Understanding TCP/IP Subnets

A TCP/IP subnet is a segment of a network where all of the computers on that segment can communicate with each other without having to go through a router.  The computers on the subnet will have IP addresses that are within a given range of addresses, and those addresses will all have the same network ID as defined by the subnet mask.  Lost me?  Let's take a closer look...

Let's say that your ISP has leased you a range of IP addresses, say -, and told you that your subnet mask is  What does that mean?  Well, a closer look at the subnet mask should clarify things.

An IP address or a subnet mask is typically written in dotted-decimal notation (  Each section is called an octet, with a possible range of 0-255.  They're called octets because they can be converted to a binary number 8 bits long.  So when we convert our subnet mask to dotted-binary notation, we get:


Where the ones end and the zeros begin is the imaginary line between the network ID (the ones) and the host ID (the zeros).  This means that, in our case, the first 24 bits are reserved for the network ID, and the last 8 bits are reserved for host ID's.  So our network ID (shown with a host ID of all zeros) is, or shown in binary:


and the upper end of our subnet (host ID of all ones) in binary is:

10101000.00000010.00011000.11111111 (

Often, the subnet is presented as networkID/numberOfBitsInTheNetworkID, or

Before we proceed to subnet our range even further, let's throw in a couple of additional details that we can refer to later.  The first address in our range is (host ID 00000000).  You can't assign this address to a computer (the host ID can't be all zeros nor all ones).  These special addresses are reserved for broadcasts.  So you can only assign through to computers (and printers and routers and such), yielding 254 addresses.  Often, a router is given the .1 address ( so that computers on our subnet can talk to other subnets (or the Internet).

254 computers broadcasting to each other can get pretty chatty, leading to lots of traffic, degrading performance.  So, often times, network administrators will further break up a subnet this size into smaller subnets.

To break the subnet into two subnets, we simply take an extra bit for the network ID leaving one less bit for host IDs. So now our binary subnet mask represents 25 bits for the network ID and will look like this:

11111111.11111111.11111111.10000000 (

This breaks our address range is broken up into two subnets.  With only seven host bits, instead of 256 addresses, each can only contain 128, 00000000 (0) - 01111111 (127) for the first subnet, and 10000000 (128) - 11111111 (255) for the second subnet.  Another way to say this is that the range of the first network is from and the range of the second network is from - 

Keep in mind that as before, you can't assign a host ID with all zeros nor all ones, so in the first subnet, and can not be assigned to a host (the router for this subnet will likely be assigned again), and in the second subnet, and can not be assigned (the router will likely be assigned  Got that?

Let's do that one more time, and this time we'll break our range into four subnets.  To do that, we take yet another bit for the network ID (26 bits this time), that's:

11111111.11111111.11111111.11000000 ( which breaks the range into 4 subnets of 64 addresses each: (, .0 and .63 may not be used, router goes on .1 (, .64 and .127 may not be used, router goes on .65 (, .128 and .191 may not be used, router goes on .129 (, .192 and .255 may not be used, router goes on .193

You can go the other way, and make two subnets into one bigger subnet, but I'll save that for another post.  Happy subnetting!


Post a Comment

Related Posts Plugin for WordPress, Blogger...