What Subnetting Is and Why It Exists
In the early internet, IP addresses were allocated in fixed class sizes — Class A (/8, ~16 million hosts), Class B (/16, ~65,000 hosts), and Class C (/24, 254 hosts). This was wasteful: an organisation that needed 300 hosts had to take an entire Class B block, leaving tens of thousands of addresses unused. It also created flat networks where every device could reach every other device directly, making security and traffic management difficult.
Subnetting solves both problems. By dividing a large address block into smaller subnets, you can:
- Match address allocation to actual need — assign a /28 (14 hosts) to a small server segment instead of wasting a /24 (254 hosts)
- Isolate network segments — place servers, workstations, and IoT devices on separate subnets with firewall rules between them
- Reduce broadcast domains — broadcast traffic stays within its subnet rather than reaching all devices on the network
- Enable hierarchical routing — routers summarise entire subnets into single routing table entries, keeping routing tables manageable
Modern networks — whether on-premises LANs, cloud VPCs, or hybrid environments — are built almost entirely from subnets. Understanding subnetting is not optional for anyone who configures network infrastructure.
IP Address Structure: Network and Host Bits
An IPv4 address is a 32-bit number, written as four groups of decimal digits separated by dots (dotted-decimal notation). Each group represents 8 bits (an octet), giving a range of 0–255 per octet.
192.168.10.45 in decimal
Binary breakdown:
192 = 11000000
168 = 10101000
10 = 00001010
45 = 00101101
Full 32-bit binary: 11000000.10101000.00001010.00101101
Those 32 bits are divided into two parts by the subnet mask:
- Network bits — the leftmost N bits that identify the network (subnet) the address belongs to. All addresses in the same subnet share the same network bits.
- Host bits — the remaining (32 − N) bits that identify the specific device within that network.
The subnet mask tells you where the dividing line is. A /24 mask means the first 24 bits are network bits and the last 8 bits are host bits.
Address: 192.168.10.45 = 11000000.10101000.00001010.00101101
Mask /24: 255.255.255.0 = 11111111.11111111.11111111.00000000
|----network (24 bits)----|--host--|
Network address: 192.168.10.0 (all host bits = 0)
Broadcast: 192.168.10.255 (all host bits = 1)
Usable hosts: 192.168.10.1 – 192.168.10.254 (254 addresses)
The network address (all host bits zero) and broadcast address (all host bits one) are reserved — they cannot be assigned to devices. Every subnet always loses 2 addresses to these reserved roles.
Subnet Masks Explained (Dotted-Decimal and CIDR)
A subnet mask is a 32-bit value where all network bits are set to 1 and all host bits are set to 0. It can be written in two equivalent formats:
Dotted-decimal: 255.255.255.0
CIDR prefix length: /24
Both say the same thing: 24 bits are network bits, 8 bits are host bits.
Converting between formats is straightforward: count the consecutive 1s from the left in the binary representation of the mask.
255.255.255.0 = 11111111.11111111.11111111.00000000 = /24 (24 ones)
255.255.255.128 = 11111111.11111111.11111111.10000000 = /25 (25 ones)
255.255.255.192 = 11111111.11111111.11111111.11000000 = /26 (26 ones)
255.255.255.224 = 11111111.11111111.11111111.11100000 = /27 (27 ones)
255.255.255.240 = 11111111.11111111.11111111.11110000 = /28 (28 ones)
255.255.0.0 = 11111111.11111111.00000000.00000000 = /16 (16 ones)
255.0.0.0 = 11111111.00000000.00000000.00000000 = /8 (8 ones)
CIDR notation (Classless Inter-Domain Routing) is the modern standard. It appends the prefix length directly to the IP address: 192.168.10.0/24 means "the subnet starting at 192.168.10.0 with a /24 mask."
CIDR Notation: What /24, /16, /8 Actually Mean
The prefix length directly determines two things: how many subnets you can create from a block, and how many hosts each subnet can hold.
Host count formula: 2^(32 − prefix) − 2
The minus 2 accounts for the reserved network address and broadcast address.
| CIDR Prefix | Subnet Mask | Total Addresses | Usable Hosts | Typical Use |
|---|---|---|---|---|
| /8 | 255.0.0.0 | 16,777,216 | 16,777,214 | Large ISP or enterprise allocation |
| /16 | 255.255.0.0 | 65,536 | 65,534 | Large campus or cloud VPC |
| /20 | 255.255.240.0 | 4,096 | 4,094 | Medium office or cloud subnet |
| /22 | 255.255.252.0 | 1,024 | 1,022 | Building or department |
| /23 | 255.255.254.0 | 512 | 510 | Medium VLAN |
| /24 | 255.255.255.0 | 256 | 254 | Standard office or server VLAN |
| /25 | 255.255.255.128 | 128 | 126 | Half a /24 — two segments from one block |
| /26 | 255.255.255.192 | 64 | 62 | Small VLAN or DMZ |
| /27 | 255.255.255.224 | 32 | 30 | Small server segment |
| /28 | 255.255.255.240 | 16 | 14 | Very small segment or point-to-point |
| /29 | 255.255.255.248 | 8 | 6 | Small infrastructure segment |
| /30 | 255.255.255.252 | 4 | 2 | Point-to-point WAN links |
| /31 | 255.255.255.254 | 2 | 2* | Point-to-point (RFC 3021 — no broadcast) |
| /32 | 255.255.255.255 | 1 | 1 | Single host route (loopback, firewall rule) |
/31 is a special case — RFC 3021 allows /31 subnets on point-to-point links without reserved network/broadcast addresses, giving 2 usable addresses instead of 0.
💡 Tip: Use our Subnet Calculator to instantly calculate network address, broadcast address, usable range, and host count for any CIDR block — useful for verifying manual calculations or quickly checking an unfamiliar prefix.
How to Calculate Subnet Ranges
Manual subnet calculation follows the same steps every time. Working through an example cements the process.
Example: What are the network details for 10.0.15.75/26?
Step 1: Determine the block size
The prefix is /26, meaning 26 network bits and 6 host bits. The number of addresses in the block: 2^6 = 64.
Step 2: Find the network address
The network address is found by zeroing out all host bits. With a /26, the last 6 bits of the address are host bits.
75 in binary: 01001011
Mask the host bits (zero out the last 6):
01001011
11000000 (the /26 mask's last octet — 192)
--------
01000000 = 64
Network address: 10.0.15.64
Step 3: Find the broadcast address
Add the block size minus 1 to the network address:
64 + 64 − 1 = 127
Broadcast address: 10.0.15.127
Step 4: Determine the usable host range
First usable: 10.0.15.65 (network + 1)
Last usable: 10.0.15.126 (broadcast − 1)
Total usable hosts: 64 − 2 = 62
Verification
Network: 10.0.15.64
First host: 10.0.15.65
Last host: 10.0.15.126
Broadcast: 10.0.15.127
Hosts: 62
10.0.15.75 falls within 10.0.15.65 – 10.0.15.126 — confirmed.
The block size shortcut
For any prefix /N where N ≥ 24, the block size in the last octet is 256 − (last octet of subnet mask).
/24: 256 − 0 = 256 (blocks start at 0)
/25: 256 − 128 = 128 (blocks start at 0, 128)
/26: 256 − 192 = 64 (blocks start at 0, 64, 128, 192)
/27: 256 − 224 = 32 (blocks start at 0, 32, 64, 96, 128, 160, 192, 224)
/28: 256 − 240 = 16 (blocks start at 0, 16, 32, 48 ... 240)
/29: 256 − 248 = 8 (blocks start at 0, 8, 16, 24 ... 248)
/30: 256 − 252 = 4 (blocks start at 0, 4, 8, 12 ... 252)
This shortcut lets you quickly identify which subnet block a given IP address falls into without binary arithmetic.
# Verify subnet details using ipcalc (Linux)
ipcalc 10.0.15.75/26
# Output:
# Address: 10.0.15.75
# Netmask: 255.255.255.192 = 26
# Network: 10.0.15.64/26
# HostMin: 10.0.15.65
# HostMax: 10.0.15.126
# Broadcast: 10.0.15.127
# Hosts/Net: 62
Common Subnets and Their Use Cases
/24 — The standard building block
A /24 provides 254 usable addresses and maps neatly to a single octet for easy mental arithmetic. It's the default choice for most VLANs, office segments, and server zones. The 192.168.x.0/24 pattern used in virtually every home and small office network is a /24.
/16 — The VPC and campus block
Cloud VPCs are commonly assigned /16 blocks (65,534 usable hosts), then divided into smaller subnets for different availability zones, tiers (web, app, database), or teams. On-premises campus networks similarly use /16 allocations divided into department /24s.
/30 — Point-to-point WAN links
Connecting two routers requires exactly 2 usable addresses — one for each end of the link. A /30 wastes only 2 addresses (network and broadcast) making it efficient for inter-router links.
/32 — Single host routes
A /32 represents exactly one IP address. Used for loopback interfaces, firewall rules targeting a single host, or BGP peering addresses. No subnetting arithmetic applies — it's a single point.
/27 to /29 — Small infrastructure segments
DMZ segments, management networks, and infrastructure zones that need only a small number of devices (firewalls, switches, load balancers) are often /27 or /28. These avoid wasting a full /24 on a segment that will never have more than 20 devices.
Variable-Length Subnet Masking (VLSM)
VLSM is the practice of using different prefix lengths within the same IP address space, allocating each subnet exactly the size needed rather than using uniform block sizes throughout. It is the standard approach for all modern network design.
Example: Dividing 10.10.0.0/22 (1,022 hosts) using VLSM:
| Segment | Required Hosts | Allocated Subnet | Usable Hosts | Addresses Used |
|---|---|---|---|---|
| Production servers | 200 | 10.10.0.0/24 | 254 | 256 |
| Development servers | 60 | 10.10.1.0/26 | 62 | 64 |
| Management network | 20 | 10.10.1.64/27 | 30 | 32 |
| DMZ | 10 | 10.10.1.96/28 | 14 | 16 |
| Router links | 2 | 10.10.1.112/30 | 2 | 4 |
| Total allocated | 372 | |||
| Remaining from /22 | 10.10.1.116 onwards | 652 free |
VLSM allows the entire 10.10.0.0/22 block to be used efficiently, with different segments receiving appropriately sized allocations instead of all being forced into /24s.
⚠️ Warning: When allocating subnets with VLSM, work from largest to smallest, and always align subnets to their natural boundaries. A /26 must start at an address that is a multiple of 64 (the block size). Misaligned subnets cause routing problems and are rejected by many routing protocols.
Private IP Ranges and Their Purpose
RFC 1918 reserves three address ranges for private use — they are never routed on the public internet and can be used freely within any private network. NAT (Network Address Translation) at the network boundary translates between private and public addresses.
| RFC 1918 Range | CIDR | Address Count | Common Use |
|---|---|---|---|
10.0.0.0 – 10.255.255.255 | 10.0.0.0/8 | 16,777,216 | Large enterprises, cloud VPCs |
172.16.0.0 – 172.31.255.255 | 172.16.0.0/12 | 1,048,576 | Medium enterprises, Docker default |
192.168.0.0 – 192.168.255.255 | 192.168.0.0/16 | 65,536 | Home networks, small offices |
Two additional ranges are worth knowing:
169.254.0.0/16(APIPA) — Link-local addresses assigned automatically when a device cannot reach a DHCP server. Seeing a169.254.x.xaddress always indicates a DHCP failure.127.0.0.0/8(Loopback) — Reserved for loopback interfaces.127.0.0.1is the standard loopback address; the entire /8 is reserved but only127.0.0.1is commonly used.
ℹ️ Note: Cloud providers (AWS, Azure, GCP) typically assign private RFC 1918 addresses to instances inside VPCs. The public IP used for internet access is handled by the provider's NAT or Elastic IP mechanisms — separate from the instance's private address. When you run an IP Lookup on a cloud instance's address, you'll see the public IP and its ASN, not the private RFC 1918 address.
For the routing context of how these private address spaces interact with public internet routing, see our ASN Lookup Explained guide, which covers how IP blocks are allocated and announced globally.
When diagnosing network paths, knowing whether an IP is private or public is the first step in interpreting traceroute output — private addresses at the start of a path indicate hops within your own network before traffic reaches the public internet.
Frequently Asked Questions
Q: What is the difference between a /24 and a Class C network?
A Class C network was the old classful designation for any network starting with bits 110 in the first octet — it always had a /24 mask and 254 hosts. CIDR replaced classful addressing entirely in the 1990s. A /24 today simply means a 24-bit prefix length — it may or may not align with a former Class C boundary. The terms are sometimes used interchangeably in informal conversation, but CIDR is the correct modern framework and does not recognise Class A/B/C.
Q: How many /27 subnets fit inside a /24?
A /24 has 256 addresses and a /27 has 32 addresses. 256 ÷ 32 = 8. Eight /27 subnets fit exactly inside a /24. The general formula: 2^(new_prefix − original_prefix) — so 2^(27−24) = 2^3 = 8.
Q: What does it mean when an IP is described as "out of the subnet"?
An IP address is out of a subnet when its network bits don't match the subnet's network address. For example, 10.0.15.130 is outside 10.0.15.0/26 (which covers 10.0.15.0 – 10.0.15.63) because the network address for 10.0.15.130/26 is 10.0.15.128, not 10.0.15.0. Devices on different subnets must communicate via a router — they cannot reach each other directly at Layer 2.
Q: Why do cloud VPCs typically use /16 blocks?
A /16 provides 65,534 usable addresses, giving enough space to carve out dozens of smaller subnets (/24s, /26s, /28s) for different availability zones, tiers, and workloads without running out of address space. Starting with a /24 in a VPC is a common mistake that leads to address exhaustion as the environment grows. Cloud architects recommend starting with a /16 and planning subnet allocation before provisioning anything.
Q: What is supernetting and how does it differ from subnetting?
Subnetting divides a larger block into smaller subnets (increasing the prefix length). Supernetting — also called route summarisation or aggregation — combines multiple smaller blocks into a single larger summary (decreasing the prefix length). For example, four /26 subnets (10.0.0.0/26, 10.0.0.64/26, 10.0.0.128/26, 10.0.0.192/26) can be summarised as 10.0.0.0/24. Supernetting reduces routing table size and is a fundamental BGP and OSPF optimisation technique.
Q: My device has address 169.254.x.x — what does that mean?
This is an APIPA (Automatic Private IP Addressing) address — assigned automatically by the operating system when it fails to obtain an address from a DHCP server. It means either the DHCP server is unreachable, the DHCP lease has expired, or there is no DHCP server configured for the network segment. Check physical connectivity, DHCP server status, and VLAN configuration. A 169.254.x.x address indicates a network configuration problem, not a valid assigned address.
Next Steps
Use our Subnet Calculator to practice with any CIDR block — enter a network and prefix length to instantly see the network address, broadcast, usable range, and host count. Use the CIDR Calculator to divide a block into subnets of a target size and see each subnet's details in sequence.
For the routing context of how subnets relate to the broader internet — how ISPs and cloud providers announce address blocks via BGP — see our ASN Lookup Explained guide.
To understand how subnets appear in real network path diagnostics, read our How to Read a Traceroute guide — traceroute hops often cross subnet and AS boundaries, and recognising private vs. public addresses in the output is a core diagnostic skill.
Browse all network guides on DNSnexus for related topics.