Remedial Networking 101: Subnetting

A while ago, there was a question on the /r/sysadmin subreddit asking for help learning IPv4 subnetting (in IPv6, there isn’t any subnetting unless you’re a provider or a large enterprise. Your networks are /64.)

While a lot of the replies were helpful, a disturbing number of sysadmins there expressed that they had no idea how to do it. They considered it “mysterious”. One commenter even said that he was hoping to skirt the issue for long enough until IPv6 was the dominant networking tool!

I answered the question, and a lot of people seemed to like the way I phrased it, so I thought I’d post a modified version of my answer here. Yes, IPv6 is coming, but we’ll all be running dual-stacks externally for a while, I’m afraid, so knowing how to manage subnets in IPv4 is still important.

The first step to really understanding IP addresses and subnetting is to let go of decimal notation. We understand base-10 because we have used it since we were first introduced to numbers, but really, an IP address is a string of 32 binary digits, and the same goes for a subnet mask.

An IP address has two parts: the network portion, which you can think of as a network identifier, and the host portion, which identifies that specific host in the network that it belongs to.

In order to know which part of the IP is the network portion and which part is the host portion, you MUST know the subnet mask, because in the binary representation of the subnet mask, everything that’s a 1 is the network portion of the address.

Lets look at the most typical case, where you have a home router setup with the router’s IP address being and there’s a subnet mask of The first step to understanding what’s going on is to convert both to binary: =    11000000.10101000.00000000.00000001 =  11111111.11111111.11111111.00000000

So, what this tells us is that the first 24 bits (each number, either 1 or 0, is a bit) of the IP address are the network portion, and the last 8 bits are the host portion…so you would say the network is, with a subnet mask of (incidentally, this subnet mask can be called either or /24, since there are 24 bits used, so it’s common to see – this latter notation is called CIDR (pronounced ‘cider’), short for Classless Interdomain Routing, not that it matters to this discussion). This implies some things…

Since there are only 32 bits possible in an IPv4 address, and with that network, 24 of them are used up by the network section, that leaves 8 bits for the host addresses. 28 is 256, but we start numbering at 0 (because in binary, 00000000 is 0), so the highest IP address we could have on the network is (because 11111111 is 255 in decimal).
Alright, that’s pretty straight forward, right? Right.

What becomes interesting is that getting a /24 isn’t common anymore. There aren’t many available (which is why we’re moving to IPv6). It’s much more likely that you’ll be given a much smaller network block, say, a /28. How does that map?

Well, suppose for a second that you are given How does that work out? Lets convert to binary and see…but first, lets figure out what a /28 is…

/28 looks like this in binary:  11111111.11111111.11111111.11110000 
And each octet, converted:        255     .  255   .  255   .   240 

This means the subnet mask, in decimal, is So, lets do the comparison we did before: = 11000000.10101000.00000000.00000000 = 11111111.11111111.11111111.11110000

So, what is the network portion, and what is the host portion? Remember, the network portion is anything where the subnet mask is a 1, and the host portion is anything where the subnet mask is a 0.

What this means for a /28 is that we have 16 possible host addresses (because there are 4 bits in the host portion, and 24 is 16). This means the first IP address is going to be (because 0000 is still 0) through (because 15 in binary is 1111).

Now, there are 16 addresses in that network, right? The problem is that, because of how IPv4 was designed, that you can’t use the first one and you can’t use the last one. The first address (where the host portion is all 0s, like 0000 in this example) is called the “network address”. The “network address” is what you use to refer to the entire network (in this case,, and remember to include the subnet mask!), so a single host can’t use it.

You also can’t use the last address, either, because that’s what is called the “broadcast address”. The broadcast address is always the address where all of the bits in the host section are 1s in the IP address (so in this case, it would be, since the last octet is 11110000 in the subnet mask, but in the IP address, it’s 00001111).

What you end up with, when putting it all together, is that there are 32 bits in an IP address. A good deal of them are taken up by the network portion assigned to you by your provider. If you get a /27, you instantly know that you can only have 30 hosts on that network (remember, you know because the network portion takes up 27 bits, leaving 5 for the host portion, and 25 is 32, but you can’t use the first and the last).

So, this covered the basics. Tell me, did it make it better or worse? Please let me know in the comments if (how?) I screwed up, and what I could do to make it better. Thanks!

  • Tim Cambrant

    It is indeed scary to see that such a great deal of sysadmins have no clue how to subnet. I am myself no sysadmin (I’m a Helpdesk Jockey) but from what I’ve been able to gather, subnetting is an absolute requirement to be able to build and maintain a computer network in a good way; a skill no network- or sysadmin should go without.

    The explanation seems fine, but I do think that quite a bit more practice would be necessary to know subnetting by heart. I recommend buying a good CCNA-book, which should provide you with enough good habits to not make many networking mistakes going about your daily routine. It will also give you in-depth knowledge of the RIP1-protocol and the likes, but that’s another scary story. :)

    This little tutorial, while posted over and over before, is pretty much the way I explain it when doing in-house training for my colleagues. The biggest lesson, however, is that IPv6 won’t come as a savior to allow you to not learn things thoroughly. The sysadmins who skipped out on subnetting (and with that, perhaps even understanding routing protocols?) I think have the mindset which will put them in a tricky situation when the IPv6-migration comes along. Great post however!

  • HiTim!

    You’re right, it’s not something that can be completely taught in a small blog post. You do need to practice, and I’m with you when recommending the CCNA stuff. Say what you will about Cisco, their classes do teach you how to network.

    Thanks for the comment!

  • Thank you! I will let my padawan read this. :)

  • Matt:

    This is pretty much the most understandable explanation of subnetting that I’ve seen. I wish that this had been in TLDP when I was first using Linux.


  • Tangkong

    I did learn about the theory of subnetting and Im pretty confident in the theory itself. However can you please show how it will be applied in a real world scenario (how the ISP provides the address range/which files to edit etc.)

  • Elmer: Great, pass along any questions he has!

    Chuck: Thanks very much, that’s high praise!

    Tangkong: An interesting idea….let me think about the best way to present that to you, and I’ll get on it.

  • steeef

    Good summary! I’ve let my CCNA cert expire, as I haven’t had an opportunity to use it all that often as an SA with only a few Cisco devices, but the IP subnetting portions have stuck with me. This was a good refresher too.

  • Will

    Another helpful concept is to realize that net masks are always defined at the bit boundaries of contigous bits. In decimal that means that subnet masks always end at one of the following numbers: (common for point to point networks)

    So for a /25 network you have 25 bits in a row: contiguous!


    You can’t have, for example:


    So if you memorize
    128, 192, 224, etc, and that each bit added or removed either doubles the hosts or networks, subnetting becomes very intuitive! Sort of. :)

  • mike

    I recommend the tool sipcalc for quickly displaying CIDR networks.

    Running through a few examples using this tool makes my life much easier.

    $ sudo port install sipcalc
    ---> Fetching sipcalc
    ---> Attempting to fetch sipcalc-1.1.4.tar.gz from
    ---> Verifying checksum(s) for sipcalc
    ---> Extracting sipcalc
    ---> Configuring sipcalc
    ---> Building sipcalc
    ---> Staging sipcalc into destroot
    ---> Installing sipcalc @1.1.4_0
    ---> Activating sipcalc @1.1.4_0
    ---> Cleaning sipcalc

    $ sipcalc
    -[ipv4 :] - 0

    Host address -
    Host address (decimal) - 182157824
    Host address (hex) - ADB8200
    Network address -
    Network mask -
    Network mask (bits) - 23
    Network mask (hex) - FFFFFE00
    Broadcast address -
    Cisco wildcard -
    Addresses in network - 512
    Network range - -
    Usable range - -


    $ sipcalc
    -[ipv4 :] - 0

    Host address -
    Host address (decimal) - 168037376
    Host address (hex) - A040C00
    Network address -
    Network mask -
    Network mask (bits) - 9
    Network mask (hex) - FF800000
    Broadcast address -
    Cisco wildcard -
    Addresses in network - 8388608
    Network range - -
    Usable range - -

  • Steven Kurylo

    I’m not sure why you think small companies won’t want to subnet in IPv6.

    Surely I’ll still put my clients in one subnet, and my servers in another. And my wifi in a third. And my Voip phones in a fourth. Etc.

  • Steven: If you need multiple networks, you can request a /48 from your provider, which will allow you to use multiple /64 networks.

    A whole lot of the protocol doesn’t just work well on a /64, it expects it. From

    The design of the IPv6 address space differs significantly from IPv4. The primary reason for subnetting in IPv4 is to improve efficiency in the utilization of the relatively small address space available, particularly to enterprises. No such limitations exist in IPv6, as the address space available, even to end-users, is large.

    An RFC 4291 compliant subnet always uses IPv6 addresses with 64 bits for the host portion. It therefore has a /64 routing prefix (128−64 = the 64 most significant bits). Although it is technically possible to use smaller subnets, they are impractical for local area networks based on Ethernet technology, because 64 bits are required for stateless address auto configuration. The Internet Engineering Task Force recommends the use of /64 subnets even for point-to-point links, which consist of only two hosts.

  • Pingback: just another john cheng blauwgh » Blog Archive » Subnetting Mathemagics()

  • Pingback: Future Subnets Inc. | IT Starts With US « Connecticut Tech Support()

  • Pingback: IP Addressing And Subnetting - I()