## Test Your Firewall | IP Network Calculator | Cisco Password Decoder

So how is this done?

(This is a long and ugly explanation. I'll fix it up over time...)

An IP address is a set of four (4) bytes that identify a unique host address. Those four bytes are most commonly displayed as four decimal numbers separated by a period ("."). This representation is called dotted-quad notation.

Each byte contains eight (8) bits. The computer sees these values as binary numbers.

Example:

The number one is represented in a byte as "00000001"

1.2.3.4 would be understood by a computer as "00000001.00000010.00000011.000000100"

IP4 Networks are set up to use four one-byte values to figure out how to move information from one place to another. (8 bits in a byte, so 32 bits total)

Example:

In the network 10.0.0.0, all information destined for any computer or device with an IP address of 10.x.x.x would be delivered to the same network space, where it would eventually find it's way to it's destination.

In this case, the first number of the dotted quad ("10") is fixed and cannot change. The remaining three values (x.x.x) can be anything we want. Actually, almost anything we want. Each value is only a single byte long, which means 8 bits which means that only numbers that can be represented by eight bits (ones and zeros).

00000000 = 0
00000001 = 1
00000100 = 4
10000000 = 128
11111111 = 255

So... the largest number that we can represent using eight binary digits is 255.

In our example network, the first "10" is fixed and each "x" can be any number from 0-255.

In the network 10.10.10.0, all information destined for computers or devices with an IP address of 10.10.10.x would be delivered to the same network space. In this case, "10.10.10" is fixed, and "x" can be any number from 0-255.

The Netmask defines the number of bits that CANNOT be used to represent a host IP address. In our first example, only the first value is fixed "10". That leaves three "x" values that can be used to uniquely identify a single computer. In other words, one of the dottect quad values ("10") CANNOT be used to uniqely identify a computer because all addresses on that network start with the same value ("10").

Would could have a computers identified as "10.123.65.3", "10.12.233.97", "10.67.33.222", etc. We would NOT put a computer identifed as "94.97.123.2" on that network, because it doesn't start with a "10".

If we cannot use the first value in our dotted quad, then we have only 3 values of our dotted quad remaing to uniquely identify computers. A network mask is effectively the binary digits that are NOT available for us to use to uniquely identify computers.

Example:

10.0.0.0

We cannot use value 1.
We can use values 2, 3, and 4.

Our mask = 11111111.00000000.00000000.00000000 Desimal notation: 255.0.0.0 The total number of bits we cannot use for individual computers = 8

Network: 10.0.0.0
CIDR: 8
Computers 10.0-255.0-255.0-255

Second Example:

10.10.10.0

We cannot use values 1, 2, or 3.
We can use value 4.

Decimal notation: 255.255.255.0
The total number of bits we cannot use for individual computers = 24

Network: 10.10.10.0
CIDR: 24
Computers 10.10.10.0-255

Last Example:

It is not necessary to use the full 8 bits of each value if we don't want to.