Home Network Server Virtualization Bandwidth Storage Software FREE NETWORK TOOLS!

Search this website …

#Net ow Tools #NMS Tools #Realtime Bandwidth Monitor #IP Address Mgmt

Introduction to Subnetting – How to Calculate

Subnets, CIDR, VLSM and More!
By James Cox / Last Updated: January 15, 2020 KEEP AN EYE ON YOUR NETWORK!

LATEST FREE DOWNLOADS

Kiwi Syslog Server

Real-Time Bandwidth Monitor

SCP Server

TFTP Server

SFTP Server

If there’s one topic that trips people up (both new and experienced) in the networking
industry, it is that of Subnetting.

One of the reasons this happens is that one has to perform (mental) calculations in
decimal and also binary. Another reason is that many people have not had enough
practice with subnetting.

In this article, we will discuss what Subnetting is, why it came about, its usefulness, and
how to do subnetting the proper way. To make this article as practical as possible, we
will go through many examples.

Note: While subnetting applies to both IPv4 and IPv6, this article will only focus on
IPv4. The same concepts explained here can be applied to IPv6. Moreover, subnetting
in IPv6 is more of a want rather than a necessity because of the large address space.

Overview of IPv4 Addressing

Subnetting deals with IP addresses and so, it is natural to start any discussion on
subnetting with IP addresses. Just like a house number uniquely identifies a house on a
street, an IP address uniquely identifies a device on a network.

For example, any traffic with a destination IP address of 192.168.1.101 will be delivered
to PC1, while traffic addressed to 192.168.1.250 will be delivered to SERVER.

Note: This is an oversimplification of things just for understanding sake and refers to
Unicast (one-to-one) IPv4 addresses. Traffic sent to Multicast (one-to-many) and
Broadcast (one-to-all) IP addresses can be delivered to multiple devices. Also, features
like Network Address Translation (NAT) allow one IP address to be shared by multiple
devices.

To help your understanding of IP addresses and subnetting, you need to resolve the
following fact in your head: Computers think in binary, that is, 0s and 1s. Therefore,
even though we see an IP address represented like 192.168.1.250, it is actually just a
string of bits – 32 bits in total for IPv4 addresses.

To make them more readable for humans, IPv4 addresses are represented in dotted
decimal notation where the 32 bits are divided into 4 blocks of 8 bits (also known as an
octet), and each block is converted to a decimal number.

For example, 01110100 in binary is 116 in decimal:

Therefore, to a computer, the IPv4 address 192.168.1.250 is actually “11000000

10101000 00000001 11111010” (I only put the spaces to make it readable; the
computer doesn’t see spaces):

Back to 1983: IPv4 Address Classes

A unicast IPv4 address such as 192.168.1.250 can be divided into two parts: Network
portion and Host ID. So what does this mean? Well, IPv4 addresses were originally
designed based on classes: Class A to Class E. Multicast addresses are assigned from
the Class D range while Class E is reserved for experimental use, leaving us with Class
A to C:

Class A: Uses the first 8 bits for the Network portion leaving 24 bits for host IDs.
The leftmost bit is set to “0”.

Class B: Uses the first 16 bits for the Network portion leaving 16 bits for host IDs.
The two leftmost bits are set to “10”.

Class C: Uses the first 24 bits for the Network portion leaving 8 bits for host IDs.
The three leftmost bits are set to “110”.

Class Network Portion (Start) Network Portion (End) Network Portion (Range)

A 00000000 01111111 0-127

B 10000000 10111111 128-191

C 11000000 11011111 192-223

Note: The range of Class A is actually 1-126 because 0.x.x.x and 127.x.x.x are
reserved.

With these classes, a computer/device can look at the first three bits of any IP address
and determine what class it belongs to. For example, the 192.168.1.250 IP address
clearly falls into the Class C range.

Looking at the Host ID portion of the classes, we can determine how many hosts (or
number of individual IP addresses) a network in each class will support. For example, a
Class C network will ideally support up to 256 host IDs i.e. from 00000000 (decimal 0)
to 11111111 (decimal 255). However, two of these addresses cannot be assigned to
hosts because the first (all 0s) represents the network address while the last (all
1s) represents the broadcast address. This leaves us with 254 host IDs. A simple
formula to calculate the number of hosts supported by a network is:

So in those days, anyone who needed a network that supports up to 254 hosts can use
a Class C network. What if you only need 10 IP addresses? You still get a Class C
network. This wastage of IP addresses is even worse for Class B (65,534 usable IP
addresses per network) and Class A (16,777,214 usable IP addresses per network)!

Subnetting
What is Subnetting?
That issue of IP address wastage brings us to the topic at hand – Subnetting.
Subnetting allows you to create smaller network (sub networks; subnets) inside a
large network by borrowing bits from the Host ID portion of the address. We can use
those borrowed bits to create additional networks, resulting in smaller-sized networks.

Imagine I want to build a network that will support up to 30 devices in different

segments. Without subnetting, I will need four (4) Class C networks to support this
design. For example:

Network #1: 192.168.1.0

Network #2: 192.168.2.0

Network #3: 192.168.3.0

Network #4: 192.168.4.0

Each of these networks will support 254 IP addresses leading to a wastage of (254 * 4)
– (30 * 4) IP addresses i.e. 896 IP addresses!

If you look at the design requirement of 30 hosts per network, you will discover that I
only need 5 bits in the host ID portion of a Class C network to satisfy my requirement.

This means I still have 3 bits unused and with subnetting, I can use those three bits to
create smaller networks. For this example, let’s take the 192.168.1.0 network:

By borrowing 3 bits, I can create 8 subnets:

1. 192.168.1.0
2. 192.168.1.32
3. 192.168.1.64
4. 192.168.1.96
5. 192.168.1.128
6. 192.168.1.160
7. 192.168.1.192
8. 192.168.1.224

These subnet addresses probably look weird to you – they look like normal IP
addresses. However, looking at them in their binary form makes things clearer:

With subnetting, not only have we used only one Class C network, we have created 8
subnets from that network, each one supporting up to 30 hosts! We can use 4 of these
subnets for our network and reserve the remaining 4 subnets for future expansion. This
results in great waste reduction – from 896 wasted IP addresses to 120 reserved IP
addresses.

Subnet Masks
With what we have done, we have created a problem for computers and other
networking devices: how are they supposed to differentiate between a subnet
192.168.1.32 and an IP address 192.168.1.32? This is where subnet masks (also called
network masks) come in. A subnet mask is the representation of the network
portion of an address. It is also made up of 32 bits with all the bits that represent the
network portion being marked as 1s and the other parts marked as 0s.

For example, the subnet masks of the IP address classes are:

Class A: 255.0.0.0

Class B: 255.255.0.0

Class C: 255.255.255.0

Therefore, a Class C network of 192.168.1.0 can be represented as 192.168.1.0

255.255.255.0.

Note: It can also be represented using prefix length (CIDR) notation where only the 1s
that make up the network portion are counted and represented with a slash e.g.
192.168.1.0/24.

With subnetting, the borrowed bits from the host ID are counted as part of the network
bits. So if we revisit our example above again, the 192.168.1.32 subnet can be
represented as 192.168.1.32 255.255.255.224 (or 192.168.1.32/27)

By comparing the “turned on” bits (i.e. 1s) in the subnet mask to an IP address, a
network device can determine what network a particular IP address belongs to. For
example, the 172.17.250.145 IP address with a subnet mask of 255.255.248.0 belongs
to the 172.17.248.0 255.255.248.0 subnet:

A Note about CIDR

So far, we have talked about subnetting in terms of IPv4 address classes. This was just
to help with understanding – most networks today are classless. In a bid to slow down
the exhaustion of IPv4 addresses and also reduce the size of the Internet routing table,
the IETF introduced Classless Inter-Domain Routing (CIDR) in 1993 which basically did
away with classes. So with CIDR, we just have a network represented by a network
address and a prefix length e.g. 192.45.96.0/22.

Note: In the CIDR example I used above (192.45.96.0/22), this address block will be
seen as Class C in a classful network.

Why do we need subnetting?

Now that we have seen what subnetting is, let us consider some of the reasons we
create subnets:

Reduce wastage: As we have already seen, subnetting (and CIDR on a larger

scale) helps us conserve IP addresses. While this is very important on the Internet
(conserving public IP addresses), it is also useful on local area networks (LANs)
where private IP addresses are used.

Improve Network Performance: Subnetting improves the overall performance of a

network. The larger a network is, the busier (more congested) it is. Consider the
example of broadcasts – every host within an individual network will receive a
broadcast even when it is not meant for them. This can affect performance
especially during issues like broadcast storms. Therefore, the smaller the network,
the more you can contain such issues within the subnet.

Isolation: With smaller networks, you are able to isolate effectively as faults inside
one subnet will not necessarily spread into other subnets. This is also important
during security incidents so that even if one subnet is affected, the entire network is
not brought down.

Easier administration: Subnetting, when done properly, can make network

administration more effective. For example, a multinational organization can design
their network in such a way that each region is assigned an IP address block from a
larger address block and subnetting is used within regions to further divide the
blocks among networks. This kind of design also improves routing as the routers in
one region only need to know the “summarized” IP address block for other regions
rather than all the smaller IP address blocks. This reduces the size of the routing
table and ensures that fluctuations in one region do not affect the entire network.

Examples
To help our understanding of subnetting, let us take a couple of examples.

Minimum subnet size to accommodate a number of

hosts
You need to be able to design networks in such a way that there will be enough IP
addresses for the devices that will be used on the network. Of course, you can always
go for a large address block (e.g. /8) but like we already established, using smaller-
sized subnets is more efficient. As such, you must be able to determine the minimum
subnet size that will support a number of hosts on that subnet.

To do this, all you need is to determine the number of host bits to support the number of
hosts and this means counting in the order of 2. You should also remember to account
for the two (2) unusable IP addresses in a block which are used for the network address
and broadcast address.

The table below shows the number of usable IP addresses for /31 to /22 (i.e. 1 to 10
host bits). You can do the same calculation for other prefix lengths.

No. of Host Equivalent prefix Number of usable IP

Subnet Mask
Bits length addresses

1 /31 255.255.255.25421-2 = 0*

2 /30 255.255.255.25222-2 = 2

3 /29 255.255.255.24823-2 = 6

4 /28 255.255.255.24024-2 = 14

5 /27 255.255.255.22425-2 = 30

6 /26 255.255.255.19226-2 = 62

7 /25 255.255.255.12827-2 = 126

8 /24 255.255.255.0 28-2 = 254

9 /23 255.255.254.0 29-2 = 510

10 /22 255.255.252.0 210-2 = 1022

* To conserve IP addresses, /31 subnets can be used in cases where there is no need
for a network or broadcast address (e.g. point-to-point links). In effect, you can have 2
IP addresses in a /31 subnet if you use the network and broadcast addresses as IP
addresses. This is explained in RFC 3021 and supported by many vendors including
Cisco.

Using this table, we can determine that we need a minimum subnet size of /27 to
support 25 hosts, /29 to support 4 hosts, /25 to support 120 hosts, and so on.

Tip: When designing subnets, think about the future expansion of the network. Using a
/27 to support a network that needs 30 hosts does not allow for expansion. In such a
case, it may be better to use the next block size e.g. /26. Alternatively, you can reserve
the next /27 subnet in the sequence for future expansion.

Number of Subnets in an Address Block

Given an address block (network/prefix length), you can determine the number of
subnets that can be gotten from that address block as long as you know the subnet size
requirements. The formula for this is:

For example, we can get sixteen (16) /28 subnets from a /24 reference address block:

List of Subnets in an Address block

In the previous example, we determined the number of subnets that can be gotten from
a particular address block. Now, we need to determine what those subnets actually are.
To do this, we need to know the following things:

1. The octet in which a subnet exists

1st octet: /1 to /8

2nd octet: /9 to /16

3rd octet: /17 to /24

4th octet: /25 to /32

2. The maximum number of bits in the boundary (octet) in which the subnet belongs
1st octet: 8

2nd octet: 16

3rd octet: 24

4th octet: 32

3. The block size of the subnet

For example, a /28 subnet exists in the 4th octet. The maximum number of bits in that
octet is 32. Therefore, the block size is:

Here’s another example. A /18 subnet exists in the 3rd octet. The maximum number of
bits in that octet is 24. Therefore, the block size is:

We can now use this knowledge to list the subnets in a particular address block. For
example, what are the /27 subnets that exist in the 174.53.4.0/24 address block?

First, we know that there are eight (8) /27 subnets in a /24 address block (i.e. 227-24 = 23
= 8). Next, we can see that the /27 subnet exists in the 4th octet. The maximum number
of bits in that octet is 32. Therefore, the block size is:

Knowing this, we can now list the subnets by starting at first network of the given
block and incrementing by the block size in the 4th octet:

1. 174.53.4.0/27
2. 174.53.4.32/27
3. 174.53.4.64/27
4. 174.53.4.96/27
5. 174.53.4.128/27
6. 174.53.4.160/27
7. 174.53.4.192/27
8. 174.53.4.224/27

Let’s take another example. List the /23 subnets that exist in the 141.67.128.0/21
address block.

First, we know that there are four (4) /23 subnets in a /21 address block. Next, we can
see that the /23 subnet exists in the 3rd octet. The maximum number of bits in that octet
is 24. Therefore, the block size is:

Knowing this, we can now list the subnets by starting at first network of the given
block and incrementing by the block size in the 3rd octet:

141.67.128.0/23

141.67.130.0/23

141.67.132.0/23

141.67.134.0/23

Warning: You need to be careful about the “first network of the given block”. It must be
a multiple of the block size. For example, 128 is a multiple of 2. If you are not sure, start
at 0 and increase by the block size. For example, 141.67.0.0, 141.67.2.0, 141.67.4.0,
…, 141.67.126.0, 141.67.128.0, and so on.

Exercise #1: List the /13 subnets that exist in the 131.80.0.0/12 address block. (The
answer is at the end of the article.)

Address Range of Subnet

When you know the size of a subnet, it becomes easy to determine the valid addresses
in that subnet. We just need to add one (1) IP address to the subnet address and
subtract two (2) IP addresses from the next subnet address. We add 1 because the first
address is the network address and we subtract 2 instead of 1 because the last address
in a subnet is the broadcast address.

Note: The next subnet address is just the subnet plus the block size. Keep in mind that
this “next subnet address” may not be a valid address block.

For example, what is the valid address range of the 141.67.132.0/23 above? Since the
block size is 2, we know that the next subnet is 141.67.134.0/23. Therefore, the valid
address range is:

Start address: 141.67.132.0 + 1 = 141.67.132.1

End address: 141.67.134.0 – 2 = 141.67.133.254

Broadcast address: 141.67.134.0 – 1 = 141.67.133.255

Here’s another example. What is the valid address range of the 10.192.0.0/10 subnet?
Since the block size is 64, we know that the next subnet will be 10.256.0.0/10.
Therefore, the valid address range is:

Start address: 10.192.0.0 + 1 = 10.192.0.1

End address: 10.256.0.0 – 2 = 10.255.255.254

Broadcast address: 10.256.0.0 – 1 = 10.255.255.255

Note: In this example, the next subnet is 10.256.0.0 which is not a valid address block.
However, it helps with our calculation.

Exercise #2: What is the valid address range of the 192.168.58.0/28 subnet? (The
answer is at the end of the article.)

Variable Length Subnet Masks (VLSM)

So far, we have used subnetting to create fixed-size subnets e.g. four (4) /26 subnets
from one /24 block. However, the use of subnet masks and prefix lengths provide more
flexibility – we can create subnets of varying sizes from the same address block
i.e. VLSM.

Let us consider the following example. We are given a block of 172.16.1.0/24 and we
need to split it such that the following requirements are met:

A subnet that can accommodate 100 hosts

A subnet that can accommodate up to 55 hosts

Two subnets that can accommodate up to 12 hosts each

To solve this problem, start with the biggest block and keep going down. For example,
we need a minimum subnet of /25 to accommodate 100 hosts. Therefore, we can split
the 172.16.1.0/24 block into two subnets:

172.16.1.0/25

172.16.1.128/25

We can use the first subnet 172.16.1.0/25 for the 100 hosts leaving us with the other
subnet, 172.16.1.128/25.

The next largest subnet needs 55 hosts which can be accommodated with a /26 subnet.
This means we can split the 172.16.1.128/25 subnet into two smaller subnets:

172.16.1.128/26

172.16.1.192/26

We can use the 172.16.1.128/26 subnet for the network requiring 55 hosts leaving us
with the 172.16.1.192/26 subnet to further break down.

The two other networks require 12 hosts meaning we need a minimum of /28 subnets.
Therefore, we can split the 172.16.1.192/26 subnet into 4 smaller subnets:

172.16.1.192/28

172.16.1.208/28

172.16.1.224/28

172.16.1.240/28

Therefore, our subnets are:

172.16.1.0/25 for the network with 100 hosts

172.16.1.128/26 for the network with 55 hosts

172.16.1.192/28 for the first network with 12 hosts

172.16.1.208/28 for the second network with 12 hosts

This means we still have two subnets (172.16.1.224/28 and 172.16.1.240/28) to use in
the future.

Conclusion
This brings us to the end of this article where we have looked at subnetting in detail. We
began with an understanding of IPv4 addresses which led to one of the reasons we use
subnetting – to curb waste.

As we have seen, subnetting is really about math (binary, addition, subtraction, orders)
and to excel in it, you must be able to quickly do these calculations in your head (mental
math). We discussed how subnet masks and prefix lengths help move networks to a
classless nature. We then considered several subnetting examples that you will
encounter in your everyday networking life, including VLSM.

FREEBIE!
If you want to skip all this Math and Calculating, Grab a Free Subnet Calculator
Software from Below which will Speed up the Process immensely!

Keep in mind that, especially in certification exams, questions about subnetting are not
always as straightforward as we have looked at in this article. In many cases, you are
not given the subnet itself but an IP address on that subnet which means that you will
first need to determine the subnet on which the address sits.

Here are some tools to further your subnetting practice:

Subnetting Practice

Todd Lammle Subnet Practice

Answer to Exercises
Exercise #1:
List the /13 subnets that exist in the 131.80.0.0/12 address block.

Two (2) /13 subnets can be gotten from a /12 address block. /13 sits in the 2nd octet
which has a maximum number of bits of 16. Therefore, the block size is 8. As such, the
/13 subnets from the 131.80.0.0/12 block are:

131.80.0.0/13

131.88.0.0/13

Exercise #2:
What is the valid address range of the 192.168.58.0/28 subnet?

The block size is 16. Therefore, the next subnet will be 192.168.58.16/28. As such, the
valid address range is:

Start address: 192.168.58.0 + 1 = 192.168.58.1

End address: 192.168.58.16 – 2 = 192.168.58.14

Broadcast address: 192.168.58.16 – 1 = 192.168.58.15

James Cox

James Cox is the Editor at ITT Systems and has a Long History in the IT and Network
Engineering Field. He Boasts a long list of Credentials ranging from CompTIA
Certifications up to Cisco and VMWare points on his Resume.

QUICK LINKS INFO

Network Server Contact

Bandwidth Software About Us
Storage Virtualization Copyright

Privacy Policy

Terms of Use

© 2020 · ITT Systems · Built on the Genesis Framework