IP Addressing and Subnetting for New

Users
Document ID: 13788

Contents
Introduction
Prerequisites
Requirements
Components Used
Additional Information
Conventions
Understanding IP Addresses
Network Masks
Understanding Subnetting
Examples
Sample Exercise 1
Sample Exercise 2
VLSM Example
VLSM Example
CIDR
Appendix
Sample Config
Host/Subnet Quantities Table
NetPro Discussion Forums - Featured Conversations
Related Information

Introduction
This document will give you basic information you will need to configure your router
for routing IP, such as how addresses are broken down and how subnetting works. You
will learn how to assign each interface on the router an IP address with a unique subnet.
And do not worry, we will show you lots of examples to help tie everything together.

Prerequisites
Requirements

There are no specific prerequisites for this document.

Components Used

This document is not restricted to specific software and hardware versions.

Additional Information

If definitions are helpful to you, use these vocabulary terms to get you started:

• Address—The unique number ID assigned to one host or interface in a network.

• Subnet—A portion of a network sharing a particular subnet address.
• Subnet mask—A 32-bit combination used to describe which portion of an
address refers to the subnet and which part refers to the host.
• Interface—A network connection.

If you have already received your legitimate address(es) from the InterNIC (Internet
Network Information Center), you are ready to begin. If you are not planning on
connecting to the Internet, we strongly suggest that you use reserved addresses from
RFC 1918 .

Conventions

For more information on document conventions, see the Cisco Technical Tips
Conventions.

Understanding IP Addresses
An IP address is an address used to uniquely identify a device on an IP network. The
address is made up of 32 binary bits which can be divisible into a network portion and
host portion with the help of a subnet mask. The 32 binary bits are broken into four
octets (1 octet = 8 bits). Each octet is converted to decimal and separated by a period
(dot). For this reason, an IP address is said to be expressed in dotted decimal format (for
example, 172.16.81.100). The value in each octet ranges from 0 to 255 decimal, or
00000000 - 11111111 binary.

Here is how binary octets convert to decimal: The right most bit, or least significant bit,
of an octet will hold a value of 20. The bit just to the left of that will hold a value of 21.
This continues until the left-most bit, or most significant bit, which will hold a value of
27. So if all binary bits are a one, the decimal equivalent would be 255 as shown here:

1 1 1 1 1 1 1 1
128 64 32 16 8 4 2 1 (128+64+32+16+8+4+2+1=255)

Here is a sample octet conversion when not all of the bits are set to 1.

0 1 0 0 0 0 0 1
0 64 0 0 0 0 0 1 (0+64+0+0+0+0+0+1=65)

And this is sample shows an IP address represented in both binary and decimal.

10. 1. 23. 19 (decimal)

00001010.00000001.00010111.00010011 (binary)

These octets are broken down to provide an addressing scheme that can accommodate
large and small networks. There are five different classes of networks, A to E. This
document focuses on addressing classes A to C, since classes D and E are reserved and
discussion of them is beyond the scope of this document.

Note: Also note that the terms "Class A, Class B" and so on are used in this document
to help facilitate the understanding of IP addressing and subnetting. These terms are
rarely used in the industry anymore because of the introduction of classless interdomain
routing (CIDR).

Given an IP address, its class can be determined from the three high-order bits. Figure 1
shows the significance in the three high order bits and the range of addresses that fall
into each class. For informational purposes, Class D and Class E addresses are also
shown.

Figure 1

In a Class A address, the first octet is the network portion, so the Class A example in
Figure 1 has a major network address of 10. Octets 2, 3, and 4 (the next 24 bits) are for
the network manager to divide into subnets and hosts as he/she sees fit. Class A
addresses are used for networks that have more than 65,536 hosts (actually, up to
16777214 hosts!).

In a Class B address, the first two octets are the network portion, so the Class B
example in Figure 1 has a major network address of 172.16. Octets 3 and 4 (16 bits) are
for local subnets and hosts. Class B addresses are used for networks that have between
256 and 65534 hosts.
In a Class C address, the first three octets are the network portion. The Class C example
in Figure 1 has a major network address of 193.18.9. Octet 4 (8 bits) is for local subnets
and hosts - perfect for networks with less than 254 hosts.

Network Masks
A network mask helps you know which portion of the address identifies the network
and which portion of the address identifies the node. Class A, B, and C networks have
default masks, also known as natural masks, as shown here:

Class A: 255.0.0.0
Class B: 255.255.0.0
Class C: 255.255.255.0

An IP address on a Class A network that has not been subnetted would have an
address/mask pair similar to: 8.20.15.1 255.0.0.0. To see how the mask helps you
identify the network and node parts of the address, convert the address and mask to
binary numbers.

8.20.15.1 = 00001000.00010100.00001111.00000001
255.0.0.0 = 11111111.00000000.00000000.00000000

Once you have the address and the mask represented in binary, then identifying the
network and host ID is easier. Any address bits which have corresponding mask bits set
to 1 represent the network ID. Any address bits that have corresponding mask bits set to
0 represent the node ID.

8.20.15.1 = 00001000.00010100.00001111.00000001
255.0.0.0 = 11111111.00000000.00000000.00000000
-----------------------------------
net id | host id

netid = 00001000 = 8
hostid = 00010100.00001111.00000001 = 20.15.1

Understanding Subnetting
Subnetting allows you to create multiple logical networks that exist within a single
Class A, B, or C network. If you do not subnet, you will only be able to use one network
from your Class A, B, or C network, which is unrealistic.

Each data link on a network must have a unique network ID, with every node on that
link being a member of the same network. If you break a major network (Class A, B, or
C) into smaller subnetworks, it allows you to create a network of interconnecting
subnetworks. Each data link on this network would then have a unique
network/subnetwork ID. Any device, or gateway, connecting n networks/subnetworks
has n distinct IP addresses, one for each network / subnetwork that it interconnects.

To subnet a network, extend the natural mask using some of the bits from the host ID
portion of the address to create a subnetwork ID. For example, given a Class C network
of 204.15.5.0 which has a natural mask of 255.255.255.0, you can create subnets in this
manner:

204.15.5.0 - 11001100.00001111.00000101.00000000
255.255.255.224 - 11111111.11111111.11111111.11100000
--------------------------|sub|----

By extending the mask to be 255.255.255.224, you have taken three bits (indicated by
"sub") from the original host portion of the address and used them to make subnets.
With these three bits, it is possible to create eight subnets. With the remaining five host
ID bits, each subnet can have up to 32 host addresses, 30 of which can actually be
assigned to a device since host ids of all zeros or all ones are not allowed (it is very
important to remember this). So, with this in mind, these subnets have been created.

204.15.5.0 255.255.255.224 host address range 1 to 30

204.15.5.32 255.255.255.224 host address range 33 to 62
204.15.5.64 255.255.255.224 host address range 65 to 94
204.15.5.96 255.255.255.224 host address range 97 to 126
204.15.5.128 255.255.255.224 host address range 129 to 158
204.15.5.160 255.255.255.224 host address range 161 to 190
204.15.5.192 255.255.255.224 host address range 193 to 222
204.15.5.224 255.255.255.224 host address range 225 to 254

Note: There are two ways to denote these masks. First, since you are using three bits
more than the "natural" Class C mask, you can denote these addresses as having a 3-bit
subnet mask. Or, secondly, the mask of 255.255.255.224 can also be denoted as /27 as
there are 27 bits that are set in the mask. This second method is used with CIDR. Using
this method, one of thse networks can be described with the notation prefix/length. For
example, 204.15.5.32/27 denotes the network 204.15.5.32 255.255.255.224. When
appropriate the prefix/length notation is used to denote the mask throughout the rest of
this document.

The network subnetting scheme in this section allows for eight subnets, and the network
might appear as:

Figure 2

Notice that each of the routers in Figure 2 is attached to four subnetworks, one
subnetwork is common to both routers. Also, each router has an IP address for each
subnetwork to which it is attached. Each subnetwork could potentially support up to 30
host addresses.
This brings up an interesting point. The more host bits you use for a subnet mask, the
more subnets you have available. However, the more subnets available, the less host
addresses available per subnet. For example, a Class C network of 204.17.5.0 and a
mask of 255.255.255.224 (/27) allows you to have eight subnets, each with 32 host
addresses (30 of which could be assigned to devices). If you use a mask of
255.255.255.240 (/28), the break down is:

204.15.5.0 - 11001100.00001111.00000101.00000000
255.255.255.240 - 11111111.11111111.11111111.11110000
--------------------------|sub |---

Since you now have four bits to make subnets with, you only have four bits left for host
addresses. So in this case you can have up to 16 subnets, each of which can have up to
16 host addresses (14 of which can be assigned to devices).

Take a look at how a Class B network might be subnetted. If you have network
172.16.0.0 ,then you know that its natural mask is 255.255.0.0 or 172.16.0.0/16.
Extending the mask to anything beyond 255.255.0.0 means you are subnetting. You can
quickly see that you have the ability to create a lot more subnets than with the Class C
network. If you use a mask of 255.255.248.0 (/21), how many subnets and hosts per
subnet does this allow for?

172.16.0.0 - 10101100.00010000.00000000.00000000
255.255.248.0 - 11111111.11111111.11111000.00000000
-----------------| sub |-----------

You are using five bits from the original host bits for subnets. This will allow you to
have 32 subnets (25). After using the five bits for subnetting, you are left with 11 bits for
host addresses. This will allow each subnet so have 2048 host addresses (211), 2046 of
which could be assigned to devices.

Note: In the past, there were limitations to the use of a subnet 0 (all subnet bits are set
to zero) and all ones subnet (all subnet bits set to one). Some devices would not allow
the use of these subnets. Cisco Systems devices will allow the use of these subnets
when theip subnet zero command is configured.

Examples
Sample Exercise 1

Now that you have an understanding of subnetting, put this knowledge to use. In this
example, you are given two address / mask combinations, written with the prefix/length
notation, which have been assigned to two devices. Your task is to determine if these
devices are on the same subnet or different subnets. You can do this by using the
address and mask of each device to determine to which subnet each address belongs.

DeviceA: 172.16.17.30/20
DeviceB: 172.16.28.15/20

Determining the Subnet for DeviceA:

172.16.17.30 - 10101100.00010000.00010001.00011110
255.255.240.0 - 11111111.11111111.11110000.00000000
-----------------| sub|------------
subnet = 10101100.00010000.00010000.00000000 = 172.16.16.0

Looking at the address bits that have a corresponding mask bit set to one, and setting all
the other address bits to zero (this is equivalent to performing a logical "AND" between
the mask and address), shows you to which subnet this address belongs. In this case,
DeviceA belongs to subnet 172.16.16.0.

Determining the Subnet for DeviceB:

172.16.28.15 - 10101100.00010000.00011100.00001111
255.255.240.0 - 11111111.11111111.11110000.00000000
-----------------| sub|------------
subnet = 10101100.00010000.00010000.00000000 = 172.16.16.0

From these determinations, DeviceA and DeviceB have addresses that are part of the
same subnet.

Sample Exercise 2

Given the Class C network of 204.15.5.0/24, subnet the network in order to create the
network in Figure 3 with the host requirements shown.

Figure 3

Looking at the network shown in Figure 3, you can see that you are required to create
five subnets. The largest subnet must support 28 host addresses. Is this possible with a
Class C network? and if so, then how?

You can start by looking at the subnet requirement. In order to create the five needed
subnets you would need to use three bits from the Class C host bits. Two bits would
only allow you four subnets (22).

Since you need three subnet bits, that leaves you with five bits for the host portion of
the address. How many hosts will this support? 25 = 32 (30 usable). This meets the
requirement.

Therefore you have determined that it is possible to create this network with a Class C
network. An example of how you might assign the subnetworks is:
netA: 204.15.5.0/27 host address range 1 to 30
netB: 204.15.5.32/27 host address range 33 to 62
netC: 204.15.5.64/27 host address range 65 to 94
netD: 204.15.5.96/27 host address range 97 to 126
netE: 204.15.5.128/27 host address range 129 to 158

VLSM Example
In all of the previous examples of subnetting you will notice that the same subnet mask
was applied for all the subnets. This means that each subnet has the same number of
available host addresses. You may need this in some cases, but, in most cases, having
the same subnet mask for all subnets ends up wasting address space. For example, in the
Sample Exercise 2 section, a class C network was split into eight equal-size subnets;
however, each subnet did not utilize all available host addresses, which results in wasted
address space. Figure 4 illustrates this wasted address space.

Figure 4

Figure 4 illustrates that of the subnets that are being used, NetA, NetC, and NetD have a
lot of unused host address space. This may have been a deliberate design accounting for
future growth, but in many cases this is just wasted address space due to the fact that the
same subnet mask is being used for all the subnets.
Variable Length Subnet Masks (VLSM) allows you to use different masks for each
subnet, thereby using address space efficiently.

VLSM Example

Given the same network and requirements as in Sample Exercise 2 develop a subnetting
scheme using VLSM, given:

netA: must support 14 hosts

netB: must support 28 hosts
netC: must support 2 hosts
netD: must support 7 hosts
netE: must support 28 host

Determine what mask allows the required number of hosts.

netA: requires a /28 (255.255.255.240) mask to support 14 hosts

netB: requires a /27 (255.255.255.224) mask to support 28 hosts
netC: requires a /30 (255.255.255.252) mask to support 2 hosts
netD*: requires a /28 (255.255.255.240) mask to support 7 hosts
netE: requires a /27 (255.255.255.224) mask to support 28 hosts

* a /29 (255.255.255.248) would only allow 6 usable host addresses

therefore netD requires a /28 mask.

The easiest way to assign the subnets is to assign the largest first. For example, you can
assign in this manner:

netB: 204.15.5.0/27 host address range 1 to 30

netE: 204.15.5.32/27 host address range 33 to 62
netA: 204.15.5.64/28 host address range 65 to 78
netD: 204.15.5.80/28 host address range 81 to 94
netC: 204.15.5.96/30 host address range 97 to 98

This can be graphically represented as shown in Figure 5:

Figure 5
Figure 5 illustrates how using VLSM helped save more than half of the address space.

CIDR
Classless Interdomain Routing (CIDR) was introduced to improve both address space
utilization and routing scalability in the Internet. It was needed because of the rapid
growth of the Internet and growth of the IP routing tables held in the Internet routers.

CIDR moves way from the traditional IP classes (Class A, Class B, Class C, and so on).
In CIDR , an IP network is represented by a prefix, which is an IP address and some
indication of the length of the mask. Length means the number of left-most contiguous
mask bits that are set to one. So network 172.16.0.0 255.255.0.0 can be represented as
172.16.0.0/16. CIDR also depicts a more hierarchical Internet architecture, where each
domain takes its IP addresses from a higher level. This allows for the summarization of
the domains to be done at the higher level. For example, if an ISP owns network
172.16.0.0/16, then the ISP can offer 172.16.1.0/24, 172.16.2.0/24,and so on to
customers. Yet, when advertising to other providers, the ISP only needs to advertise
172.16.0.0/16.

For more information on CIDR, see RFC 1518 and RFC 1519 .

Appendix
Sample Config
Routers A and B are connected via serial interface.

Router A

hostname routera
!
ip routing
!
int e 0
ip address 172.16.50.1 255.255.255.0
!(subnet 50)
int e 1 ip address 172.16.55.1 255.255.255.0
!(subnet 55)
int t 0 ip address 172.16.60.1 255.255.255.0
!(subnet 60) int s 0
ip address 172.16.65.1 255.255.255.0 (subnet 65)
!S 0 connects to router B
router rip
network 172.16.0.0

Router B

hostname routerb
!
ip routing
!
int e 0
ip address 192.1.10.200 255.255.255.240
!(subnet 192)
int e 1
ip address 192.1.10.66 255.255.255.240
!(subnet 64)
int s 0
ip address 172.16.65.2 (same subnet as router A's s 0)
!Int s 0 connects to router A
router rip
network 192.1.10.0
network 172.16.0.0

Host/Subnet Quantities Table

Class B Effective Effective
# bits Mask Subnets Hosts
------- --------------- --------- ---------
1 255.255.128.0 2 32766
2 255.255.192.0 4 16382
3 255.255.224.0 8 8190
4 255.255.240.0 16 4094
5 255.255.248.0 32 2046
6 255.255.252.0 64 1022
7 255.255.254.0 128 510
8 255.255.255.0 256 254
9 255.255.255.128 512 126
10 255.255.255.192 1024 62
11 255.255.255.224 2048 30
12 255.255.255.240 4096 14
13 255.255.255.248 8192 6
14 255.255.255.252 16384 2
Class C Effective Effective
# bits Mask Subnets Hosts
------- --------------- --------- ---------
1 255.255.255.128 2 126
2 255.255.255.192 4 62
3 255.255.255.224 8 30
4 255.255.255.240 16 14
5 255.255.255.248 32 6
6 255.255.255.252 64 2

*Subnet all zeroes and all ones included. These

might not be supported on some legacy systems.
*Host all zeroes and all ones excluded.

IP blocking is the banning, by a website, mailserver, or other Internet server, of outside

connections from certain IP addresses or ranges of them, the intention of this being to
keep out people who are judged as hostile or undesirable.

One such example of this is the July 2003 decision by techfocus.org to ban the
Recording Industry Association of America (RIAA) and Motion Picture Association of
America (MPAA) from its website for various abuses by those two organisations of the
content on it.[1]

On an Internet forum an IP ban is often used as a last resort to prevent a disruptive

member from participating, though a warning and/or account ban may be used first.

IP banning is used by Indymedia administrators. It has been alleged that they abuse that
power to exclude points of view which differ from that of administrators.

Wikipedia also uses blocking as one of its strategies for dealing with vandalism. See:
Wikipedia:Blocking policy.

IP banning is commonly used on computer servers to protect against brute force attacks.
Both companies and schools offering remote user access, and people wanting to access
their home computers from remote locations, use Linux programs such as DenyHosts or
Fail2ban for protection from unauthorized access while allowing permitted remote
access.

Trivial File Transfer Protocol (TFTP) is a very simple file transfer protocol, with the
functionality of a very basic form of FTP; it was first defined in 1980.

Since it is so simple, it is easy to implement in a very small amount of memory, an

important consideration at that time. TFTP was therefore useful for booting computers
such as routers which did not have any data storage devices. It is still used to transfer
small files between hosts on a network, such as when a remote X Window System
terminal or any other thin client boots from a network host or server.
TFTP is based in part on the earlier protocol EFTP, which was part of the PUP protocol
suite. In the early days of work on the TCP/IP protocol suite, TFTP was often the first
protocol implemented on a new host type, because it was so simple.

The original versions of TFTP, prior to RFC 1350, displayed a particularly bad protocol
flaw, which was named Sorcerer's Apprentice Syndrome (after the Sorcerer's
Apprentice segment of Fantasia) when it was discovered.

Recently, TFTP has been used by computer worms, such as Blaster, as a method of
spreading and infecting new hosts.

Contents
[hide] [hide]

• 1 Technical information
o 1.1 Some details of TFTP
o 1.2 Details of a TFTP session
• 2 Example command in TFTP in Windows
• 3 References
• 4 See also

• 5 External links

[edit] Technical information

(W1) Host A requests to write

(W2) Server S acknowledges request

(W3) Host A sends numbered data packets

(R1) Host A requests to read

(R2) Server S sends data packet 1

(R3) Host A acknowledges data packet 1

[edit] Some details of TFTP

• It uses UDP port 69 as its transport protocol (unlike FTP which uses TCP port
21).
• It cannot list directory contents.
• It has no authentication or encryption mechanisms.
• It is used to read files from, or write files to, a remote server.
• It supports three different transfer modes, "netascii", "octet" and "mail", with the
first two corresponding to the "ASCII" and "image" (binary) modes of the FTP
protocol; the third is now obsolete and is rarely used.
• The original protocol has a file size limit of 32 MB, although this was extended
when RFC 2347 introduced option negotiation, which was used in RFC 2348 to
introduce block-size negotiation in 1998 (allowing a maximum of 4 GB and
potentially higher throughput). If the server and client support block number
wraparound, file size is essentially unlimited.
• Since TFTP utilizes UDP, it has to supply its own transport and session support.
Each file transferred via TFTP constitutes an independent exchange. That
transfer is performed in lock-step, with only one packet (either a block of data,
or an 'acknowledgement') ever in flight on the network at any time. Due to this
lack of windowing, TFTP provides low throughput over high latency links.
• Due to the lack of security, it is dangerous over the open Internet. Thus, TFTP is
generally only used on private, local networks.

[edit] Details of a TFTP session

 • The initiating host A sends an RRQ (read request) or WRQ (write request)
packet to host B at the Well Known port number 69, containing the filename and
transfer mode.
• B replies with an ACK (acknowledgement) packet to WRQ and directly with a
DATA packet to RRQ. Packet is sent from a freshly allocated ephemeral port,
and all future packets to host B should be to this port.
• The source host sends numbered DATA packets to the destination host, all but
the last containing a full-sized block of data. The destination host replies with
numbered ACK packets for all DATA packets.
• The final DATA packet must contain less than a full-sized block of data to
signal that it is the last. If the size of the transferred file is an exact multiple of
the block-size, the source sends a final DATA packet containing 0 bytes of data.

[edit] Example command in TFTP in Windows

Transfers files to and from a remote computer running the TFTP service.

TFTP [-i] host [GET | PUT] source [destination]

-i Specifies binary image transfer mode (also called
octet). In binary image mode the file is moved
literally, byte by byte. Use this mode when
transferring binary files.
host Specifies the local or remote host.
GET Transfers the file destination on the remote host to
the file source on the local host.
PUT Transfers the file source on the local host to
the file destination on the remote host.
source Specifies the file to transfer.
destination Specifies where to transfer the fil

Only the address space for two of 512 areas is shown in Table A-1. These areas are
defined with the base address 150.100.2.0. Illustrating the entire address space for
150.100.0.0 would require hundreds of additional pages of addressing information.
Each area would require the equivalent number of entries for each of the example areas
illustrated here.

Table A-1 illustrates the assignment of 255 IP addresses that have been split between
two OSPF areas. Table A-1 also illustrates the boundaries of the subnets and of the two
OSPF areas shown (area 8 and area 17).

For the purposes of this discussion, consider a network that requires point-to-point serial
links in each area to be assigned a subnet mask that allows two hosts per subnet. All
other subnets are to be allowed 14 hosts per subnet. The use of bit-wise subnetting and
variable-length subnet masks (VLSMs) permit you to customize your address space by
facilitating the division of address spaces into smaller groupings than is allowed when
subnetting along octet boundaries. The address layout shown in Table A-1 illustrates a
structured approach to assigning addresses that uses VLSM. Table A-1 presents two
subnet masks: 255.255.255.240 and of 255.255.255.252. The first mask creates subnet
address spaces that are four bits wide; the second mask creates subnet address spaces
that are two bits wide.
Because of the careful assignment of addresses, each area can be summarized with a
single area router configuration command (used to define address range). The first set
of addresses starting with 150.100.2.0xxxxxxx (last octet represented here in binary) can
be summarized into the backbone with the following command:

area 8 range 150.100.2.0 255.255.255.128

This command assigns all addresses from 150.100.2.0 to 150.100.2.127 to area 8.

Similarly, the addresses from 150.100.2.128 to 150.100.2.255 for the second area can be
summarized as follows:

area 17 range 150.100.2.128 255.255.255.128

This command assigns all addresses from 150.100.2.128 to 150.100.2.255 to area 17.

Allocation of subnets allows you to decide where to draw the line between the subnet
and host (using a subnet mask) within each area. Note that in this example there are
only seven bits remaining to use because of the creation of the artificial area mask. The
nine bits to the left of the area mask are actually part of the subnet portion of the
address. By keeping these nine bits the same for all addresses in a given area, route
summarization is easily achieved at area border routers, as illustrated by the scheme
used in Table A-1 Step 3 Step 3.

Table A-1 lists individual subnets, valid IP addresses, subnet identifiers, and broadcast
addresses. This method of assigning addresses for the VLSM portion of the address
space guarantees that there is no address overlap. If the requirement had been different,
any number of the larger subnets might be chosen and divided into smaller ranges with
fewer hosts, or combined into several ranges to create subnets with more hosts.

The design approach used in this appendix allows the area mask boundary and subnet
masks to be assigned to any point in the address space, which provides significant
design flexibility. A change in the specification of the area mask boundary or subnet
masks may be required if a network outgrows its initial address space design. In Table
A-1, the area mask boundary is to the right of the most significant bit of the last octet of
the address, as shown by Figure A-1.

Figure A-1 Breakdown of the addresses assigned by the example.

With a subnet mask of 255.255.255.240, the a and b bits together represent the subnet
portion of the address, whereas the c and d bits together provide four-bit host identifiers.
When a subnet mask of 255.255.255.252 (a typical subnet mask for point-to-point serial
lines), the a, b, and c bits together represent the subnet portion of the address, and the d
bits provide two-bit host identifiers. As mentioned earlier, the purpose of the area mask
is to keep all of the a bits constant in a given OSPF area (independent of the subnet
mask) so that route summarization is easy to apply.

The following steps outline the process used to allocate addresses:

Step 1 Determine the number of areas required for your OSPF network. A value of 500
is used for this example.

Step 2 Create an artificial area mask boundary in your address space. This example
uses nine bits of subnet addressing space to identify the areas uniquely. Because 29=
512, nine bits of subnet meet our requirement of 500 areas.

Step 3 Determine the number of subnets required in each area and the maximum
number of hosts required per subnet. This allows you to determine the placement of the
subnet mask(s). In Table A-1, the requirement is for seven subnets with 14 hosts each
and four subnets with two hosts each.

Table A-1 Partial Example of Subnet Address Assignment Using VLSM

Subnet Host
Portion Portion
of Last of Last
IP Address Octet Octet Subnet
(Decimal) (Binary) (Binary) Number Subnet Mask Notes
150.100.2.0 0000 0000 150.100.2.0 255.255.255.240 Subnet
identifier;
area
boundary;
area 8
starts
150.100.2.1 0000 0001 150.100.2.0 255.255.255.240
150.100.2.2 0000 0010 150.100.2.0 255.255.255.240
150.100.2.3 0000 0011 150.100.2.0 255.255.255.240
150.100.2.4 0000 0100 150.100.2.0 255.255.255.240
150.100.2.5 0000 0101 150.100.2.0 255.255.255.240
150.100.2.6 0000 0110 150.100.2.0 255.255.255.240
150.100.2.7 0000 0111 150.100.2.0 255.255.255.240
150.100.2.8 0000 1000 150.100.2.0 255.255.255.240
150.100.2.9 0000 1001 150.100.2.0 255.255.255.240
150.100.2.10 0000 1010 150.100.2.0 255.255.255.240
150.100.2.11 0000 1011 150.100.2.0 255.255.255.240
150.100.2.12 0000 1100 150.100.2.0 255.255.255.240
150.100.2.13 0000 1101 150.100.2.0 255.255.255.240
150.100.2.14 0000 1110 150.100.2.0 255.255.255.240
150.100.2.15 0000 1111 150.100.2.0 255.255.255.240 Subnet
broadcast
150.100.2.16 0001 0000 150.100.2.16 255.255.255.240 Subnet
identifier
150.100.2.17 0001 0001 150.100.2.16 255.255.255.240
150.100.2.18 0001 0010 150.100.2.16 255.255.255.240
150.100.2.19 0001 0011 150.100.2.16 255.255.255.240
150.100.2.20 0001 0100 150.100.2.16 255.255.255.240
150.100.2.21 0001 0101 150.100.2.16 255.255.255.240
150.100.2.22 0001 0110 150.100.2.16 255.255.255.240
150.100.2.23 0001 0111 150.100.2.16 255.255.255.240
150.100.2.24 0001 1000 150.100.2.16 255.255.255.240
150.100.2.25 0001 1001 150.100.2.16 255.255.255.240
150.100.2.26 0001 1010 150.100.2.16 255.255.255.240
150.100.2.27 0001 1011 150.100.2.16 255.255.255.240
150.100.2.28 0001 1100 150.100.2.16 255.255.255.240
150.100.2.29 0001 1101 150.100.2.16 255.255.255.240
150.100.2.30 0001 1110 150.100.2.16 255.255.255.240
150.100.2.31 0001 1111 150.100.2.16 255.255.255.240 Subnet
broadcast
150.100.2.32 0010 0000 150.100.2.32 255.255.255.240 Subnet
identifier
150.100.2.33 0010 0001 150.100.2.32 255.255.255.240
150.100.2.34 0010 0010 150.100.2.32 255.255.255.240
150.100.2.35 0010 0011 150.100.2.32 255.255.255.240
150.100.2.36 0010 0100 150.100.2.32 255.255.255.240
150.100.2.37 0010 0101 150.100.2.32 255.255.255.240
150.100.2.38 0010 0110 150.100.2.32 255.255.255.240
150.100.2.39 0010 0111 150.100.2.32 255.255.255.240
150.100.2.40 0010 1000 150.100.2.32 255.255.255.240
150.100.2.41 0010 1001 150.100.2.32 255.255.255.240
150.100.2.42 0010 1010 150.100.2.32 255.255.255.240
150.100.2.43 0010 1011 150.100.2.32 255.255.255.240
150.100.2.44 0010 1100 150.100.2.32 255.255.255.240
150.100.2.45 0010 1101 150.100.2.32 255.255.255.240
150.100.2.46 0010 1110 150.100.2.32 255.255.255.240
150.100.2.47 0010 1111 150.100.2.32 255.255.255.240 Subnet
broadcast
150.100.2.48 0011 0000 150.100.2.48 255.255.255.240 Subnet
identifier
150.100.2.49 0011 0001 150.100.2.48 255.255.255.240
150.100.2.50 0011 0010 150.100.2.48 255.255.255.240
150.100.2.51 0011 0011 150.100.2.48 255.255.255.240
150.100.2.52 0011 0100 150.100.2.48 255.255.255.240
150.100.2.53 0011 0101 150.100.2.48 255.255.255.240
150.100.2.54 0011 0110 150.100.2.48 255.255.255.240
150.100.2.55 0011 0111 150.100.2.48 255.255.255.240
150.100.2.56 0011 1000 150.100.2.48 255.255.255.240
150.100.2.57 0011 1001 150.100.2.48 255.255.255.240
150.100.2.58 0011 1010 150.100.2.48 255.255.255.240
150.100.2.59 0011 1011 150.100.2.48 255.255.255.240
150.100.2.60 0011 1100 150.100.2.48 255.255.255.240
150.100.2.61 0011 1101 150.100.2.48 255.255.255.240
150.100.2.62 0011 1110 150.100.2.48 255.255.255.240
150.100.2.63 0011 1111 150.100.2.48 255.255.255.240 Subnet
broadcast
150.100.2.64 010000 00 150.100.2.64 255.255.255.252 Subnet
identifier
150.100.2.65 010000 01 150.100.2.64 255.255.255.252
150.100.2.66 010000 10 150.100.2.64 255.255.255.252
150.100.2.67 010000 11 150.100.2.64 255.255.255.252 Subnet
broadcast
150.100.2.68 010001 00 150.100.2.68 255.255.255.252 Subnet
 identifier
150.100.2.69 010001 01 150.100.2.68 255.255.255.252
150.100.2.70 010001 10 150.100.2.68 255.255.255.252
150.100.2.71 010001 11 150.100.2.68 255.255.255.252 Subnet
broadcast
150.100.2.72 010010 00 150.100.2.72 255.255.255.252 Subnet
identifier
150.100.2.73 010010 01 150.100.2.72 255.255.255.252
150.100.2.74 010010 10 150.100.2.72 255.255.255.252
150.100.2.75 010010 11 150.100.2.72 255.255.255.252 Subnet
broadcast
150.100.2.76 010011 00 150.100.2.76 255.255.255.252 Subnet
identifier
150.100.2.77 010011 01 150.100.2.76 255.255.255.252
150.100.2.78 010011 10 150.100.2.76 255.255.255.252
150.100.2.79 010011 11 150.100.2.76 255.255.255.252 Subnet
broadcast
150.100.2.80 0101 0000 150.100.2.80 255.255.255.240 Subnet
identifier
150.100.2.81 0101 0001 150.100.2.80 255.255.255.240
150.100.2.82 0101 0010 150.100.2.80 255.255.255.240
150.100.2.83 0101 0011 150.100.2.80 255.255.255.240
150.100.2.84 0101 0100 150.100.2.80 255.255.255.240
150.100.2.85 0101 0101 150.100.2.80 255.255.255.240
150.100.2.86 0101 0110 150.100.2.80 255.255.255.240
150.100.2.87 0101 0111 150.100.2.80 255.255.255.240
150.100.2.88 0101 1000 150.100.2.80 255.255.255.240
150.100.2.89 0101 1001 150.100.2.80 255.255.255.240
150.100.2.90 0101 1010 150.100.2.80 255.255.255.240
150.100.2.91 0101 1011 150.100.2.80 255.255.255.240
150.100.2.92 0101 1100 150.100.2.80 255.255.255.240
150.100.2.93 0101 1101 150.100.2.80 255.255.255.240
150.100.2.94 0101 1110 150.100.2.80 255.255.255.240
150.100.2.95 0101 1111 150.100.2.80 255.255.255.240 Subnet
broadcast
150.100.2.96 0110 0000 150.100.2.96 255.255.255.240 Subnet
identifier
150.100.2.97 0110 0001 150.100.2.96 255.255.255.240
150.100.2.98 0110 0010 150.100.2.96 255.255.255.240
150.100.2.99 0110 0011 150.100.2.96 255.255.255.240
150.100.2.100 0110 0100 150.100.2.96 255.255.255.240
150.100.2.101 0110 0101 150.100.2.96 255.255.255.240
150.100.2.102 0110 0110 150.100.2.96 255.255.255.240
150.100.2.103 0110 0111 150.100.2.96 255.255.255.240
150.100.2.104 0110 1000 150.100.2.96 255.255.255.240
150.100.2.105 0110 1001 150.100.2.96 255.255.255.240
150.100.2.106 0110 1010 150.100.2.96 255.255.255.240
150.100.2.107 0110 1011 150.100.2.96 255.255.255.240
150.100.2.108 0110 1100 150.100.2.96 255.255.255.240
150.100.2.109 0110 1101 150.100.2.96 255.255.255.240
150.100.2.110 0110 1110 150.100.2.96 255.255.255.240
150.100.2.111 0110 1111 150.100.2.96 255.255.255.240 Subnet
broadcast
150.100.2.112 0111 0000 150.100.2.112 255.255.255.240 Subnet
identifier
150.100.2.113 0111 0001 150.100.2.112 255.255.255.240
150.100.2.114 0111 0010 150.100.2.112 255.255.255.240
150.100.2.115 0111 0011 150.100.2.112 255.255.255.240
150.100.2.116 0111 0100 150.100.2.112 255.255.255.240
150.100.2.117 0111 0101 150.100.2.112 255.255.255.240
150.100.2.118 0111 0110 150.100.2.112 255.255.255.240
150.100.2.119 0111 0111 150.100.2.112 255.255.255.240
150.100.2.120 0111 1000 150.100.2.112 255.255.255.240
150.100.2.121 0111 1001 150.100.2.112 255.255.255.240
150.100.2.122 0111 1010 150.100.2.112 255.255.255.240
150.100.2.123 0111 1011 150.100.2.112 255.255.255.240
150.100.2.124 0111 1100 150.100.2.112 255.255.255.240
150.100.2.125 0111 1101 150.100.2.112 255.255.255.240
150.100.2.126 0111 1110 150.100.2.112 255.255.255.240
150.100.2.127 0111 1111 150.100.2.112 255.255.255.240 Subnet
broad-
cast; area
bound-
ary; area 8
ends
150.100.2.128 1000 0000 150.100.2.128 255.255.255.240 Subnet
identifier;
area
boundary;
area 17
starts
150.100.2.129 1000 0001 150.100.2.128 255.255.255.240
150.100.2.130 1000 0010 150.100.2.128 255.255.255.240
150.100.2.131 1000 0011 150.100.2.128 255.255.255.240
150.100.2.132 1000 0100 150.100.2.128 255.255.255.240
150.100.2.133 1000 0101 150.100.2.128 255.255.255.240
150.100.2.134 1000 0110 150.100.2.128 255.255.255.240
150.100.2.135 1000 0111 150.100.2.128 255.255.255.240
150.100.2.136 1000 1000 150.100.2.128 255.255.255.240
150.100.2.137 1000 1001 150.100.2.128 255.255.255.240
150.100.2.138 1000 1010 150.100.2.128 255.255.255.240
150.100.2.139 1000 1011 150.100.2.128 255.255.255.240
150.100.2.140 1000 1100 150.100.2.128 255.255.255.240
150.100.2.141 1000 1101 150.100.2.128 255.255.255.240
150.100.2.142 1000 1110 150.100.2.128 255.255.255.240
150.100.2.143 1000 1111 150.100.2.128 255.255.255.240 Subnet
broadcast
150.100.2.144 1001 0000 150.100.2.144 255.255.255.240 Subnet
identifier
150.100.2.145 1001 0001 150.100.2.144 255.255.255.240
150.100.2.146 1001 0010 150.100.2.144 255.255.255.240
150.100.2.147 1001 0011 150.100.2.144 255.255.255.240
150.100.2.148 1001 0100 150.100.2.144 255.255.255.240
150.100.2.149 1001 0101 150.100.2.144 255.255.255.240
150.100.2.150 1001 0110 150.100.2.144 255.255.255.240
150.100.2.151 1001 0111 150.100.2.144 255.255.255.240
150.100.2.152 1001 1000 150.100.2.144 255.255.255.240
150.100.2.153 1001 1001 150.100.2.144 255.255.255.240
150.100.2.154 1001 1010 150.100.2.144 255.255.255.240
150.100.2.155 1001 1011 150.100.2.144 255.255.255.240
150.100.2.156 1001 1100 150.100.2.144 255.255.255.240
150.100.2.157 1001 1101 150.100.2.144 255.255.255.240
150.100.2.158 1001 1110 150.100.2.144 255.255.255.240
150.100.2.159 1001 1111 150.100.2.144 255.255.255.240 Subnet
broadcast
150.100.2.160 1010 0000 150.100.2.160 255.255.255.240 Subnet
identifier
150.100.2.161 1010 0001 150.100.2.160 255.255.255.240
150.100.2.162 1010 0010 150.100.2.160 255.255.255.240
150.100.2.163 1010 0011 150.100.2.160 255.255.255.240
150.100.2.164 1010 0100 150.100.2.160 255.255.255.240
150.100.2.165 1010 0101 150.100.2.160 255.255.255.240
150.100.2.166 1010 0110 150.100.2.160 255.255.255.240
150.100.2.167 1010 0111 150.100.2.160 255.255.255.240
150.100.2.168 1010 1000 150.100.2.160 255.255.255.240
150.100.2.169 1010 1001 150.100.2.160 255.255.255.240
150.100.2.170 1010 1010 150.100.2.160 255.255.255.240
150.100.2.171 1010 1011 150.100.2.160 255.255.255.240
150.100.2.172 1010 1100 150.100.2.160 255.255.255.240
150.100.2.173 1010 1101 150.100.2.160 255.255.255.240
150.100.2.174 1010 1110 150.100.2.160 255.255.255.240
150.100.2.175 1010 1111 150.100.2.160 255.255.255.240 Subnet
broadcast
150.100.2.176 101100 00 150.100.2.176 255.255.255.252 Subnet
identifier
150.100.2.177 101100 01 150.100.2.176 255.255.255.252
150.100.2.178 101100 10 150.100.2.176 255.255.255.252
150.100.2.179 101100 11 150.100.2.176 255.255.255.252 Subnet
broadcast
150.100.2.180 101101 00 150.100.2.180 255.255.255.252 Subnet
identifier
150.100.2.181 101101 01 150.100.2.180 255.255.255.252
150.100.2.182 101101 10 150.100.2.180 255.255.255.252
150.100.2.183 101101 11 150.100.2.180 255.255.255.252 Subnet
broadcast
150.100.2.184 101110 00 150.100.2.184 255.255.255.252 Subnet
identifier
150.100.2.185 101110 01 150.100.2.184 255.255.255.252
150.100.2.186 101110 10 150.100.2.184 255.255.255.252
150.100.2.187 101110 11 150.100.2.184 255.255.255.252 Subnet
broadcast
150.100.2.188 101111 00 150.100.2.188 255.255.255.252 Subnet
identifier
150.100.2.189 101111 01 150.100.2.188 255.255.255.252
150.100.2.190 101111 10 150.100.2.188 255.255.255.252
150.100.2.191 101111 11 150.100.2.188 255.255.255.252 Subnet
broadcast
150.100.2.192 1100 0000 150.100.2.192 255.255.255.240 Subnet
identifier
150.100.2.193 1100 0001 150.100.2.192 255.255.255.240
150.100.2.194 1100 0010 150.100.2.192 255.255.255.240
150.100.2.195 1100 0011 150.100.2.192 255.255.255.240
150.100.2.196 1100 0100 150.100.2.192 255.255.255.240
150.100.2.197 1100 0101 150.100.2.192 255.255.255.240
150.100.2.198 1100 0110 150.100.2.192 255.255.255.240
150.100.2.199 1100 0111 150.100.2.192 255.255.255.240
150.100.2.200 1100 1000 150.100.2.192 255.255.255.240
150.100.2.201 1100 1001 150.100.2.192 255.255.255.240
150.100.2.202 1100 1010 150.100.2.192 255.255.255.240
150.100.2.203 1100 1011 150.100.2.192 255.255.255.240
150.100.2.204 1100 1100 150.100.2.192 255.255.255.240
150.100.2.205 1100 1101 150.100.2.192 255.255.255.240
150.100.2.206 1100 1110 150.100.2.192 255.255.255.240
150.100.2.207 1100 1111 150.100.2.192 255.255.255.240 Subnet
broadcast
150.100.2.208 1101 0000 150.100.2.208 255.255.255.240 Subnet
identifier
150.100.2.209 1101 0001 150.100.2.208 255.255.255.240
150.100.2.210 1101 0010 150.100.2.208 255.255.255.240
150.100.2.211 1101 0011 150.100.2.208 255.255.255.240
150.100.2.212 1101 0100 150.100.2.208 255.255.255.240
150.100.2.213 1101 0101 150.100.2.208 255.255.255.240
150.100.2.214 1101 0110 150.100.2.208 255.255.255.240
150.100.2.215 1101 0111 150.100.2.208 255.255.255.240
150.100.2.216 1101 1000 150.100.2.208 255.255.255.240
150.100.2.217 1101 1001 150.100.2.208 255.255.255.240
150.100.2.218 1101 1010 150.100.2.208 255.255.255.240
150.100.2.219 1101 1011 150.100.2.208 255.255.255.240
150.100.2.220 1101 1100 150.100.2.208 255.255.255.240
150.100.2.221 1101 1101 150.100.2.208 255.255.255.240
150.100.2.222 1101 1110 150.100.2.208 255.255.255.240
150.100.2.223 1101 1111 150.100.2.208 255.255.255.240 Subnet
broadcast
150.100.2.224 1110 0000 150.100.2.224 255.255.255.240 Subnet
identifier
150.100.2.225 1110 0001 150.100.2.224 255.255.255.240
150.100.2.226 1110 0010 150.100.2.224 255.255.255.240
150.100.2.227 1110 0011 150.100.2.224 255.255.255.240
150.100.2.228 1110 0100 150.100.2.224 255.255.255.240
150.100.2.229 1110 0101 150.100.2.224 255.255.255.240
150.100.2.230 1110 0110 150.100.2.224 255.255.255.240
150.100.2.231 1110 0111 150.100.2.224 255.255.255.240
150.100.2.232 1110 1000 150.100.2.224 255.255.255.240
150.100.2.233 1110 1001 150.100.2.224 255.255.255.240
150.100.2.234 1110 1010 150.100.2.224 255.255.255.240
150.100.2.235 1110 1011 150.100.2.224 255.255.255.240
150.100.2.236 1110 1100 150.100.2.224 255.255.255.240
150.100.2.237 1110 1101 150.100.2.224 255.255.255.240
150.100.2.238 1110 1110 150.100.2.224 255.255.255.240
150.100.2.239 1110 1111 150.100.2.224 255.255.255.240 Subnet
broadcast
150.100.2.240 1111 0000 150.100.2.240 255.255.255.240 Subnet
identifier
150.100.2.241 1111 0001 150.100.2.240 255.255.255.240
150.100.2.242 1111 0010 150.100.2.240 255.255.255.240
150.100.2.243 1111 0011 150.100.2.240 255.255.255.240
150.100.2.244 1111 0100 150.100.2.240 255.255.255.240
150.100.2.245 1111 0101 150.100.2.240 255.255.255.240
150.100.2.246 1111 0110 150.100.2.240 255.255.255.240
150.100.2.247 1111 0111 150.100.2.240 255.255.255.240
150.100.2.248 1111 1000 150.100.2.240 255.255.255.240
150.100.2.249 1111 1001 150.100.2.240 255.255.255.240
150.100.2.250 1111 1010 150.100.2.240 255.255.255.240
150.100.2.251 1111 1011 150.100.2.240 255.255.255.240
150.100.2.252 1111 1100 150.100.2.240 255.255.255.240
150.100.2.253 1111 1101 150.100.2.240 255.255.255.240
150.100.2.254 1111 1110 150.100.2.240 255.255.255.240
150.100.2.255 1111 1111 150.100.2.240 255.255.255.240 Subnet
broadcast;
area
boundary;
area 17
ends

This article or section is not written in the formal tone expected of an encyclopedia
article.
Please improve it or discuss changes on the talk page. See Wikipedia's guide to writing better
articles for suggestions.

In computing, geolocation software is used to deduce the geolocation (geographic

location) of the other party, for example on the internet. One simple approach to
geolocation is looking at the IP address and determining what country, organization, or
user it has been assigned to, and guessing the user's location based on that. Other means
include examination of a MAC address, image metadata, or credit card information.

Contents
[hide] [hide]

• 1 Data collection
• 2 Criticism
 • 3 Privacy
• 4 Applications
o 4.1 Criminal investigations
o 4.2 Fraud detection
o 4.3 Censorship
o 4.4 Geo marketing
o 4.5 Regional licensing
o 4.6 Target content
o 4.7 Mobile phones
o 4.8 Spam fighting
• 5 History
• 6 See also
• 7 References

• 8 External links

[edit] Data collection

Data is collected from web sites that ask visitors to supply a geographic location. For
example, a weather web site might ask visitors for a city name, to find their local
forecast. The IP address of the requestor is recorded along with the geographic
information, creating a single data point in a very large map.

Information in this article or section has not been verified against sources and may not
be reliable.
Please check for inaccuracies and modify as needed, citing the sources against which
it was checked.

Many companies sell geolocation databases. The databases are swapping listings to
filter out anomalies. The major geolocation companies claim varying degrees of
accuracy. Most are much more accurate on the country level than on the city/state level.

[edit] Criticism
Critics note that geolocation software is inherently inaccurate (2002), easily
manipulated, and conflicts with the global nature of the Internet.[citation needed]

[edit] Privacy
A distinction can be made between co-operative and oppositional geolocation. In some
cases, it is in the interest of users to be accurately located, for example, so that they can
be offered information relevant to their location. In other cases, users prefer to not
disclose their location for privacy or other reasons.

Technical measures for ensuring anonymity, such as proxy servers, can be used to
circumvent restrictions imposed by geolocation software. Some sites detect the use of
proxies and anonymizers, and may either block service or provide non-localized content
in response.[1]
[edit] Applications
[edit] Criminal investigations

Banks, software vendors and other online enterprises are now subject to strict new
“Know Your Customer” laws imposed by the USA PATRIOT Act, the Bank Secrecy
Act, the US Treasury Department’s Office of Foreign Assets Control and other
regulatory entities in the US and Europe. These laws are designed to prevent money
laundering, trafficking with terrorist organizations and trading with banned nations. By
identifying where online visitors really are, geolocation can protect banks from
participating in the transfer of funds for illicit purposes.

[edit] Fraud detection

Online retailers and payment processors use geolocation to detect possible credit card
fraud by comparing the user’s location to the billing address on the account or the
shipping address provided. A mismatch – an order placed from Indonesia on an account
number from Indiana, for example – is a strong indicator of potential fraud. Banks can
prevent “phishing” attacks, money laundering and other security breaches by
determining the user’s location as part of the authentication process.

Government, law enforcement and corporate security teams use geolocation as an

investigatory tool, tracking the Internet routes of online attackers to find the perpetrators
and prevent future attacks from the same location.

[edit] Censorship

It has been suggested that legislation should mandate the use of geolocation software,
for example for companies distributing pornography considered obscene in some
jurisdictions or to enforce international trade agreements. (See geolocation).

[edit] Geo marketing

See Geo (marketing)

[edit] Regional licensing

Internet movie vendors and online broadcasters who serve live streaming video of
sporting events are permitted to service viewers only in their licensed territories. By
geolocating viewers, they can be certain of obeying licensing regulations. Online
casinos must also know where their customers are or risk violating national laws against
Internet gambling.

Jim Ramo, chief executive of movie distributor Movielink, said studios were aware of
the shortcomings going in and have grown more confident now that the system has been
shown to work.[2]

[edit] Target content

Web sites can show different content based on your location. For example, going to
google.com may redirect you to your local (translated) google site like Google Belgium,
or it may show a 'Go to Google Belgium'.

[edit] Mobile phones

Geolocation is not only used on the Internet. Some mobile telephone service providers
offer services that accurately determine the location of a mobile phone on their network
and provide location-based services.

[edit] Spam fighting

Though controversial, some ISP's use geolocation software to help with the prevention
of email and website spam. Many countries are known to have loose spam laws, and the
use of geolocation software allows ISPs to identify or flag messages and posts from
these countries.

[edit] History
Geolocation technology has been under development only since 1999, and the first
patents were granted in 2004. The technology is already widely used in multiple
industries, including e-retail, banking, media, online gaming and law enforcement, for
preventing online fraud, complying with regulations, managing digital rights and
serving targeted marketing content and pricing

MAC address
From Wikipedia, the free encyclopedia

Jump to: navigation, search

This article is about the computer networking Media Access Control address (MAC
address). For other uses, see MAC.

In computer networking a Media Access Control address (MAC address) is a unique

identifier attached to most network adapters (NICs). It is a number that acts like a name
for a particular network adapter, so, for example, the network cards (or built-in network
adapters) in two different computers will have different names, or MAC addresses, as
would an Ethernet adapter and a wireless adapter in the same computer, and as would
multiple network cards in a router. However, it is possible to change the MAC address
on most of today's hardware.

Most layer 2 network protocols use one of three numbering spaces managed by the
IEEE: MAC-48, EUI-48, and EUI-64, which are designed to be globally unique. Not
all communications protocols use MAC addresses, and not all protocols require globally
unique identifiers. The IEEE claims trademarks on the names "EUI-48" and "EUI-64".
(The "EUI" stands for Extended Unique Identifier.)
MAC addresses, unlike IP addresses and IPX addresses, are not divided into "host" and
"network" portions, so a host cannot determine, from the MAC address of another host,
whether that host is on the same layer 2 network segment as the sending host or a
network segment bridged to that network segment and, if it's not, cannot determine the
MAC address of a router that is on the same network segment as the sending host or a
segment bridged to that network segment and that can help route the packet to the
destination host.

ARP is commonly used to convert from addresses in a layer 3 protocol such as Internet
Protocol (IP) to the layer 2 MAC address. On broadcast networks, such as Ethernet, the
MAC address allows each host to be uniquely identified and allows frames to be
marked for specific hosts. It thus forms the basis of most of the layer 2 networking upon
which higher OSI Layer protocols are built to produce complex, functioning networks.

Contents
[hide] [hide]

• 1 Address details
o 1.1 Individual address block
• 2 Printed format
• 3 See also
• 4 References

• 5 External links

[edit] Address details

The original IEEE 802 MAC address, now officially called "MAC-48", comes from the
Ethernet specification. Since the original designers of Ethernet had the foresight to use a
48-bit address space, there are potentially 248 or 281,474,976,710,656 possible MAC
addresses.

All three numbering systems use the same format and differ only in the length of the
identifier. Addresses can either be "universally administered addresses" or "locally
administered addresses."

A universally administered address is uniquely assigned to a device by its

manufacturer; these are sometimes called "burned-in addresses." The first three octets
(in transmission order) identify the organization that issued the identifier and are known
as the Organizationally Unique Identifier (OUI). The following three (MAC-48 and
EUI-48) or five (EUI-64) octets are assigned by that organization in nearly any manner
they please, subject to the constraint of uniqueness. The IEEE expects the MAC-48
space to be exhausted no sooner than the year 2100; EUI-64s are not expected to run out
in the foreseeable future.

A locally administered address is assigned to a device by a network administrator,

overriding the burned-in address. Locally administered addresses do not contain OUIs.

Universally administered and locally administered addresses are distinguished by

setting the second least significant bit of the most significant byte of the address. If the
bit is 0, the address is universally administered. If it is 1, the address is locally
administered. The bit is 0 in all OUIs. For example, 02-00-00-00-00-01 is a locally
administered address.[1]
MAC-48 and EUI-48 addresses are usually shown in hexadecimal format, with each
octet separated by a dash or colon. An example of a MAC-48 address would be "00-08-
74-4C-7F-1D". If you cross-reference the first three octets with IEEE's OUI
assignments,[2] you can see that this MAC address came from Dell Computer Corp. The
last three octets represent the serial number assigned to the adapter by the manufacturer.

The following technologies use the MAC-48 identifier format:

• Ethernet
• 802.11 wireless networks
• Bluetooth
• IEEE 802.5 token ring
• most other IEEE 802 networks
• FDDI
• ATM (switched virtual connections only, as part of an NSAP address)
• Fibre Channel and Serial Attached SCSI (as part of a World Wide Name)

The distinction between EUI-48 and MAC-48 identifiers is purely semantic: MAC-48 is
used for network hardware; EUI-48 is used to identify other devices and software.
(Thus, by definition, an EUI-48 is not in fact a "MAC address", although it is
syntactically indistinguishable from one and assigned from the same numbering space.)

Note: The IEEE now considers the label MAC-48 to be an obsolete term which was
previously used to refer to a specific type of EUI-48 identifier used to address hardware
interfaces within existing 802-based networking applications and should not be used in
the future. Instead, the term EUI-48 should be used for this purpose.

EUI-64 identifiers are used in:

• FireWire
• IPv6 (as the low-order 64 bits of a unicast network address when temporary
addresses are not being used)
• ZigBee / 802.15.4 wireless personal-area networks

The IEEE has built in several special address types to allow more than one Network
Interface Card to be addressed at one time:

• Packets sent to the broadcast address, all one bits, are received by all stations
on a local area network. In hexadecimal the broadcast address would be
"FF:FF:FF:FF:FF:FF".
• Packets sent to a multicast address are received by all stations on a LAN that
have been configured to receive packets sent to that address.
• Functional addresses identify one of more Token Ring NICs that provide a
particular service, defined in IEEE 802.5.

These are "group addresses", as opposed to "individual addresses"; the least significant
bit of the first octet of a MAC address distinguishes individual addresses from group
addresses. That bit is set to 0 in individual addresses and 1 in group addresses. Group
addresses, like individual addresses, can be universally administered or locally
administered.
In addition, the EUI-64 numbering system encompasses both MAC-48 and EUI-48
identifiers by a simple translation mechanism. To convert a MAC-48 into an EUI-64,
copy the OUI, append the two octets "FF-FF", and then copy the organization-specified
part. To convert an EUI-48 into an EUI-64, the same process is used, but the sequence
inserted is "FF-FE". In both cases, the process can be trivially reversed when necessary.
Organizations issuing EUI-64s are cautioned against issuing identifiers that could be
confused with these forms. The IEEE policy is to discourage new uses of 48-bit
identifiers in favor of the EUI-64 system.

IPv6—one of the most prominent standards that uses EUI-64—applies these rules
inconsistently. Due to an error in the appendix to the specification of IPv6 addressing, it
is standard practice to extend MAC-48 addresses (such as IEEE 802 MAC address) to
EUI-64 using "FF-FE" rather than "FF-FF."

[edit] Individual address block

An Individual Address Block comprises a 24-bit OUI managed by the IEEE

Registration Authority, followed by 12 IEEE-provided bits (identifying the
organization), and 12 bits for the owner to assign to individual devices. An IAB is ideal
for organizations requiring fewer than 4097 unique 48-bit numbers (EUI-48).[3]

[edit] Printed format

The standard (IEEE 802) format for printing MAC-48 addresses in human-readable
media is six groups of two hexadecimal digits, separated by hyphens (-) in transmission
order, e.g. 01-23-45-67-89-ab. This form is also commonly used for EUI-64. Other
conventions include six groups of two separated by colons (:), e.g.
01:23:45:67:89:ab; or three groups of four hexadecimal digits separated by dots (.),
e.g. 0123.4567.89ab; again in transmission order.