The Complete Guide to IPv4 Subnetting


IP networks are made up of groups of IP addresses which get allocated to devices. The division of addresses is called subnetting. A single group, or subnet, could contain just a couple of IP addresses or thousands depending on what devices will be a part of it. Routers separate different subnets.

Why do we use subnets?

Subnets allow us to group logically distinct parts of the network. For example:

Planning subnets for a network.

  1. What is our address space?

  2. How many subnets do we need?

  3. How many hosts will be on each subnet?

Here we focus on subnets which are all the same size. Making subnets the same size can make life easier, but it can also waste address space if you actually have different numbers of hosts on each subnet.

How many subnets

The number of subnets you require will be a combination of business needs (security, physical location, organization structure) and network design.

Business Needs

There can be business reasons for how you define subnets. From a security perspective, you may want to have finance and human resources hosts on different subnets from the rest of your users. This architecture provides layer three separation as part of a ‘defense in depth’ strategy making it harder for bad actors to reach important information on the network. If you have a network which is spread across different locations, they should probably have distinct subnets to help manage routing between the sites. Finally, if you’re a large technical organization, then different teams may want their own IP space. Then they can manage their own infrastructure without worrying about interfering with other parts of the company.

Network Design

Routers separate subnets so your subnet implementation will depend on where you have routers in the network. For a small network, you may have a few subnets connected to a single router which also allows traffic to and from the internet. Each different VLAN you have will also need to be assigned a subnet.

If you have multiple sites or large sites, then you will probably have multiple routers which may have point-to-point (P2P) links configured between them. Each P2P link will also need its own subnet. Different types of WAN link may or may not need individual subnets between each site depending on your setup.

This approach can result in some subnets having many hosts whilst others (such as P2P links) only have a couple.

IP Addresses and Binary

Although it is often easiest to represent IP addresses in dotted-decimal (e.g., sometimes we must consider their binary representation. To do this, we represent each octet as 8 bits in binary and then combine them to make a single 32-bit number. Example


| 128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |
   0     1    1    1   1   1   1   1

64 + 32 + 16 + 8 + 4 + 2 + 1 = 127


| 128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |
   0     0    0    0   0   0   0   0


| 128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |
   0     0    0    0   0   0   0   0


| 128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |
   0     0    0    0   0   0   0   1

Then we combine them, starting with the most significant number which is the first octet:

01111111 00000000 00000000 00000001

Defining a Subnet

With subnetting, we can imagine splitting any IP address into two parts: network, subnet and host.

For example, the bits could be allocated as follows:

n = network bits
s = subnet bits
h = host bits

The number of bits allocated for each part will vary according to requirements and limitations as discussed below.

In some contexts, we treat the address as two parts: network (or subnet) and host. For example:

n = network/subnet bits
h = host bits

Network Portion of an IP Address

The Network portion of the address is fixed by the address space you have available – either allocated by your service provider or the private network which you are using internally. For example, if you are using the private address range, the network portion is the ‘10’ which is the first 8 bits of the address.

Subnet Portion of an IP Address

As the network architect, you get to decide the length of the next part of the address. You will need to consider how many subnets you need. Here we’re assuming that each subnet is the same size. We must allocate enough bits of the address to the subnet portion to support the number of different subnets which we need. We can work this out as follows

2 ^ n >= x
n is the number of bits allocated
x is the number of subnets required

For example, if we need eight subnets (x = 8) then we could allocate 3 bits (n = 3):

2 ^ 3 = 8

The quickest way to work out the number of bits required is to remember the powers of two (and you’ll have to round up).

Hosts of a Subnet

The final bits of the address form the host portion. The more host bits you have, the more hosts can be on the subnet.

Network and Broadcast Addresses

In each subnet, there are two addresses which are reserved: the network address and the broadcast address. These addresses cannot be assigned to hosts.

The network address is the first address in the subnet range. It is given by setting all of the host bits to zero.

The broadcast address is the last address in the subnet range. It is given by setting all of the host bits to one.

Network Address Example


Broadcast Address Example


Number of Hosts on a Subnet

Because we must account for the fact that we can’t use the first and last addresses in a subnet range, the total number of hosts supported by a subnet is calculated as

(2 ^ m) – 2 = y
m is the number of host bits
y is the number of IP addresses available for hosts

Subnet masks

When we are configuring a router or assigning IP addresses to other people, we need an easy way of describing how many bits are available for hosts and how many are fixed (the network/subnet portion). We do this with subnet masks. A subnet mask is another binary number which uses ones to represent fixed parts of the address (network/subnet bits) and zeros to represent the host bits.

Subnet Mask Example

If we have been allocated a 16 bit fixed network address and then define a subnet with a further 8 bits then our subnet mask would be as follows:


We typically convert this back to dotted decimal notation:

11111111 11111111 11111111 00000000
   255      255     255        0

Therefore, our subnet mask is If we were assigning the first subnet (0) with a network address of 10.10, then we could specify the subnet as follows:

The network address will be at The broadcast address is All hosts will be assigned addresses in the range of to

CIDR Notation

Specifying a full, dotted decimal subnet mask is not always the best way of describing a subnet. Classless Interdomain Routing (CIDR) is a term to describe the allocation of subnets using the network prefix and host bits – the system we discussed above. This approach replaced the historic policy of having classful networks with rigid assignments. CIDR notation describes a subnet by using a decimal number to specify the number of bits which define the network prefix of the address. The prefix length is indicated with a slash appended to the network address of the subnet. For example, has a prefix of 16 and defines the subnet from to

CIDR Example

Subnet Mask ( in Binary

11111111 11111111 11111111 00000000
Network Bits = 24
CIDR Notation:

Calculating a Subnet Based on Hosts

Sometimes we start with the number of hosts required rather than with the number of subnets. In this case, we must work out how many host bits we need to support the number of hosts. We can start with the equation used above. Then rearrange to account for the two hosts we lose due to the broadcast and network addresses. Finally, work out what power of two is required to have sufficient hosts.

(2 ^ m) – 2 = y
m is the number of host bits
y is the number of IP addresses available for hosts
2 ^ m = y + 2

For example, if we needed to support 50 hosts, y = 50, and we need to be in the private address space.

2 ^ m - 2 = y
m is the number of host bits
y is the number of IP addresses available for hosts

2 ^ m - 2= 50

Now we can try a few values of m, based on the powers of two that we know:

(2 ^ 5) - 2 = 32 – 2 = 30 which is too small
(2 ^ 6) - 2 = 64 – 2 = 62 which will support the 50 hosts we need

Now that we know the number of host bits required (y) is 6, we can find the number of network bits by subtracting y from 32.

Network Bits = 32 – Host Bits = 32 – 6 = 26

Therefore in CIDR notation, we could allocate the following subnet:

We can then use the network bits to calculate the full subnet mask:

    8       8        8     2
11111111 11111111 11111111 1100000000
   255     255       255      192

So we could specify the subnet as

Finally, we can calculate the network and broadcast addresses for this subnet:

   10       0         0        0
nnnnnnnn nnnnnnnn nnnnnnnn nnhhhhhh
00001010 00000000 00000000 00000000

The network address has all the host bits set to zero so it will be

For the broadcast address, we must ‘flip’ the host bits to be all ones. We don’t touch the network bits.

nnnnnnnn nnnnnnnn nnnnnnnn nnhhhhhh
00001010 00000000 00000000 00111111
   10       0        0        63

Therefore the first subnet range will be to with hosts from to

We could then choose to allocate the next range as, which would be from to

Other Lessons

Learn more by checking out these related lessons

A Beginner's Guide to Binary



How does IPv4 work?



NAT: Network Address Translation



RIP and RIPv2, The Routing Information Protocol



Routing Between VLANs



VLSM Subnetting in Networks




This lesson is part of the following courses.

Computer Networking Foundations