How To Subnet

Learning how to subnet accurately and quickly is key to success in the IT field and to passing networking certifications such as the CCNA.

All subnetting is calculated under the covers in binary. Still, because we humans are used to a base-ten system, we translate things into decimal numbers when we write IP addresses. This makes life easier for us, but it is very important to understand the binary behind the decimal. Without understanding the binary, it is practically impossible to understand why we calculate network masks, broadcast addresses, etc., the way we do.

If you don’t already know how to convert numbers between decimal and binary, check out our binary conversion practice page for a review before continuing.

Okay, let’s dive in…

The IPv4 Address Format

A binary digit is called a bit. It represents a 1 or a 0. An IPv4 address has 32 bits. The IP addressing scheme is written in ‘dotted decimal notation’ as four octets separated by periods, for example, where ‘203’ is the 1st octet and ‘0’ is the 2nd octet etc.

32 bits in an IPv4 address, divided into 4 octets, means that there are 8 bits in each octet. Each octet can have a value ranging from 0 to 255.

Our example IP address can be written as ‘’ in dotted decimal notation. This is the usual format when working with IP addresses and the format we use when entering commands on computers.

The IP address can also be written as ‘11001011.00000000.1110001.00001010’ in binary:

203 in decimal is 11001011 in binary.
0 is 00000000.
113 is 1110001.
10 is 00001010.

We never use the binary format when entering commands, but it’s important to know how to calculate it in order to understand subnetting.

So the 32-bit IPv4 address is written in dotted decimal notation as four 8-bit octets to make it easier for humans to work with.

The Logical IP Address Space

A single giant network would be an unmanageable mess. IP networks are split into smaller ‘subnets’ to provide better performance, security, and scalability than would be possible with a single flat global address space. The IP address format enables this logical separation between networks.

The IP address comprises two main parts, the network bits and the host bits. The subnet bits determine what network a device is on, and the host bits define the individual device in that network. All of the devices on the same subnet will have the same network bits and different host bits.

Think of a telephone number. You have an area code and then the number. The area code can be thought of as the subnet bits. Many people who live near one another share an area code, but all have an individual phone number. The same is true of devices on a subnet. They all share the same subnet bits, but each has an individual combination of host bits.

Which part of the IP address is the subnet part and which part is the host part is indicated using a subnet mask. A subnet mask (or netmask) is made up of 32 bits and looks similar to a regular IP address. It is used only to divide the subnet bits from the host bits.

The subnet bits are set as 1s, and the host bits are set as 0s. So a subnet mask might be 11111111.11111111.1111111.00000000, which in decimal would be This example subnet mask specifies that the first three octets are the subnet bits, and the last octet will be used for host bits.

IP addresses can have their 1s and 0s mixed together in any order, such as our example IP address 11001011.00000000.1110001.00001010.

But the ‘1’s indicating the network bits in a subnet mask must always be in a contiguous block from left to right. For example, 11111111.11111111.11111111.00000000 is a valid subnet mask. 11101011.11011111.11000000.00000000 is an invalid subnet mask, and you would get an error message if you tried to use it.

Our example subnet mask can be written as 11111111.11111111.11111111.00000000 in binary, or in dotted decimal notation, or /24 in slash notation (if you count how many network bits there are from left to right, it equals 24).

When a device wants to communicate with another device over an IP network, it checks whether the destination is on the same or a different subnet. It does this by comparing the destination IP address to its own IP address and subnet mask. (It is unaware of the subnet mask configured on the destination device and does not need to know this information.)

Communication Within and Between Subnets

Let’s work through an example…

PC1 has an IP address and a subnet mask The subnet mask is 11111111.11111111.11111111.00000000 in binary. The network portion of the address is the first 3 octets, so 203.0.113 is the network portion of the address, and 10 is the host portion. The IP address and subnet mask have been configured on PC1, so it knows this information.

PC1 needs to communicate with PC2 at It compares the network portion of its own address (203.0.113) with the destination IP address and sees that they match, so it knows that PC2 is on the same subnet. It can communicate directly with PC2 without having to go via a router.

PC1 needs to communicate with PC3 at It compares the network portion of its own address (203.0.113) with the destination IP address and sees that they are different, so it knows that PC3 is on a different subnet. It needs to go via its default gateway router to communicate with PC3.

Hosts in the same subnet address should all be configured with the same subnet mask, or there will likely be connectivity issues.

Note that by coincidence, PC1 and PC3 have the same value for their host bits in our example (10). This is not a problem because they are on different subnets. Each device must have unique host bits within its own subnet, but devices in different subnets can have the same host bits.

IP Address Classes and their Default Subnet Masks

When IPv4 was first introduced, the designers did not envision the explosive growth of the Internet. They designed it to be sufficient for the needs of that time with some room for growth, but nowhere near enough to handle the proliferation of IP-enabled devices such as PCs and mobile phones we see today.

IPv4 supports 3 main ranges of IP Address Classes, which can be assigned to standard devices on networks. Each Address Class has a default subnet mask:

ClassDefault Subnet MaskRange
Class A255.0.0.0 (/8) –
Class B255.255.0.0 (/16) –
Class C255.255.255.0 (/24) –

Use the formula 2h minus 2 to calculate how many hosts any particular subnet supports, where h is the number of host bits. (The minus 2 is because the base network address and the broadcast address cannot be assigned to end hosts.)

A Class A address with the default subnet mask has 8 network bits, leaving 24 host bits. 224 minus 2 = 16777214. A Class A subnet with the default subnet mask supports up to 16777214 host addresses.

A Class B address with the default subnet mask has 16 network bits, leaving 16 host bits. 216 minus 2 = 65534. A Class B subnet with the default subnet mask supports up to 65534 host addresses.

A Class C address with the default subnet mask has 24 network bits, leaving 8 host bits. 28 minus 2 = 254. A Class C subnet with the default subnet mask supports up to 254 host addresses.

CIDR Classless Inter-Domain Routing and VLSM Variable Length Subnet Masking

IPv4 originally mandated that all addresses must use their default subnet mask (‘Fixed Length Subnet Masking’). So the smallest network was a /24, which supports 254 devices. If only a handful of devices were on that network, this resulted in a large number of addresses going unused and being wasted. And the number of wasted addresses on Class A and B networks was huge.

As the number of devices on the Internet grew, it became apparent that the number of addresses would run out and something needed to be done to help the situation. Classless Inter-Domain Routing (CIDR) and Variable Length Subnet Masking (VLSM) were introduced, which meant addresses no longer had to use their default subnet mask. So if you only needed to support 12 devices on a subnet, for example, you could use the smaller size /28 mask and not waste so many addresses. (228 minus 2 = 14.)

This is where subnetting comes in…

How Subnetting Works

Subnetting is dividing blocks of IPs into smaller blocks. You can have subnets inside of subnets. To do it, you ‘borrow’ bits from the default host portion of the address and add them to the subnetting bits. For example, you can split the network into 4 smaller subnets with the subnet mask of

“Wait, what??” Well, let’s look back at the binary subnet mask for 11111111.11111111.11111111.00000000.

We can ‘borrow’ two bits from the host bits and create a net subnet mask of 11111111.11111111.11111111.11000000. Changing those two bits from 0s to 1s makes the last octet equal to 192.

By ‘borrowing’ those bits, you can now create four new subnets within your original subnet. Why four? Because those two bits have four different possible combinations. You can have 00, 01, 10, 11. The formula to calculate the number of subnets you can split a larger network into is 2n, where n is the number of ‘borrowed’ subnet bits. (We don’t have to ‘minus 2’ like we did when calculating the number of hosts because the need to reserve the base network address and broadcast address is specific to the host portion of the address.)

The number of borrowed subnet bits depends on the Class of the network you are subnetting:

For example, if you subnet a Class A network with its default subnet mask of /8 into /26 networks, you are borrowing 18 bits (26 minus 8).

If you subnet a Class B network with its default subnet mask of /16 into /26 networks, you are borrowing 10 bits (26 minus 16).

Now we know how many subnets we can create, but how many IP addresses does each subnet have in our example?

We use the 2h minus 2 formula as explained before, using the host bits. The Class of the network we are subnetting doesn’t matter here – if we’re using /26 for example then we have the same 6 host bits left whether we’re subnetting a Class A, B or C address. We have 6 host bits left (all the zeros) and 26 = 64.

That is how many total IP addresses each subnet supports, not how many usable hosts. Every subnet must have a network address and a broadcast address, and neither of those can ever be used by a host. Therefore, we need to remember to subtract 2 to take those reserved addresses into account. In this case, there are 62 usable host addresses per subnet.

As you can see, doing your exponent practice is key to subnetting quickly.

The network address is used to identify the network you are working on, and the broadcast address sends messages to every device on that subnet. The network address is always the very first IP address of a subnet, and the broadcast is always the very last IP address of a subnet. In other words, the network address is the IP address where all the host bits are set to 0, and the broadcast address is the IP address where all the host bits are set to 1.

Subnetting Example

Let’s work through what the subnets will be in our example…

We’re starting with the base network

We decide to subnet this into four /26 networks, which support 64 hosts each.

(Note that we can subnet a network into different size subnets. For example, we could have split into a /26, a /28, and a /29 if that fitted the required number of hosts in each subnet better.)

We need to determine the ‘block size’ to know where each subnet will start and end. To do this, write the subnet mask in binary and count the number of bits in the network portion of the address from left to right. We’re using a /26 here:

How to Subnet

Then check the bit number immediately to the left of your line. In our example, it is 64, so our block size is 64. The subnets will increment in blocks of 64, starting from zero.

You can also calculate the block size by subtracting the value in the subnet mask’s subnetting octet from 256. We’re using a subnet mask of 256 minus 192 = 64.

Be careful to increment the digits on the correct octet. We’re using a /26, so we’re subnetting on the 4th octet (each octet is 8 bits long). If, instead, we were using any subnet mask between /17 and /24, for example, we would be subnetting on the 3rd octet, and the block size would increment there.

Our subnet’s network addresses are:


The broadcast address is the last address in each subnet, and the usable host addresses are everything between the network address and the broadcast address.

  • 1st Subnet:
    Network Address:
    Broadcast Address:
    Host Addresses: to
  • 2nd Subnet:
    Network Address:
    Broadcast Address:
    Host Addresses: to
  • 3rd Subnet:
    Network Address:
    Broadcast Address:
    Host Addresses: to
  • 4th Subnet:
    Network Address:
    Add the block size 64, then minus 1 to get the broadcast address:
    Broadcast Address:
    Host Addresses: to

You can verify your subnetting calculations with our Subnet Calculator or VLSM Calculator.

The IPv6 Solution

The long-term solution to the exhaustion of IPv4 addresses is IPv6 with its much larger address space. When IPv6 was in its early stages it was realized that it would take time to migrate networks to it, so NAT (Network Address Translation) and private RFC 1912 IPv4 addresses were used by many organizations in what was originally thought to be a stopgap solution. That ‘stopgap’ has turned out to be highly effective though, so a huge number of organizations are still running purely on IPv4 as they see no need to go through the work of migrating to IPv6.

The exhaustion of the IPv4 address space and the huge rise in IP enabled devices such as mobile phones in developing nations does mean that IPv6 is used heavily in those locations and in Service Provider networks though, so network engineers do need to understand IPv6 also. You may want to read up on how to subnet IPv6.

Download our Subnet Cheat Sheet for all the essential information you need to quickly perform subnet calculations in your head.If you want to learn more about networking and get the Cisco CCNA certification, we highly recommend the Cisco CCNA Gold Bootcamp as your CCNA training course. The CCNA is by far the most in-demand networking certification by employers, and the Gold Bootcamp is the highest rated Cisco course online. It has an average rating of 4.8 from over 30,000 public reviews:
Cisco CCNA Gold Bootcamp training course