Subnets, Netmasks and Routing IP Packets

Pretend you are a router, with a network interface at a certain IP.  You have a packet with a certain destination IP to handle.  Do you send it to your gateway, or can you send it directly to the destination?

Answer: If all the subnet definition bits match the router’s, then send directly.  Mathematically, this means XOR the destination with the router interface IP, then AND the result with the gateway mask;  a zero result means send directly. A non-zero result means send to the gateway.

Examples below assume I’m at looking to handle various IP addresses with a netmask of

  • Send to myself: XOR IP> AND MASK> > send direct
  • Send to a neighbor on my subnet: XOR IP > AND MASK > > send direct
  • Send to someone out of my subnet: XOR IP> AND MASK > > send to gateway

notice the order is not reversible (yields a bad result)

  • Someone in my subnet: AND MASK > XOR IP> > send to gateway is the ~wrong~ answer.
  • In fact, ~all traffic will go to the gateway (wrong answer) AND MASK> > XOR IP > > send to gateway is the ~wrong~ answer.

Notice this logic can also be used to determine ~which~ gateway or route the packet should go to by ignoring your own IP address and comparing instead to possible destination gateways, starting first with gateways with the most bits set (most specific). Checking in order, the first non-zero answer gets the traffic.  If you get through all of the defined gateways and do not get a choice, the last entry in a route table is (the default entry) and you’ll definitely get a match there.

Evan Anderson does a fantastic and excruciatingly detailed writing on the topic of subnetting.  Download it to a pdf for your library.  However, it’s almost too detailed.  Summarizing his example 1/3 of the way down the page just after the “How a Router Works” section:

Destination is  What do you do with the packet?  Options for gateways include interface #1 at and interface #2 at XOR ROUTER 1 > AND MASK > – zero, yes use this router XOR ROUTER 2 > AND MASK > – nonzero, do not use this router

Extra credit homework:

Do network have to be contiguous bits?  In other words, do netmasks have to exhibit consecutive zeros on the least significant bits with all the 1’s left packed?  If not, what would the Network ID be of a network with non-contiguous bits? CIDR (slash notation) is driving everybody to contiguous bits, while at the same time creating more notation for “aggregating nets”.  But that brings us right back to netmasks defined bit by bit.

Folks are comfortable with masks like (/24)or adding on another bit to get (/25), giving two subnets of 7 bits each, or 128 addresses.  Minus two for the Network ID (host bits all zero) and the Broadcast address (host bits all one) leaves 126 device IPs.

It seems I could accomplish the same thing using a subnet mask of  In the latter case, there are still two subnets with 7 bits available (128 addresses) for use, giving usable addresses of ~.0-63 and ~.128-191.  In addition to DirtyMIkeAndTheBoys, linked above, VastlySuperiourMan and had the same question.

I’m not asking if there’s a good reason to do so.  I’m asking technically whether this is possible. I know by *convention* we’ve all agreed to pack net-definition bits left.  However, I can’t discern a technical reason why that is required.


About Brian

Engineer. Aviator. Educator. Scientist.
This entry was posted in Computers. Bookmark the permalink.

Leave a Reply