Subnetting Basics: IP Address Division and Network Segmentation
Learn IP subnetting basics including CIDR notation, subnet masks, network addresses, broadcast addresses, and how to divide networks for efficient IP allocation.
What Is Subnetting?
Subnetting divides a larger IP network into smaller, logical subnetworks. It serves the same purpose as organizing a large office building into numbered rooms and floors — it makes the space manageable, efficient, and secure. In networking terms, subnetting reduces broadcast traffic by containing it within smaller segments, improves security by isolating different parts of a network, and conserves IP addresses by allocating them in appropriately sized blocks.
Every device connected to the internet or a local network needs a unique IP address. Subnetting is the technique that allows network administrators to allocate these addresses efficiently. Without subnetting, large organizations would waste millions of addresses, and the internet would have run out of IPv4 address space decades earlier than it actually did.
IP Addresses and Binary Basics
An IPv4 address is a 32-bit number, typically written as four decimal octets separated by dots (e.g., 192.168.1.1). Each octet represents 8 bits, with values from 0 to 255. The address has two parts: the network portion (identifies the network) and the host portion (identifies the specific device on that network). The subnet mask determines where the boundary between these two parts falls.
Understanding binary is essential for subnetting. The decimal number 192 in binary is 11000000. The subnet mask 255.255.255.0 in binary is 11111111.11111111.11111111.00000000 — the 1s represent the network portion, and the 0s represent the host portion. The number of 1s in the mask is written in CIDR notation: 192.168.1.0/24 means 24 bits of network (three octets) and 8 bits of hosts.
Swipe sideways to compare columns.
| CIDR | Subnet Mask | Binary Mask | Hosts per Subnet | Usable Hosts |
|---|---|---|---|---|
| /8 | 255.0.0.0 | 11111111.00000000.00000000.00000000 | 16,777,216 | 16,777,214 |
| /16 | 255.255.0.0 | 11111111.11111111.00000000.00000000 | 65,536 | 65,534 |
| /24 | 255.255.255.0 | 11111111.11111111.11111111.00000000 | 256 | 254 |
| /25 | 255.255.255.128 | 11111111.11111111.11111111.10000000 | 128 | 126 |
| /26 | 255.255.255.192 | 11111111.11111111.11111111.11000000 | 64 | 62 |
| /27 | 255.255.255.224 | 11111111.11111111.11111111.11100000 | 32 | 30 |
| /28 | 255.255.255.240 | 11111111.11111111.11111111.11110000 | 16 | 14 |
| /29 | 255.255.255.248 | 11111111.11111111.11111111.11111000 | 8 | 6 |
| /30 | 255.255.255.252 | 11111111.11111111.11111111.11111100 | 4 | 2 |
Subnet Calculation Fundamentals
Three key values define each subnet: the network address (the first address, which identifies the subnet itself, all host bits set to 0), the broadcast address (the last address, used to send to all hosts in the subnet, all host bits set to 1), and the usable host address range (all addresses between network and broadcast). The number of usable hosts per subnet is 2^h — 2, where h is the number of host bits. Two addresses are subtracted because the network and broadcast addresses cannot be assigned to devices.
To subnet a /24 network (192.168.1.0/24) into /26 subnets: each /26 has 64 total addresses, 62 usable. The first /26 subnet is 192.168.1.0/26 (network 192.168.1.0, broadcast 192.168.1.63, usable hosts 192.168.1.1-192.168.1.62). The second is 192.168.1.64/26 (network 192.168.1.64, broadcast 192.168.1.127, usable 192.168.1.65-126). And so on — four /26 subnets from one /24.
Swipe sideways to compare columns.
| Subnet | Network Address | Usable Range | Broadcast Address | Usable Hosts |
|---|---|---|---|---|
| 1st /26 | 192.168.1.0 | 192.168.1.1 — .62 | 192.168.1.63 | 62 |
| 2nd /26 | 192.168.1.64 | 192.168.1.65 — .126 | 192.168.1.127 | 62 |
| 3rd /26 | 192.168.1.128 | 192.168.1.129 — .190 | 192.168.1.191 | 62 |
| 4th /26 | 192.168.1.192 | 192.168.1.193 — .254 | 192.168.1.255 | 62 |
Variable Length Subnet Masking (VLSM)
VLSM allows subnets of different sizes within the same major network. Instead of dividing a /24 into four equal /26 subnets, you can create a mix: a /25 (126 usable hosts for a large department), two /26s (62 usable hosts each for medium departments), and two /28s (14 usable hosts each for small teams). VLSM conserves addresses by matching subnet size to actual need.
The key rule is that subnets must not overlap and must be contiguous in the address space. When using VLSM, start with the largest subnet requirement, allocate it, and then fit the smaller subnets into the remaining space. This requires careful planning and documentation to avoid accidental overlaps that cause routing problems.
Practical Benefits of Subnetting
Subnetting improves network performance by reducing broadcast domain size. In a flat /8 network with 16 million possible hosts, every devices ARP request would be heard by every other device on the network — overwhelming the network with broadcast traffic. Splitting into smaller subnets confines broadcast traffic to each subnet, preserving bandwidth for productive data.
Subnetting also enhances security. Different departments (finance, HR, engineering) can be placed on separate subnets with router access control lists controlling traffic between them. A compromised device in one subnet cannot directly access devices in another subnet without passing through a firewall. This network segmentation is a fundamental security principle.
Calculate Subnets
Subnet CalculatorUse our Subnet Calculator to compute network addresses, broadcast addresses, usable host ranges, and subnet masks for any IP and CIDR prefix length.Frequently Asked Questions
What is the difference between a subnet mask and CIDR notation?
They represent the same information in different formats. The subnet mask 255.255.255.0 is equivalent to /24 CIDR notation. CIDR notation is more compact and is now the standard way to specify subnets in most networking documentation and configuration.
Why are two addresses reserved in each subnet?
The first address (all host bits 0) is the network address, used by routers to identify the subnet. The last address (all host bits 1) is the broadcast address, used to send packets to all devices on the subnet simultaneously. Neither can be assigned to a device interface, hence the -2 in the usable host count.
Can I use a /31 subnet for point-to-point links?
Yes. A /31 subnet has only 2 total addresses (0 usable hosts normally), but RFC 3021 allows /31 for point-to-point links where there are exactly two devices. In this case, both addresses are usable because there is no practical need for a separate network or broadcast address. This conserves addresses for router-to-router connections.