Subnetting is the act of splitting a big IP block into smaller networks so we can organize them, secure them, and route between them efficiently. CIDR (Classless Inter-Domain Routing) is the modern notation we use for it.
In simple language: take an IP range and slice it up. CIDR tells us “how much of the address is the network, and how much is the host.”
The /N Notation
192.168.1.0/24 means:
- The first 24 bits identify the network.
- The remaining 32 - 24 = 8 bits identify the host within that network.
- That gives us 2^8 = 256 addresses (254 usable — minus the network and broadcast).
192.168.1.0/24
|________| |__|
network host bits (8)Subnet Mask
The subnet mask is the binary version of the prefix length:
/24 -> 255.255.255.0 -> 11111111.11111111.11111111.00000000
/16 -> 255.255.0.0 -> 11111111.11111111.00000000.00000000
/8 -> 255.0.0.0 -> 11111111.00000000.00000000.00000000
/30 -> 255.255.255.252 -> 11111111.11111111.11111111.11111100Where the mask is 1, that’s the network. Where it’s 0, that’s the host.
Network Address vs Host Address
For 192.168.1.50/24:
- Network address:
192.168.1.0(host bits all zero) - Broadcast address:
192.168.1.255(host bits all one) - Usable hosts:
192.168.1.1–192.168.1.254(254 total)
The two reserved addresses (network + broadcast) cost us 2 IPs per subnet.
A Simple Subnetting Example
Say we get the block 10.0.0.0/24 (256 addresses) and want 4 equal subnets.
To get 4 subnets, we borrow log2(4) = 2 bits from the host portion. New prefix: /24 + 2 = /26.
Each /26 subnet has 2^(32-26) = 64 addresses (62 usable).
10.0.0.0/26 -> 10.0.0.0 – 10.0.0.63 (broadcast .63)
10.0.0.64/26 -> 10.0.0.64 – 10.0.0.127 (broadcast .127)
10.0.0.128/26 -> 10.0.0.128 – 10.0.0.191 (broadcast .191)
10.0.0.192/26 -> 10.0.0.192 – 10.0.0.255 (broadcast .255)Done. Four neat subnets, 62 hosts each.
Quick Math Cheat Sheet
Prefix Hosts (usable) Common use
/30 2 Point-to-point links
/29 6 Tiny subnets
/28 14 Small office segment
/27 30 Floor of a building
/24 254 Typical LAN
/22 1022 Larger office
/16 65,534 Big private network
/8 16,777,214 Massive (10.0.0.0/8)Formula: usable hosts = 2^(32 - prefix) - 2.
Why Subnet at All?
- Security — keep finance servers off the same broadcast domain as the guest Wi-Fi.
- Performance — smaller broadcast domains = less ARP/DHCP noise.
- Routing efficiency — routers can summarize routes (longest prefix match).
- IP conservation — give a /30 to a router-to-router link instead of a wasteful /24.
CIDR Aggregates Routes Too
CIDR isn’t just about splitting — it lets us combine adjacent networks:
192.168.0.0/24
192.168.1.0/24 -> can be summarized as 192.168.0.0/23Routing tables stay smaller. The internet’s BGP relies on this heavily.
Practical Tools
# Linux: ipcalc (install via apt/brew)
ipcalc 192.168.1.0/26
# Network: 192.168.1.0/26
# HostMin: 192.168.1.1
# HostMax: 192.168.1.62
# Broadcast: 192.168.1.63
# Hosts/Net: 62
# Or use Python
python3 -c "import ipaddress; n = ipaddress.ip_network('192.168.1.0/26'); print(list(n.hosts())[:5])"Common Gotcha
The mask /31 is special — RFC 3021 allows /31 on point-to-point links with 2 usable hosts (no network/broadcast). Without that exception, /31 would have 0 usable hosts. /30 is still the safer textbook answer.
Interview Tip
Practice writing out the binary mask quickly. /24 = 255.255.255.0 should be reflex. For trickier prefixes like /27, remember the host bits: 5 bits of host = 32 hosts = mask 255.255.255.224 (256 - 32 = 224).