Posted inNetwork

Basic Network Knowledge for SysAdmins: IP, Subnet, Gateway – Indispensable Foundations

Network tutorial - IT technology blog
Network tutorial - IT technology blog

SysAdmin’s First Steps: Why Master IP, Subnet, Gateway?

When I first started on the SysAdmin path, I often hesitated between various approaches to network knowledge. Some said, "just follow the instructions," while others advised, "knowing the machine’s IP is enough." However, after many years of managing networks for a 50-person office and even a small datacenter, I realized that a deep understanding of IP, Subnet, and Gateway is the core foundation for stable system operation.

Comparing Network Knowledge Approaches for Newcomers

I often observe three basic approaches to network knowledge among new SysAdmins:

  1. Type 1: "Instant Noodles" Learning – Configuring by existing guides.
    • Pros: Allows quick deployment of simple tasks.
    • Cons: Lacks fundamental understanding, prone to trouble when issues arise or environments change. When encountering unfamiliar errors, you’ll be completely stuck.
  2. Type 2: "Limited Knowledge" Learning – Grasping concepts but not deeply.
    • Pros: Can partially understand how the system works, more confident with basic configurations.
    • Cons: Still vague about component interactions, difficult to optimize or handle complex issues. For example, you know IP is a machine address, but hesitate when asked what a subnet mask is for.
  3. Type 3: "Root Cause" Learning – Mastering the nature and operation.
    • Pros: Understands every bit, every packet flow. You can design networks, optimize, secure, and most importantly, effectively diagnose and troubleshoot issues. This is what differentiates a SysAdmin who "can do" from one who "truly understands."
    • Cons: Requires significant initial time and effort to learn.

Which Learning Approach Should You Choose to Become a Professional SysAdmin?

Based on personal experience, I assert that Type 3 learning is the key factor to becoming solid in the SysAdmin profession. Especially in a real-world work environment, with a 50-user office and multiple servers in a datacenter, if you don’t clearly understand how IP, Subnet, and Gateway work, you will face many serious network issues.

These problems can include computers unable to access the internet, servers losing connectivity, or even security vulnerabilities. Simply put, you cannot troubleshoot effectively if you don’t understand the underlying principles.

So, let’s dive into each concept to understand how they work.

1. IP Address: Unique Identifier for Every Device

Every device connected to a network (computer, server, phone, router, printer, etc.) needs a unique address so that other devices can "find" and send data to it. This is the IP Address (Internet Protocol Address).

IPv4 and IPv6 – Fundamental Differences

  • IPv4 (Internet Protocol version 4): This is the most common version today, appearing as four decimal numbers separated by dots (e.g., 192.168.1.10). Each number group has a value from 0 to 255. There are approximately 4.3 billion IPv4 addresses in total, and they are gradually being depleted.
  • IPv6 (Internet Protocol version 6): Developed to address the IPv4 address exhaustion problem. IPv6 is longer (e.g., 2001:0db8:85a3:0000:0000:8a2e:0370:7334), opening up a nearly infinite address space. However, in this article, I will focus on IPv4 as it remains the foundation for many enterprise networks and is the most fundamental for new SysAdmins.

Public IP and Private IP – The Boundary Between Internal Network and Internet

  • Private IP: These are addresses used within your local area network (LAN). Common Private IP ranges:
    • 10.0.0.0 to 10.255.255.255 (Class A)
    • 172.16.0.0 to 172.31.255.255 (Class B)
    • 192.168.0.0 to 192.168.255.255 (Class C)

    Devices within the internal network can communicate with each other using Private IPs. These addresses cannot be directly accessed from the Internet. Your router performs NAT to convert Private IPs to Public IPs when accessing the Internet.

  • Public IP: This address is assigned to your network by the Internet Service Provider (ISP). It is globally unique, allowing your device (through the router) to connect and be visible on the Internet.

Practical example: Checking your machine’s IP on Linux

To find the IP address of an interface on Linux, use the ip a command (or ifconfig if you’re not yet familiar).


# Check all interfaces
$ ip a

# The output might look like this:
# 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
#     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
#     inet 127.0.0.1/8 scope host lo
#        valid_lft forever preferred_lft forever
# 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
#     link/ether 00:0c:29:1d:2a:13 brd ff:ff:ff:ff:ff:ff
#     altname enp0s25
#     inet 192.168.1.10/24 brd 192.168.1.255 scope global dynamic ens33
#        valid_lft 42805sec preferred_lft 42805sec
#     inet6 fe80::20c:29ff:fe1d:2a13/64 scope link 
#        valid_lft forever preferred_lft forever

# Here, "inet 192.168.1.10/24" is the IPv4 address of the ens33 interface. 
# "/24" is part of the Subnet Mask, which we will learn about next.

When I first started, I used to think knowing the IP was enough for computers to connect. But then, when the office experienced network issues, machines couldn’t "see" each other despite having IPs. That’s when I frantically realized that IP is only half the story.

2. Subnet Mask and Subnetting: Dividing Subnets for Better Management

Subnet Mask is an indispensable part of an IP address, used to determine which part is the network address (Network ID) and which part is the host address (Host ID) within an IP. In other words, it helps computers know "who their neighbors are" in the same subnet.

Why is Subnetting Necessary?

Subnetting is the process of dividing a large network into smaller subnetworks. This process offers several benefits:

  • Efficient Management: Divides the network into smaller segments, making it easier to manage groups of devices (e.g., creating separate networks for the accounting department, IT department, or server farm area).
  • Enhanced Security: Isolates groups of devices, limiting the spread of attacks or network incidents.
  • Reduced Broadcast Traffic: Each subnet has its own broadcast domain, significantly reducing broadcast traffic across the entire network.
  • IP Address Conservation: Optimizes IP address allocation, avoiding waste.

How Subnet Mask Works (Simple Explanation)

A Subnet Mask is also a 32-bit address (for IPv4), but unlike an IP, it’s formed by a sequence of consecutive 1 bits, followed by a sequence of consecutive 0 bits.

  • The 1 bits correspond to the Network ID.
  • The 0 bits correspond to the Host ID.

When you perform a logical AND operation between the IP address and the Subnet Mask, the result yields the Network Address, which is the address representing that entire subnet.

Example:

  • IP Address: 192.168.1.10
  • Subnet Mask: 255.255.255.0

In binary:

  • IP: 11000000.10101000.00000001.00001010
  • Subnet Mask: 11111111.11111111.11111111.00000000
  • Result (Network Address): 11000000.10101000.00000001.00000000 (i.e., 192.168.1.0)

All devices sharing the same Network Address (identical network portion of the address) will reside within the same subnet and can communicate directly with each other.

CIDR (Classless Inter-Domain Routing) Notation

Instead of writing the lengthy Subnet Mask like 255.255.255.0, CIDR (Classless Inter-Domain Routing) notation is used. This is an integer following a forward slash (/), indicating the number of 1 bits in the Subnet Mask.

  • /24 is equivalent to 255.255.255.0 (with 24 bits set to 1)
  • /16 is equivalent to 255.255.0.0 (with 16 bits set to 1)
  • /8 is equivalent to 255.0.0.0 (with 8 bits set to 1)

Key Components of a Subnet

  • Network Address: The first address of the subnet, where all Host ID bits are 0. (Example: 192.168.1.0/24)
  • Broadcast Address: The last address of the subnet, where all Host ID bits are 1. Used to send messages to all devices in the subnet. (Example: 192.168.1.255/24)
  • Host Range: The available IP addresses for devices in the subnet (from Network Address + 1 to Broadcast Address – 1). (Example: 192.168.1.1 to 192.168.1.254 for /24)

Example: Subnet Analysis


# This is not executable code, but an example calculation

# IP: 192.168.10.50
# Subnet Mask: /27 (27 bits set to 1)
# => 11111111.11111111.11111111.11100000 (255.255.255.224)

# Binary of the last Octet:
# IP Octet 4: 50 = 00110010
# Mask Octet 4:   = 11100000

# Logical AND operation:
# Network ID Octet 4: 00100000 (32)
# Host ID Octet 4:    00000010 (2)

# Therefore:
# Network Address: 192.168.10.32
# Broadcast Address: 192.168.10.63 (all Host ID bits are 1: 00111111)
# Number of usable hosts: (2^(32-27)) - 2 = 2^5 - 2 = 32 - 2 = 30 hosts
# Host Range: 192.168.10.33 - 192.168.10.62

I recall a time when a colleague mistakenly configured the subnet mask from /24 to /27 for a group of client machines. The result was an entire department losing network connectivity simply because the machines could no longer "see" the gateway in the same subnet. A clear understanding of subnets will help you avoid such basic and frustrating errors.

3. Gateway: The Door to the Outside World

Gateway (Default Gateway or Connection Gateway) is the IP address of the device (usually a router) to which devices on your network will send all packets. This occurs when they want to communicate with a device outside the current subnet. In other words, the Gateway is the "door" that helps devices in your LAN access the Internet or other subnets.

Default Gateway – The Only Exit

Every device in a subnet needs to know the Default Gateway address. When a computer wants to send data to an IP not within its own subnet (based on the IP and Subnet Mask calculation), it automatically sends that packet to the Default Gateway. The Gateway then takes responsibility for routing that packet to its destination.

Practical example: Checking the Default Gateway on Linux

To see the Default Gateway of a Linux machine, you can use the ip route show or route -n commands.


# Check the routing table
$ ip route show

# The output might look like this:
# default via 192.168.1.1 dev ens33 proto dhcp metric 100 
# 192.168.1.0/24 dev ens33 proto kernel scope link src 192.168.1.10 metric 100 

# The first line "default via 192.168.1.1 dev ens33" tells us 
# the Default Gateway is 192.168.1.1, and it is accessed via the ens33 interface.

# Or use the route -n command (older but still useful)
$ route -n

# Output:
# Kernel IP routing table
# Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
# 0.0.0.0         192.168.1.1     0.0.0.0         UG    100    0        0 ens33

# The line with Destination 0.0.0.0 is the Default Gateway, 
# with the address 192.168.1.1.

In my datacenter, servers often have multiple network interfaces and different gateways for specific purposes (e.g., one gateway for the management network, another for the data network). Incorrectly configuring a gateway on a server can cause it to lose connection to external services or even the Internet. Diagnosing errors in this case requires a clear understanding of the packet flow through the gateway.

Practice: Configuring Static IP, Subnet, Gateway on Linux

In a server environment, we typically configure static IPs instead of DHCP to ensure IP addresses don’t change and are easy to manage. Below is how you can configure a static IP temporarily (until reboot) or permanently on a Linux system (e.g., Ubuntu Server or CentOS/RHEL).

Temporary configuration (using the ip command)

This is the fastest way to set up IP, suitable for testing or troubleshooting. These configurations will be lost when you reboot the machine.


# Assume the interface is ens33
# 1. Assign IP Address and Subnet Mask
# ip addr add [IP_Address]/[CIDR_Mask] dev [Interface_Name]
$ sudo ip addr add 192.168.1.100/24 dev ens33

# 2. Set Default Gateway
# ip route add default via [Gateway_IP] dev [Interface_Name]
$ sudo ip route add default via 192.168.1.1 dev ens33

# 3. Activate the interface (if not already UP)
$ sudo ip link set ens33 up

# Verify configuration
$ ip a show ens33
$ ip route show

Permanent configuration (example with Netplan on Ubuntu/Debian)

For modern Debian/Ubuntu systems, Netplan is the primary tool for network configuration. You will edit the .yaml file in the /etc/netplan/ directory.


# Open the Netplan configuration file (file name may vary, e.g., 00-installer-config.yaml)
# $ sudo nano /etc/netplan/00-installer-config.yaml

# Add or edit content as follows:
network:
  version: 2
  renderer: networkd
  ethernets:
    ens33: # Your interface name
      dhcp4: no # Disable DHCPv4
      addresses: [192.168.1.100/24] # IP Address and CIDR Mask
      routes:
        - to: default # This is the Default Gateway
          via: 192.168.1.1
      nameservers:
        addresses: [8.8.8.8, 8.8.4.4] # DNS Servers

After editing the file, apply the configuration:


$ sudo netplan apply

For CentOS/RHEL systems, you will edit the configuration file in /etc/sysconfig/network-scripts/ (e.g., ifcfg-ens33) or use nmcli.

Conclusion

IP, Subnet, and Gateway are not just dry theoretical terms. They are the foundation for all computer network operations. As a SysAdmin, grasping every detail of these concepts will make you much more confident when building, managing, and troubleshooting network systems, whether for a small office or a complex datacenter. Don’t hesitate to invest time in practicing and understanding them deeply, as it’s a valuable investment for your career.

Share:
Tags: