Every device on an IP network needs a unique address to communicate. IPv4 (Internet Protocol version 4) uses 32-bit addresses, typically written in dotted-decimal notation as four octets separated by dots: 192.168.1.100. Each octet represents 8 bits and ranges from 0 to 255.
While dotted-decimal is convenient for humans, understanding the underlying binary representation is essential for subnetting. The address 192.168.1.100 in binary is:
192 .168 .1 .100
11000000.10101000.00000001.01100100IPv4's 32-bit address space provides 2^32 = 4,294,967,296 possible addresses. While this seemed enormous when IPv4 was designed in the 1980s, the explosive growth of the internet has exhausted this space. IPv6 with its 128-bit addresses was developed to solve this, but IPv4 remains dominant through techniques like NAT (Network Address Translation) and CIDR.
An IP address alone does not tell you which part identifies the network and which part identifies the specific host. That separation is defined by the subnet mask.
A subnet mask is a 32-bit value that divides an IP address into two parts: the network portion (identifying the subnet) and the host portion (identifying the specific device on that subnet). In binary, a subnet mask consists of consecutive 1-bits followed by consecutive 0-bits.
Subnet Mask: 255.255.255.0
Binary: 11111111.11111111.11111111.00000000
|---- network (24 bits) ---|--host--|
IP Address: 192.168.1.100
Binary: 11000000.10101000.00000001.01100100
|---- network portion ----|--host--|
Network: 192.168.1.0 (host bits zeroed)
Host part: 0.0.0.100 (network bits zeroed)To find the network address, perform a bitwise AND between the IP address and the subnet mask:
IP Address: 11000000.10101000.00000001.01100100 (192.168.1.100)
Subnet Mask: 11111111.11111111.11111111.00000000 (255.255.255.0)
----------------------------------------
Network Addr: 11000000.10101000.00000001.00000000 (192.168.1.0)Two devices can communicate directly (without routing) only if they are on the same network -- that is, the network portions of their addresses are identical when masked.
CIDR Subnet Mask Hosts Common Use
/8 255.0.0.0 16.7M Large enterprises
/16 255.255.0.0 65,534 Medium networks
/20 255.255.240.0 4,094 Cloud VPC subnets
/24 255.255.255.0 254 Standard LAN segment
/25 255.255.255.128 126 Half a /24
/27 255.255.255.224 30 Small segments
/28 255.255.255.240 14 Very small segments
/30 255.255.255.252 2 Point-to-point links
/32 255.255.255.255 1 Single host route
CIDR (Classless Inter-Domain Routing, pronounced "cider") notation is the modern standard for expressing IP addresses with their associated network mask. It appends a forward slash and the number of network bits (prefix length) to the IP address: 192.168.1.0/24.
CIDR replaced the older classful addressing system, which rigidly divided addresses into Class A (/8), Class B (/16), and Class C (/24) networks. This rigid classification wasted enormous amounts of address space -- an organization needing 300 addresses would receive a Class B (/16) with 65,534 addresses, wasting over 65,000.
With CIDR, any prefix length from /0 to /32 is valid, allowing precise allocation. An organization needing 300 addresses can receive a /23 (510 usable hosts) instead of a /16.
Classful (obsolete):
Class A: 1.0.0.0 - 126.0.0.0 /8 (16.7M hosts each)
Class B: 128.0.0.0 - 191.255.0.0 /16 (65,534 hosts each)
Class C: 192.0.0.0 - 223.255.255.0 /24 (254 hosts each)
CIDR (modern): any prefix length
10.0.0.0/8 (large private network)
172.16.0.0/12 (medium private network)
192.168.1.0/24 (single LAN)
10.0.1.0/28 (14-host segment)
10.0.0.0/30 (point-to-point link)Given an IP address and prefix length, you can calculate all the key details of the subnet.
Given: 192.168.10.75/26
1. Subnet Mask (/26 = 26 ones followed by 6 zeros):
11111111.11111111.11111111.11000000 = 255.255.255.192
2. Network Address (IP AND mask):
192.168.10.75 = 11000000.10101000.00001010.01001011
255.255.255.192= 11111111.11111111.11111111.11000000
= 11000000.10101000.00001010.01000000
= 192.168.10.64
3. Broadcast Address (network address OR inverted mask):
Inverted mask = 00000000.00000000.00000000.00111111
Network OR inv = 11000000.10101000.00001010.01111111
= 192.168.10.127
4. Usable Host Range:
First host: 192.168.10.65 (network + 1)
Last host: 192.168.10.126 (broadcast - 1)
5. Number of Usable Hosts:
2^(32-26) - 2 = 2^6 - 2 = 64 - 2 = 62 hosts
Summary:
Network: 192.168.10.64/26
Mask: 255.255.255.192
First Host: 192.168.10.65
Last Host: 192.168.10.126
Broadcast: 192.168.10.127
Hosts: 62The number of usable host addresses is determined by the number of host bits (bits not used for the network prefix).
Host bits = 32 - prefix_length
Total addresses = 2^host_bits
Usable hosts = 2^host_bits - 2 (subtract network and broadcast)
Prefix Host Bits Total Usable Typical Use
/24 8 256 254 Standard LAN
/25 7 128 126 Half LAN
/26 6 64 62 Quarter LAN
/27 5 32 30 Small department
/28 4 16 14 Server VLAN
/29 3 8 6 Small server group
/30 2 4 2 Point-to-point link
/31 1 2 2* Point-to-point (RFC 3021)
/32 0 1 1* Loopback / host route
* /31 and /32 are special cases without network/broadcastSubnetting divides a larger network into smaller segments. For example, splitting a /24 into four /26 subnets:
Original: 192.168.1.0/24 (254 hosts)
Split into 4 x /26 (62 hosts each):
Subnet 1: 192.168.1.0/26 (192.168.1.1 - 192.168.1.62)
Subnet 2: 192.168.1.64/26 (192.168.1.65 - 192.168.1.126)
Subnet 3: 192.168.1.128/26 (192.168.1.129 - 192.168.1.190)
Subnet 4: 192.168.1.192/26 (192.168.1.193 - 192.168.1.254)
Each subnet has its own network and broadcast address.RFC 1918 defines three private address ranges that are reserved for internal networks and not routable on the public internet. These ranges can be freely used within any organization.
Range CIDR Addresses Common Use
10.0.0.0/8 10.0.0.0 - 16,777,216 Large enterprises,
10.255.255.255 cloud VPCs
172.16.0.0/12 172.16.0.0 - 1,048,576 Medium networks,
172.31.255.255 Docker default
192.168.0.0/16 192.168.0.0 - 65,536 Home/small office
192.168.255.255 networksRange Purpose
127.0.0.0/8 Loopback (localhost)
169.254.0.0/16 Link-local (APIPA, auto-config)
0.0.0.0/0 Default route (all networks)
224.0.0.0/4 Multicast
240.0.0.0/4 Reserved (formerly "Class E")
100.64.0.0/10 Carrier-grade NAT (RFC 6598)VLSM allows different subnets within the same network to have different prefix lengths, matching subnet sizes to actual requirements and minimizing address waste.
Suppose you have the network 10.1.0.0/24 (254 hosts) and need to create subnets for:
Without VLSM (fixed /26 = 62 hosts each):
Need 6 subnets but only have 4 x /26 available.
Cannot accommodate 100-host engineering subnet.
With VLSM (variable subnet sizes):
10.1.0.0/25 Engineering (126 hosts) -- 100 needed
10.1.0.128/26 Sales (62 hosts) -- 50 needed
10.1.0.192/27 Management (30 hosts) -- 20 needed
10.1.0.224/28 Servers (14 hosts) -- 10 needed
10.1.0.240/30 Link 1 (2 hosts)
10.1.0.244/30 Link 2 (2 hosts)
10.1.0.248/29 Future use (6 hosts)
Total: 254 addresses efficiently allocated across 6 subnets.The key to VLSM is allocating the largest subnets first and working down to the smallest. This ensures address ranges do not overlap and space is used efficiently.
Network: 192.168.1.0/24
Subnets:
192.168.1.0/26 LAN (62 hosts: workstations, printers)
192.168.1.64/26 WiFi (62 hosts: laptops, phones)
192.168.1.128/28 Servers (14 hosts)
192.168.1.144/28 VoIP phones (14 hosts)
192.168.1.160/28 Guest WiFi (14 hosts)
192.168.1.252/30 Router uplink
Key addresses:
Default gateway: 192.168.1.1 (router LAN interface)
DNS server: 192.168.1.129
DHCP range: 192.168.1.10 - 192.168.1.60Network: 10.0.0.0/8
Site allocation:
10.1.0.0/16 Headquarters (65,534 hosts)
10.2.0.0/16 Branch Office 1
10.3.0.0/16 Branch Office 2
10.10.0.0/16 Data Center 1
10.11.0.0/16 Data Center 2
10.100.0.0/16 VPN clients
HQ breakdown (10.1.0.0/16):
10.1.1.0/24 Floor 1 LAN
10.1.2.0/24 Floor 2 LAN
10.1.3.0/24 Floor 3 LAN
10.1.10.0/24 Server VLAN
10.1.20.0/24 Management VLAN
10.1.100.0/24 WiFi VLANCloud providers like AWS, Azure, and GCP use subnetting extensively for Virtual Private Clouds (VPCs). Understanding subnetting is essential for cloud network architecture.
VPC CIDR: 10.0.0.0/16 (65,536 addresses)
Availability Zone A:
10.0.1.0/24 Public subnet (web servers, load balancers)
10.0.11.0/24 Private subnet (application servers)
10.0.21.0/24 Data subnet (RDS, ElastiCache)
Availability Zone B:
10.0.2.0/24 Public subnet
10.0.12.0/24 Private subnet
10.0.22.0/24 Data subnet
Availability Zone C:
10.0.3.0/24 Public subnet
10.0.13.0/24 Private subnet
10.0.23.0/24 Data subnet
Note: AWS reserves 5 IPs per subnet (first 4 + last 1)
/24 subnet = 256 - 5 = 251 usable addresses in AWS# Kubernetes requires large CIDR blocks for pod IPs
# Each node gets a /24 by default (254 pods per node)
Cluster pod CIDR: 10.244.0.0/16 (65,536 pod IPs)
Cluster service CIDR: 10.96.0.0/12 (service virtual IPs)
Node CIDR mask: /24 (per-node pod range)
Node 1 pods: 10.244.0.0/24
Node 2 pods: 10.244.1.0/24
Node 3 pods: 10.244.2.0/24
...
Our IP Subnet Calculator instantly computes all subnet details from any IP address and prefix length or subnet mask. Enter an address like 192.168.1.100/24 and see the network address, broadcast address, usable host range, number of hosts, subnet mask, wildcard mask, and binary representation.
The tool also supports subnet division (splitting a network into smaller subnets), VLSM planning, and provides a reference table of all prefix lengths with their corresponding masks and host counts. Whether you are designing a new network, troubleshooting connectivity, or studying for a networking certification, this calculator handles the math instantly.
CIDR notation represents an IP address with its network mask as address/prefix-length (e.g., 192.168.1.0/24). The prefix length indicates how many bits define the network. It replaced classful addressing for more flexible IP allocation.
Usable hosts = 2^(32 - prefix_length) - 2. Subtract 2 for the network and broadcast addresses. A /24 has 254 usable hosts, a /25 has 126, and a /30 has 2.
A 32-bit number separating the network portion from the host portion of an IP address. Consecutive 1-bits mark the network, 0-bits mark the host part. For example, 255.255.255.0 (/24) means 24 network bits and 8 host bits.
RFC 1918 defines three private ranges: 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16. These are not routable on the public internet and can be reused freely in any private network.
The network address (all host bits = 0) identifies the subnet. The broadcast address (all host bits = 1) sends to all hosts on the subnet. Neither can be assigned to a device.
Variable Length Subnet Masking allows different prefix lengths within the same network, matching subnet sizes to actual requirements. This prevents wasting addresses by using /24 for large segments and /30 for point-to-point links.