used to conserve address space through more efficient allocation. Next time, we’ll look at some more examples, including the times that VLSM won’t work.

Author: Al Friebe

In this article

Join the Conversation

3 comments

  1. omar Reply

    Thanks man. honestly you have explained it much better than my Lecturer.

  2. Greg Reply

    Wow, this is awesome..I really thank you for this, it has been a life saver. I’ve been wrecking my brain trying to learn VLSM the way my instructor teaches it to no avail. But this technique has simplified it tremendously..

  3. George Reply

    Really good job thank u!!
    can u explain what happens when the last octet is “full”? (255)
    but we need to add more hosts?
    do we move to the previous octet and add there the hosts?