Networking 101: Understanding Subnets and CIDR

Calculating subnets can be tricky work. This installment of Networking 101 offers some tips and a few practice exercises to get you started.

By Charlie Schluting | Posted Jun 24, 2008
Page 1 of 2
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

Welcome to the second installment of Networking 101. This time around we'll learn about subnets and CIDR, hopefully in a more manageable manner than some books present it.

Let's get one thing straight: there is no "Class" in subnetting. In the olden days, there were Class A, B and C networks. These could only be divided up into equal parts, so VLSM, or Variable Length Subnet Masks , were introduced. The old Class C was a /24, B was a /16, and A was a /8. (Check out Understanding IP Addressesif you're not clear on what that means.) That's all you need to know about Classes. They don't exist anymore.

An IP address consists of a host and a network portion. Coupled with a subnet mask, you can determine which part is the subnet, how large the network is, and where the network begins. Operating systems need to know this information in order to determine what IP addresses are on the local subnet and which addresses belong to the outside world and require a router to reach. Neighboring routers also need to know how large the subnet is, so they can send only applicable traffic that direction. Divisions between host and network portions of an address are completely determined by the subnet mask.

Classless Internet Domain Routing (CIDR), pronounced "cider," represents addresses using the network/mask style. What this really means is that an IP address/mask combo tells you a lot of information:

network part / host part
0000000000000000/0000000000000000

The above string of 32 bits represents a /16 network, since 16 bits are masked.

Throughout these examples (and in the real world), certain subnet masks are referred to repeatedly. They are not special in any way; subnetting is a simple string of 32 bits, masked by any number of bits. It is, however, helpful for memorizing and visualizing things to start with a commonly used netmask, like the /24, and work from there.

Let's take a look at a standard subnetting table, with a little bit different information:

Subnet mask bits

Number of /24 subnets

Number of addresses

Bits stolen

/24

1

256

0

/25

2

128

1

/26

4

64

2

/27

8

32

3

/28

16

16

4

/29

32

8

5

/30

64

4

6

/31

128

2

7

Because of the wonders of binary, it works out that a /31 has two IP addresses available. Imagine the subnet: 2.2.2.0/31. If we picture that in binary, it looks like:

00000010.00000010.00000010.00000000 (2.2.2.0)

11111111.11111111.11111111.11111110 (31)

The mask is "masking" the used bits, meaning that the bits are used up for network identification. The number of host bits available for tweaking is equal to one. It can be a 0 or a 1. This results in two available IP addresses, just like the table shows. Also, for each additional bit used in the netmask (stolen from the network portion), you can see that the number of available addresses gets cut in half.

Let's figure out the broadcast address, network address, and netmask for 192.168.0.200/26.   The netmask is simple: that's 255.255.255.192 (26 bits of mask means 6 bits for hosts, 2^6 is 64, and 255-64 is 191). You can find subnetting tables online that will list all of this information for you, but we're more interested in teaching people how to understand what's happening. The netmask tells you immediately that the only part of the address we need to worry about is the last byte: the broadcast address and network address will both start with 192.168.0.

Figuring out the last byte is a lot like subnetting a /24 network, but you don't even need to think about that, if it doesn't help you.   Each /26 network has 64 hosts.   The networks run from .0 to .64, .65 to .128, .129 to .192, and from .193 to .256.   Our address, 192.168.0.200/26, falls into the .192 to .256 netblock. So the network address is 192.168.0.192/26.   And the broadcast address is even simpler: 192 is 11000000 in binary. Take the last six bits (the bits turned "off" by the netmask), turn them "on", and what do you get?   192.168.0.255. To see if you got this right, now compute the network address and broadcast address for 192.168.0.44/26. (Network address: 192.168.0.0/26; broadcast 192.168.0.63).

It can be hard to visualize these things at first, and it helps to start with making a table. If you calculated that you wanted subnets with six hosts in each of them, (eight, including the network and broadcast address that can't be used) then you can start making the table.   The following is 2.2.2.0/29, 2.2.2.8/29, 2.2.2.16/29 and the final subnet of 2.2.2.249/29.

Subnet Number

Network Address

First IP

Last IP

Broadcast Address

1

2.2.2.0

2.2.2.1

2.2.2.6

2.2.2.7

2

2.2.2.8

2.2.2.9

2.2.2.14

2.2.2.15

3

2.2.2.16

2.2.2.17

2.2.2.22

2.2.2.23

32

2.2.2.249

2.2.2.250

2.2.2.254

2.2.2.255

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter