The address for an entire data link—a non-host-specific network address— is represented by the network
portion of an IP address, with all host bits set to zero. For instance, the InterNIC, the body that
administers IP addresses, might assign to an applicant an address of 172.21.0.0.[6] This address is a class B
address because 172 is between 128 and 191, so the last two octets make up the host bits. Notice that they
are all set to zero. The first 16 bits (172.21.) are assigned, but address owners are free to do whatever they
please with the host bits.
[6] Actually, this address would never be assigned. It is from a group of addresses reserved for private use; most of the addresses used in this book
are from this reserved pool, described in RFC 1918. Reserved addresses are: 10.0.0.0-10.255.255.255, 172.16.0.0-172.31.255.255, and
192.168.0.0-192.168.255.255.
Each device or interface will be assigned a unique, host-specific address such as 172.21.35.17. The
device, whether a host or a router, obviously needs to know its own address, but it also needs to be able to
determine the network to which it belongs— in this case, 172.21.0.0.
This task is accomplished by means of an address mask. The address mask is a 32-bit string, one bit for
each bit of the IP address. As a 32-bit string, the mask can be represented in dotted-decimal format just
like an IP address. This representation tends to be a stumbling block for some beginners: Although the
address mask can be written in dotted decimal, it is not an address. Table 2.3 shows the standard address
masks for the three classes of IP address.
Table 2.3. Address masks for class A, B, and C network addresses.
Class Mask Dotted Decimal
A 11111111000000000000000000000000 255.0.0.0
B 11111111111111110000000000000000 255.255.0.0
C 11111111111111111111111100000000 255.255.255.0
For each bit of the IP address, the device performs a Boolean (logical) AND function with the
corresponding bit of the address mask. The AND function can be stated as follows:
Compare two bits and derive a result. The result will be one if and only if both bits are one. If either or
both bits are zero, the result will be zero.
Figure 2.12 shows how, for a given IP address, the address mask is used to determine the network
address. The mask has a one in every bit position corresponding to a network bit of the address and a zero
in every bit position corresponding to a host bit. Because 172.21.35.17 is a class B address , the mask
must have the first two octets set to all ones and the last two octets, the host part, set to all zeros. As Table
2.3 shows, this mask can be represented in dotted decimal as 255.255.0.0.
Figure 2.12. Each bit of this class B address is ANDed with the corresponding bit of the address mask to
derive the network address.
A logical AND is performed on the IP address and its mask for every bit position; the result is shown in
Figure 2.12. In the result, every network bit is repeated, and all the host bits become zeros. So by
assigning an address of 172.21.35.17 and a mask of 255.255.0.0 to an interface, the device will know that
the interface belongs to network 172.21.0.0. Applying the AND operator to an IP address and its address
mask always reveals the network address.
An address and mask are assigned to an interface of a Cisco router (in this example, the E0 interface) by
means of the following commands:
Smokey(config)# interface ethernet 0
Smokey(config-if)# ip address 172.21.35.17 255.255.0.0
But why use address masks at all? So far, using the first octet rule seems much simpler.