Subnetting is the practice of dividing a network into smaller networks called subnets. It's fundamental to network design, allowing efficient use of IP addresses, improved security through segmentation, and better network performance.
Why Subnet?
Efficient address allocation: Without subnetting, you'd waste addresses. A small office doesn't need 16 million addresses from a Class A network.
Security isolation: Subnets create boundaries. Devices in different subnets must go through a router (and firewall rules) to communicate.
Reduced broadcast traffic: Broadcasts only reach devices within the same subnet, reducing network noise.
Simplified management: Logical groupings (departments, floors, device types) make troubleshooting and policy enforcement easier.
IP Address Basics
An IPv4 address is 32 bits, written as four decimal octets: 192.168.1.100
Each octet represents 8 bits (values 0-255):
192.168.1.100 = 11000000.10101000.00000001.01100100
Every IP address has two parts:
- Network portion: Identifies which network
- Host portion: Identifies which device on that network
The subnet mask determines where the network portion ends and the host portion begins.
Subnet Masks
A subnet mask is also 32 bits. Ones represent the network portion; zeros represent the host portion.
IP: 192.168.1.100 = 11000000.10101000.00000001.01100100
Mask: 255.255.255.0 = 11111111.11111111.11111111.00000000
|------ Network -----|--- Host ---|
With this mask:
- Network: 192.168.1.0
- Host range: 192.168.1.1 - 192.168.1.254
- Broadcast: 192.168.1.255
- Usable hosts: 254
CIDR Notation
CIDR (Classless Inter-Domain Routing) notation appends the number of network bits:
192.168.1.0/24
The /24 means 24 bits for network, 8 bits for hosts. Common CIDR blocks:
| CIDR | Subnet Mask | Hosts |
|---|---|---|
| /8 | 255.0.0.0 | 16,777,214 |
| /16 | 255.255.0.0 | 65,534 |
| /24 | 255.255.255.0 | 254 |
| /25 | 255.255.255.128 | 126 |
| /26 | 255.255.255.192 | 62 |
| /27 | 255.255.255.224 | 30 |
| /28 | 255.255.255.240 | 14 |
| /29 | 255.255.255.248 | 6 |
| /30 | 255.255.255.252 | 2 |
Calculating Subnets
Formula
Hosts per subnet = 2^(host bits) - 2
We subtract 2 because the first address (network address) and last address (broadcast) can't be assigned to hosts.
Example: Subnet a /24 into Four Subnets
Starting network: 192.168.1.0/24 (254 hosts)
We need 4 subnets, so we need 2 extra bits (2^2 = 4):
- Original: /24
- New: /26 (adding 2 bits to network portion)
Each /26 subnet has 62 usable hosts (2^6 - 2 = 62):
192.168.1.0/26 → Hosts: .1-.62, Broadcast: .63
192.168.1.64/26 → Hosts: .65-.126, Broadcast: .127
192.168.1.128/26 → Hosts: .129-.190, Broadcast: .191
192.168.1.192/26 → Hosts: .193-.254, Broadcast: .255
Finding Network and Broadcast Addresses
- Convert IP and mask to binary
- AND them together to get the network address
- Set all host bits to 1 for broadcast address
Example: What network is 192.168.1.100/26 in?
IP: 192.168.1.100 = 11000000.10101000.00000001.01100100
Mask: 255.255.255.192 = 11111111.11111111.11111111.11000000
AND: 192.168.1.64 = 11000000.10101000.00000001.01000000
Network: 192.168.1.64
Broadcast: 192.168.1.127 (host bits all 1s)
Private Address Ranges
RFC 1918 defines private IP ranges not routed on the internet:
10.0.0.0/8 → 10.0.0.0 - 10.255.255.255
172.16.0.0/12 → 172.16.0.0 - 172.31.255.255
192.168.0.0/16 → 192.168.0.0 - 192.168.255.255
Use these for internal networks. They're translated to public IPs via NAT at your router.
VLSM: Variable Length Subnet Masking
Real networks have different size requirements. VLSM lets you use different subnet sizes within the same network:
Engineering (50 hosts): 192.168.1.0/26 (62 usable)
Sales (25 hosts): 192.168.1.64/27 (30 usable)
Management (10 hosts): 192.168.1.96/28 (14 usable)
Server room (5 hosts): 192.168.1.112/29 (6 usable)
Always allocate largest subnets first to avoid fragmentation.
Common Subnet Sizes by Use Case
| Use Case | CIDR | Hosts | Notes |
|---|---|---|---|
| Point-to-point link | /30 | 2 | Router-to-router connections |
| Small server VLAN | /28 | 14 | Database servers, management |
| Department | /26-/24 | 62-254 | Typical office floor |
| Large campus | /22-/20 | 1,022-4,094 | Building or campus |
IPv6 Subnetting
IPv6 addresses are 128 bits, typically written in hex:
2001:0db8:85a3:0000:0000:8a2e:0370:7334
Standard practice allocates /64 to each subnet (enormous host space). Organizations receive /48 or larger, giving 65,536 possible /64 subnets.
Tools for Subnetting
Manual calculation builds understanding, but use tools for accuracy:
Our Subnet Calculator provides:
- Network and broadcast addresses
- Usable host ranges
- Binary representations
- VLSM planning assistance
Input any IP and CIDR to instantly see all subnet details.
Key Takeaways
- Subnet masks divide network and host portions
- CIDR notation shows network bits (e.g., /24 = 24 network bits)
- Usable hosts = 2^(host bits) - 2
- Use VLSM for efficient allocation across different-sized networks
- Private ranges (10.x, 172.16-31.x, 192.168.x) for internal networks
Subnetting is a core networking skill. Understanding it helps you design efficient networks, troubleshoot connectivity issues, and pass networking certifications.