39

If an IP Address is indicated like this: 10.39.25.151/24 , what does the /24 mean?

StackOverflowed
  • 597
  • 1
  • 5
  • 11
  • 2
    I think it's called CIDR notation. It tells you something about the range of IP addresses for the network. For details beyond that you'd have to read about subnets and subnet masks. – barlop Jan 05 '17 at 03:16
  • @barlop : Yes, this is absolutely CIDR notation (also known as "slash notation"). I am certain of that. Fooey; I thought about that while writing my answer, but somehow left it off my answer. (I have since added that into the answer, for anyone who may just reads answers and not comments.) Thank you for the worthy addition of that good comment. – TOOGAM Jan 05 '17 at 05:38

2 Answers2

53

It indicates the subnet mask of the IP.

IP has 32 bits, and number after the slash tells you where does the network part end, host part starts.

IP 10.39.25.151 written in binary format looks like this:

00001010001001110001100110010111

and /24 says that first 24 bits are used for network designation, while last 8 bits are used for various hosts inside that network.

/24 means that hosts on network can have IPs that are different by last 8 bits only, so IPs from range 10.39.25.1 - 10.39.25.255, with last .255 IP being used as broadcast address for the network.

See these two links for more details about subnet mask, and how they work.

https://support.microsoft.com/en-us/kb/164015

https://www.iplocation.net/subnet-mask

/24 indicates a subnet mask of 255.255.255.0, or in binary octets.

11111111.11111111.11111111.00000000

A Subnet mask is a 32-bit number that masks an IP address, and divides the IP address into network address and host address. Subnet Mask is made by setting network bits to all "1"s and setting host bits to all "0"s. Within a given network, two host addresses are reserved for special purpose, and cannot be assigned to hosts. The "0" address is assigned a network address and "255" is assigned to a broadcast address, and they cannot be assigned to hosts.

ralz
  • 2,490
  • 20
  • 16
  • 2
    i'm a bit rusty, but reading through what you wrote, it all sounds brilliant and spot on. With one single exceltion. The last sentence you wrote. Classes are FAMOUSLY way out of date, and the only people that tend to make the mistake of talking about classes are people that learnt from cisco textbooks that are out of date on that and they never researched to find out that they were out of date on that. In fact the CIDR or slash notation, that C of CIDR is CLASSLESS.. as opposed to classful. Classful addressing hasn't been used for maybe even decades now. – barlop Jan 05 '17 at 06:27
  • 2
    is there any difference then between 172.18.0.150/24 and 172.18.0.0/24? – João Pimentel Ferreira Feb 17 '19 at 14:06
  • @JoãoPimentelFerreira Have you figured it out? – Roman Aug 21 '19 at 00:20
  • 1
    Nitpick: `10.39.25.151/24` actually covers `10.39.25.0` through `10.39.25.255`. – Leo Galleguillos Mar 06 '22 at 05:05
7

The number after the slash refers to the size of the network.

Specifically, the number after the slash specifies how many bits in the netmask have a value set to 1 before the first bit that is set to zero. This style of specifying a network's size is most formally called "CIDR notation", and is sometimes also called "slash notation".

So, 192.0.2.0/24 refers to the network (or "subnetwork", a.k.a. "subnet") with a netmask of 11111111111111111111111100000000. (The netmask matches the address's length. Since IPv4 addresses have 32-bit addresses, IPv4 uses 32-bit netmasks. Since IPv6 addresses have 128-bit addresses, IPv6 uses 128-bit netmasks.)

What this means is that 24 bits are used to specify a network ID, leaving 8 bits to identify a host. There are 2 possible values that each "bit" can have (the word "bit" literally comes from the phrase "binary digit"), and 2 raised to the 8th power is 256, so there are 256 addresses that can be in that network. So, the 192.0.2.0/24 network goes from 192.0.2.0 through 192.0.2.255.

Similarly, the 192.0.2.0/29 network goes from 192.0.2.0 through 192.0.2.7. (Since 29 of the bits are reserved for identifying the subnet, that leaves 3 bits for the addresses. 2 raised to the 3rd power is 8.)

Side note: All of those addresses are part of the subnet. In IPv4, they are not all "usable", based on the IPv4 standard of the first and last addresses being "unusable", for compatibility with various equipment that may support "broadcast packets". The last address is typically called the "broadcast address". The first address is typically called the "Network ID", but the technical reason that the Network ID was ever declared to be unusable was from historical concerns of compatibility with some equipment that broadcasted on the first address.

For more fun of looking at different subnet sizes, you may want to look at a VLSM chart.

The reason why /24 is so common is because IPv4 addresses tend to be written out in octets. /24 allows the Network bits and the Host bits to be split after 24 bits, which ends up being after the third octet. So, people can tell rather easily (and without being very error prone) whether a device is part of a specific network, or a different network.

TOOGAM
  • 15,243
  • 4
  • 41
  • 58
  • some of what you've written sounds really confusing. You wrote "The number after the slash refers to the size of the network." OK. Then you write "Specifically, if you have a netmask, it refers " So that suggests that you can have a number after a slash and not have a netmask, and I don't think that is correct. And you haven't said the key point, that the number after the slash IS the netmask. When you have a slash and a number, there is no "if you have a netmask" (afaik anyway!) It's not an if. You Have. – barlop Jan 05 '17 at 06:32
  • you wrote "There are 2 possible values in binary, " <-- err no. A Binary digit can have 2 possible values. . Nobody would say there are 10 possible values in decimal. It's a decimal digit can have 10 possible values. But an infinite number of possible values can be represented in any base, binary, decimal, whatever. (though funnily enough probably not every value! e.g. a 1/3 without a division sign, can perhaps not really be represented in base 10 e.g. one has to write 0.3333333 but that's another matter). – barlop Jan 05 '17 at 06:34
  • @barlop : Regarding your first comment, my second sentence did say what the number after the slash is. However, I used the word "it", and the sentence's pronoun could have been interpreted as referring to the netmask. I agree with your point, and decided fixing would be worthwhile, so I re-wrote for clarity. Regarding your 2nd comment (the one about possible values), I declare that's just being picky, so I don't intend to expend effort re-phrasing that. – TOOGAM Jan 06 '17 at 06:51
  • re that second comment, It's not picky, it's just quoting you saying something plain wrong. and saying it's wrong. And if somebody doesn't know much about binary then they might believe it and parrot it as a fact , taking it as its word / literally, while they try to understand the concepts, and they'll have a completely wrong concept. If somebody was teaching a class and said that, then they should be sacked, because it's blatantly wrong and very bad if you're telling somebody that doesn't already understand what you're explaining, well enough to spot your error and see past it. – barlop Jan 09 '17 at 21:51
  • Okay, @barlop , but have you considered that perhaps it's not wrong? After re-reading what I wrote, it still didn't feel "wrong" to me. If interpreted that as "There are 2 possible values [a number can have,] in binary", it seems wrong. If interpreted as meant, as "There are 2 possible values [a digit can have,] in binary", then it's right. The statement was more ambiguous than it could've been, but if you really want to get technical, I didn't say that there are "only 2 possible values". There are two possible values in decimal (along with eight more possible values a single digit may have) – TOOGAM Jan 10 '17 at 02:05
  • @TOOGAM Hello. You said "Similarly, the 192.0.2.0/29 network goes from 192.0.2.0 through 192.0.2.7" and mentioned first and last address being reserved. Is it within network or within subnet? Because subnet will be available through 192.0.2.9 - 192.0.2.25.255? – Boris_yo Jan 27 '22 at 08:16
  • @Boris_yo : no. A subnet is simply a small "network" where a "network" is defined as a group of addresses. (A subnet is a smaller network than some other networks. A supernet is a network that is bigger than some other networks.) So a 192.0.2.0/29 is a subnet (a somewhat small network). It is a network. It is true that network is part of larger networks that include it. But your reference to 192.0.2.9 through 192.0.2.25.255 is conflusing. 192.0.2.25.255 is not a vaid address. The addresses are ones ending with .0, .1, .2, .3, .4, .5, .6, and .7. So .9 and .255 aren't in that list. – TOOGAM Jan 27 '22 at 20:59
  • To help @Boris_yo just a bit further, I will point out that 192.0.2.255 is not part of the subnet, but it is an IPv4 address and IPv4 addresses do have special handling for the last address of a subnet. I believe Windows 95 may have had a bug that treated addresses nding with .255 as if they were the last address of a subnet, even if they weren't. – TOOGAM Jan 27 '22 at 21:00
  • You might want to check out a VLSM chart, like my VLSM chart at [CyberPillar's VLSM Chart](http://cyberpillar.com/dirsver/1/mainsite/techns/basics/netbasic/subnet/vlsmchrt/vlsmchrt.htm) and notice that all of the blocks in the IPv4 /29 column contain exactly 8 addresses. Seeing that might help visualize this a bit easier, which I know can be quite helpful for some people. – TOOGAM Jan 27 '22 at 21:02
  • @TOOGAM Hi. I mistyped. Here is what I meant: 192.0.2.8 - 192.0.2.256. What is within that range of addresses in last octet? If in a range of 192.0.2.0 - 192.0.2.7 we know that 0 and 7 are reserved what is with the rest from 8 until 256? Is this available range? If it is. then are 8 and 256 reserved so we are left with 192.0.2.9 - 192.0.2.255? – Boris_yo Jan 28 '22 at 15:46
  • @Boris_yo : 192.0.2.256 is not a valid IP address. 192.0.2.0 through 192.0.2.255 are. I again refer you to check out a VLSM chart. It will show there are muiltple /29s available. Since /29 is smaller than /23, I find it most convenient to ignore the "192.0.2" and just look at the last octet. As I explain, /29 refers to the size of the "network" (group of addresses). A /29 is eight addresses. 256 divided by 8 is 32 so there are 32 different /29s. Since /29 is smaller than /23, I find it easier to focus on just the last octet (just ignore the "192.0.2" portion of the sample.) – TOOGAM Jan 30 '22 at 11:24
  • @Boris_yo : The prior comment explains this one, but doesn't simply answer one of your direct questions. This one does a bit better (and is explaiend by the prior comment). There are 32 /29s, each groups of 8 addresses. The first half (16) of these are: .0/29 (.0 - .7), .8 /29 (.8 - .15), .16/29 (.16 - .23), .24/29 (.24 - .31), .32/29 (.32 - .39), .40/29 (40 - .47), .48/29 (.48 - .55), .56/29 (.56 - .63), .64/29 (.64 - .71), .72/29 (.72 - .79), .80/29 (.80 - .87), .88/29 (.88 - .95), .96/29 (.96 - .103), .104/29 (.104 - .111), .112/29 (.112 - .119), .120/29 (.120 - .127). – TOOGAM Jan 30 '22 at 11:29
  • @barlop Having re-read this, I ended up seeing things differently and agreed with you enough to go ahead and re-phrase the comment about binary. Even if the old way was "acceptable enough", I saw little reason to not just make it better and easier for people to read the first time. I maintain the position taht sacking someone is an extremely serious response and quite overkill for a single statement that can be (and was meant to be) interpreted in another way which was accurate. – TOOGAM Jan 27 '23 at 18:30