CURRENT_MEETING_REPORT_
Reported by Noel Chiappa
SUBNETBOF Minutes
Variable Width Subnet Masks BOF
The Subnets BoF reviewed a number of problematical cases brought up by
the use of variable width subnet masks (i.e., use of more than one
subnet mask in any given IP network). These cases all relate to the
allocation of various subnetted addresses to various physical networks
which are part of an IP network. Consensus was reached on which
configurations to allow and disallow.
Before reviewing the specific points, it will be useful to include some
terminology. Use of the subnet numbers ``A, B.1 and B.2'' means that A
and B are differing values of a fixed part of the `rest' field, and that
1 and 2 are differing values of a different, lower, fixed part of the
`rest' field.
For instance (using an 8 bit rest field), with the two masks 11100000
and 11111100, `A' might be 001xxxxx, `B' might be 010xxxxx, `B.1' would
be 010001xx and `B.2' would be 010010xx. With this terminology in hand,
the specific cases can now be reviewed in detail.
The first question addressed was whether or not to allow two subnets in
the same part of a network's address space to be topologically separate.
In other words, could subnets B.1 and B.2 be separated by subnet A?
Looked at another way, if B.1 and B.2 are thought of as parts of a
`subnet' B, can that subnet be partitioned? If allowed, this would
represent a divergence with the basic Internet philosophy, in which an
IP network is not allowed to be partitioned. The argument for allowing
this is to get maximum use out of variable width masks.
Variable width masks were added to the architecture to allow efficient
use of address space. For example, if an enterprise, with a single IP
network number, contains a single large LAN (with several thousand
hosts), and a number of small LAN's (with tens of hosts), there is no
single subnet mask that will efficiently use the address space of that
network number. A wide mask, necessary to handle the single large LAN
as a whole, will `waste' space when used on the small LAN's. A small
mask will force the single large LAN to be trated as a collection of
small LAN's, with consequent forwarding overhead. An alternative
approach would be to use a separate network number for the large LAN,
but this will increase the number of network numbers in the system as a
whole, with consequent global costs. If the enterprise is only singly
connected to the rest of the Internet, there is no benefit to the rest
of the system of having more than one network number for the enterprise.
Thus, only with use of varying width masks can efficient use be made of
address space, both in the network and the Internet as a whole.
The disadvantage to allowing this is that all the routers in a network
1
�
must know where every subnet is (and what its mask is). For example,
suppose B.1 and B.2 are on different sides of A (connected by routers R1
and R2 respectively), and a router R is attached only to subnet A and
some outside network. In the current state of affairs, R will only know
the subnet mask for A, on which it has an interface. Now, when a
incoming packet for B.1 arrives at router R, knowledge of the mask for A
(and thus B) is not sufficient; router R needs to be able to distinguish
B.1 and B.2 as separate destinations if it is to forward the packet to
the correct next hop router, R1 or R2. It is thus seen that, to
function in the general case, all routers in a subnetted network now
need to know the mask for every subnet in the system.
This is a substantial cost; however, it was felt that to make the
restriction that all the small subnets in one piece of the network
address space (i.e., B.1 .... B.N) must be contiguous worked against
maximum utilization. Moreover, even this restriction does not
necessarily remove the necessity for a router to know all the subnet
masks in use in a given network. For example, if the router R above
were connected to B.1, rather than A, it would still need the mask for
A, unless it were for routing purposes to consider A as a large number
of subnets of the same size as B.1.
Finally, the routing protocols which support variable length subnet
masks do provide the necessary information to routers to do the
forwarding correctly. The consensus thus was that allowing this
configuration was necessary.
The next question to be addressed was whether all subnet masks must be
contiguous and on the high end of the `rest' field (i.e., have the form
11...1100...00). One argument that was put forward was that
non-contiguous masks allowed more flexibility in extending the subnet
mask when it ran out. It was pointed out that easy extension could be
provided for by allocating subnet number bits from the high end of the
rest field, and host bits from the low end, with unused space in the
middle. Whenever either field became too small, it could be extended,
as long as unused bits remained. Additionally, some versions of the
Patricia tree algorithm do not work with non-contiguous masks.
While it was agreed that no good reason could be provided for not
allowing other formats, no strong use could be seen for allowing them
either, and in the interest of future flexibility the consensus was to
not allow them.
The third question to be address was whether `subset' subnets would be
allowed; i.e., could a small subnet have the same leading bits as a
larger subnet. For example, if one subnet is numbered B, could another
subnet have the number B.1? Clearly, at a minimum, no hosts on subnet B
could have a address which had B.1 as a prefix (i.e., addresses on
subnets B.1 ... B.N which were in use could not appear on subnet B);
this would leave routers unable to discover which subnet these hosts
were on, unless each host was tracked separately.
It was initially thought that this was the only problem, which could be
handled by correct configuration, and the feeling was that this should
2
�
be allowed to optimize use of the address space. An additional cost
would be that routers would have to do a `best match' routing lookup.
I.e., even after finding a mask and address that match, the router would
still have to look for further potential matches that are more
`complete'. This cost exists now for routers that support host routes,
however.
However, it was pointed out that a host H attached to subnet B would
think that hosts attached to subnet B.1 (which host H would need to
reach through a router) were in fact directly reachable by host H. No
general fix (i.e., one that worked on all network technologies, not just
those which used ARP) could be discovered for this problem. In
addition, the chances for misconfiguration (e.g., a host on subnet B
that appears to be on subnet B.1) are manifold. Given these points, the
consensus was that this configuration should not be allowed.
Finally, ambiguous subnets were discussed briefly. This name refers to
subnets masks (and numbers) which overlap in ways such that host
addresses are not unambiguously on one network or another. For
instance, consider two different subnets 5 and 6, with different subnet
masks 5 and 6 (temporarily ignoring the fact that these are all 1's
subnet numbers). Next, think of an address starting with 7; it matches
the 5 address and mask, but also matches the 6 address and mask. Which
one is better?
Since this case was ruled out by the fact that non-contiguous masks will
not allowed, it was not discussed in detail. However, if that
restriction is relaxed in the future, this question will need to be
revisited.
Attendees
Steve Alexander stevea@i88.isc.com
Philip Almquist almquist@jessica.stanford.edu
Nagaraj Arunkumar nak@3com.com
Karl Auerbach karl@eng.sun.com
Tom Benkart teb@saturn.acc.com
Arthur Berggreen art@acc.com
David Borman dab@cray.com
Scott Brim swb@nr-tech.cit.cornell.edu
Rob Coltun rcoltun@ni.umd.edu
Ralph Droms droms@bucknell.edu
Robert Elz kre@munnari.oz.au
Dino Farinacci dino@cisco.com
Dennis Ferguson dennis@canet.ca
Karen Frisa karen.frisa@andrew.cmu.edu
Jeffrey Honig jch@nr-tech.cit.cornell.edu
Phani Jujjavarapu phani@cisco.com
Douglas Kerr dougk@mtxinu.com
Nik Langrind nik@shiva.com
John Lekashman lekash@nas.nasa.gov
Tony Li tli@cisco.com
Bill Manning bmanning@rice.edu
Matt Mathis mathis@psc.edu
3
�
Lars Poulsen lars@cmc.com
Gershon Schatzberg 439-3582@mcimail.com
Osamu Takada takada@sdl.hitachi.co.jp
Walter Wimer walter.wimer@andrew.cmu.edu
Robert Woodburn woody@cseic.saic.com
Richard Woundy rwoundy@ibm.com
4