Subnetting has a reputation for being hard, but it rests on one idea: an IP address is split into a network part and a host part, and the subnet mask is what decides where that split falls. Get that, and the rest — CIDR notation, host counts, dividing a network — is just counting in binary. This guide builds it up step by step.
The Subnet Visualizer shows every value as you change a mask, which makes the patterns below click much faster.
Network part, host part
Recall from IP Addressing that an IPv4 address is 32 bits. Those bits divide into two sections:
- The network portion — identifies which network the address belongs to. Every device on the same subnet shares this part.
- The host portion — identifies which device on that network. This part is unique within the subnet.
Devices on the same subnet can talk directly; to reach a different subnet, traffic goes through a router. So the split is not cosmetic — it determines who can reach whom without routing.
The subnet mask: where the split falls
The subnet mask is a 32-bit value where the network bits are 1 and the host bits are 0. The classic 255.255.255.0 is just:
The 24 ones say “the first 24 bits are network”; the 8 zeros say “the last 8 bits are host.” Line the mask up against an address and the ones tell you which bits are fixed for the whole subnet:
| Octet 1 | Octet 2 | Octet 3 | Octet 4 | |
|---|---|---|---|---|
| Address | 192 | 168 | 1 | 10 |
| Mask | 255 | 255 | 255 | 0 |
| Meaning | Network: 192.168.1 | Host: 10 | ||
So 192.168.1.10 and 192.168.1.200 share the network 192.168.1 and are on the same subnet; 192.168.2.10 is on a different one.
CIDR notation: /24 and friends
Writing out full masks is tedious, so CIDR (Classless Inter-Domain Routing) notation just states the number of network bits after a slash. 192.168.1.0/24 means “24 network bits” — identical to mask 255.255.255.0. The common ones:
| CIDR | Mask | Host bits | Total addresses | Usable hosts |
|---|---|---|---|---|
| /8 | 255.0.0.0 | 24 | 16,777,216 | 16,777,214 |
| /16 | 255.255.0.0 | 16 | 65,536 | 65,534 |
| /24 | 255.255.255.0 | 8 | 256 | 254 |
| /26 | 255.255.255.192 | 6 | 64 | 62 |
| /30 | 255.255.255.252 | 2 | 4 | 2 |
Counting hosts
The host count follows one formula. If there are h host bits, the subnet has 2h addresses, of which two are reserved:
- The network address (all host bits 0) — names the subnet itself.
- The broadcast address (all host bits 1) — reaches every host at once.
So a /24 has 28 = 256 addresses, minus 2, = 254 usable. A /30 — common for point-to-point links between two routers — has just 22 − 2 = 2 usable, exactly enough for both ends.
Dividing a network into subnets
Subnetting means borrowing host bits to make more networks. Say you have 192.168.1.0/24 (one network, 254 hosts) and need four separate subnets. Borrow 2 bits (because 22 = 4) from the host portion, turning /24 into /26:
| Subnet | Range | Usable hosts |
|---|---|---|
| 192.168.1.0/26 | .0 – .63 | .1 – .62 |
| 192.168.1.64/26 | .64 – .127 | .65 – .126 |
| 192.168.1.128/26 | .128 – .191 | .129 – .190 |
| 192.168.1.192/26 | .192 – .255 | .193 – .254 |
Each /26 block is 64 addresses (62 usable), and the blocks step in increments of 64 — the “magic number” for a /26. The increment is always 256 minus the mask’s last non-zero octet (here 256 − 192 = 64), which is the quick trick for listing subnets by hand.
Why subnet at all
- Performance — smaller subnets mean smaller broadcast domains, so less chatter reaches each device.
- Security & isolation — put departments, guests or IoT devices on separate subnets and control traffic between them.
- Organisation — a logical map of the network that matches how the organisation is actually structured.
- Efficiency — hand out address space in right-sized blocks instead of wasting a whole /24 on a link that needs two addresses.
Subnetting is the same maths whether you do it on paper or let a tool do it — the Subnet Visualizer lays out ranges, masks and host counts as you adjust the prefix, which is the fastest way to build intuition. For the bigger picture of how addressing fits the rest of networking, see IP Addressing Explained.
Frequently asked questions
What is a subnet mask?
A subnet mask marks which part of an IP address is the network and which part is the host. In 255.255.255.0, the three 255 octets are the network and the 0 is the host range, so addresses sharing the same first three octets are on the same subnet.
What does /24 mean in an IP address?
It is CIDR notation for the subnet mask: /24 means the first 24 bits are the network portion, which equals 255.255.255.0. It leaves 8 bits for hosts, giving 256 addresses (254 usable). /16 means 16 network bits (255.255.0.0) and so on.
How many hosts are in a /24?
A /24 has 8 host bits, so 2^8 = 256 addresses. Two are reserved — the network address (.0) and the broadcast address (.255) — leaving 254 usable host addresses.
Why subnet a network at all?
Subnetting splits one large network into smaller ones to improve performance (smaller broadcast domains), security (isolating departments), and organisation (logical groups), and to use address space efficiently instead of wasting it.