Part 1 of 2: Translating an IP Address into an IP Address Range
As someone who works with Google Analytics, it is often necessary to block IP addresses for a particular account. If like me, you are ever given an IP address with a network prefix to exclude from a Google Analytics account, it will often be given to you in the following slash notation format:
Obviously you are going to need to convert this into an IP address range to exclude.
But how exactly do you do this? Isn't it just the same as excluding a regular IP address in GA?
If you're in a hurry the easy way is with a calculator, such as these:
http://jodies.de/ipcalc - This is a simple calculator and gives you the network address, first and last host as well as the broadcast address.
http://www.subnetmask.info/ - More advanced than the above and provides hex and binary values for IP's too.
But just in case you don't have access to these then here is how you do it the good old fashioned way. There is a lot of information on the subject of subnetting however the aim of this guide is purely to focus on only the areas concerned with translating an address to filter out of Google Analytics and not to describe and evaluate everything you need to know about designing a network with subnets. We don't need to know how to divide up a range of addresses into different subnets or how to transfer one set of addresses to another IP range. We just need to know how to calculate the range of addresses when only given an IP with slash notation. You may find it easier to write these calculations down so you will need a piece of paper, a pen (or pencil) and possibly a calculator!
Fundamentals of IP's and Subnets:
Lets' start with some background theory. The next passage is going to explain the fundamentals of IP's and subnets and the relationship between their decimal and binary value. When talking about IP addresses it is worth noting that we are talking about IPv4 addresses and not IPv6. Once you're finished you should be confident in converting an 8 bit octet into binary – the basis of all subnetting calculations.
Example IP: 18.104.22.168/14
An IP address is a unique identifier given to a single device on an IP network. An IPv4 address consists of a 32-bit number which theoretically provides around 4.3 billion unique objects. But to make such a large address block easier to handle, it was chopped up into four 8-bit numbers, or decimal "octets," separated by a full stop. This is called dot decimal notation. Instead of 32 binary base-2 digits, which would be too long to read, it's converted to four base-256 digits. Octets are made up of numbers ranging from 0 to 255.
Think of an IP address as 4 blocks of numbers. Each blocks value is composed of the single use of any number from the following: 128, 64 , 32, 16, 8, 4, 2, 1. These values all go into making an 8 bit octet and when adding any combination of these together (each number can only be used once) a value of 0 – 255 can be made.
These octets are most easily understood when converted to binary. Binary works by assigning either a 1 or 0 to each value within the octet depending on if the value is needed.
For instance the first octet in the example IP address above is 192. To convert this to binary we would need to look at the number in relation to its binary bits. Starting from the left you will see that 192 = 128 + 64 ….
128 + 64 = 192
This principle can then be repeated on each of the four octets in the IP address.
With this theory in place we can now move on to explaining the whole process of converting an IP address with a network prefix into a Google Analytics friendly format.
Step 1: Convert the IP address to binary
The address is: 22.214.171.124 when converting to binary this appears as:
Step 2: Represent the network prefix in binary and convert to decimal Subnet Mask
The subnet mask not only determines the size of a subnet, but it can also help you determine where a subnet starts and finishes if you're given any IP address within that subnet. The reason it's called a subnet "mask" is that it literally masks out the host bits and leaves only the Network ID that begins the subnet. Once you know the beginning of the subnet and how big it is, you can determine the end of the subnet, which is the Broadcast ID. The subnet simply tells you how many IP addresses there are on any given subnet.
The network prefix is: /14
The routing prefix of an address is written in a form identical to that of the address itself. This is called the network mask, or netmask, of the address. For example, a specification of the most-significant 14 bits of an IPv4 address, 11111111.11111100.00000000.00000000, is written as 255.252.0.0. If this mask designates a subnet within a larger network, it is also called the subnet mask. This form of denoting the network mask, however, is only used for IPv4 networks.
The modern standard form of specification of the network prefix, used for both IPv4 and IPv6, counts the number of bits in the prefix and appends that number to the address with a slash (/) separator:
- 192.168.0.0, netmask 255.252.0.0 is written as 192.168.0.0/14
In simple terms, in order to calculate the subnet mask from a network prefix we must count left along the number of bits to add up the octal values:
The subnet mask is therefore: 255.252.0.0
Step 3: Calculate the Wildcard:
The wildcard is basically the remaining value of the unused bits from the subnet mask. It is not commonly used but is a good way of double checking your sums and also when calculated gives you an easy way of working out the end of the network range.
If you add up the unused bits then this value when added to the subnet mask would give you: 255.255.255.255 – the wildcard is the inverse of the subnet mask. Looking at the diagram above we can see that only the first 14 bits were used, this means the wildcard consists of the last 18 bits. By switching the first 14 bits back to 0's and by switching the last 18 bits 0's to 1's this gives us the inverse of the subnet:
Wildcard: 0.3.255.255 – we know this is correct without a diagram as adding it to the subnet gives us: 255.255.255.255
We now have all the values we need to calculate all the address that tell us what the network range is!
Step 4: Add the binary IP address to the subnet mask
When adding together binary values place the IP value above the subnet mask. The only value that can be used is a 1 or a 0. The outcome of a sum can only be a 1 if two 1's are added together anything else is always represented as a 0. For instance:
1 + 1 = 1
0 + 1 = 0
1 + 0 = 0
0 + 0 = 0
With this principle in mind the total of the combined binary value is as follows:
Converted back to decimal this is: 126.96.36.199
So we can now confirm the starting IP address for the range to be blocked as the above value.
Step 5: Add the Wildcard value to the network address
To finally work out what the last address is in the network (the broadcast IP) we must add the numbers together of the Wildcard and the Network Address previously calculated. Adding the decimal values together which gives us:
Filling in the gaps for completions sake here is what we now know:
• Starting IP with Prefix: 188.8.131.52 /14
• Subnet Mask: 255.252.0.0
• Wildcard: 0.3.255.255
• Network: 184.108.40.206 – always the first address in the range
• First Host: 220.127.116.11 – first available to use by a computer or network device
• Last Host: 18.104.22.168 – last available to use by a computer or network device
• Broadcast Host: 22.214.171.124 – always the last address in the range
The values needed to input into a Google Analytics filter would be:
126.96.36.199 to 188.8.131.52
In part two we will cover the process of creating a filter that can be used to block any given IP address range from Google Analytics.