cloudnick // subnetting

What is an IP address?

Before subnetting makes sense, you need to understand what an IP address actually is at the binary level.

The basics

An IPv4 address is 32 bits long — 32 ones and zeros. To make it human-readable, those 32 bits are split into four groups of 8 bits each, called octets, separated by dots.

So 192.168.1.1 is just a convenient way of writing 32 bits of binary.

Binary → Decimal

Each bit position in an octet has a value — left to right: 128, 64, 32, 16, 8, 4, 2, 1. Add up the values where the bit is 1.

Position

128

64

32

16

8

4

2

1

192

1

0

= 128 + 64 = 192

168

1

0

1

0

1

0

= 128 + 32 + 8 = 168

10

0

1

0

1

0

= 8 + 2 = 10

Full address: 192.168.10.1 = 11000000.10101000.00001010.00000001

Two parts of every IP address

Every IP address has two parts — a network portion (which network) and a host portion (which device on that network). The subnet mask tells you where the boundary is.

Think of it like a street address: the network is the street name, the host is the house number. Two houses on the same street share the same network address.

Private IP ranges (memorize these)

Range	CIDR	Common use
10.0.0.0 – 10.255.255.255	/8	Large enterprise networks
172.16.0.0 – 172.31.255.255	/12	Medium networks
192.168.0.0 – 192.168.255.255	/16	Home / small office
169.254.0.0 – 169.254.255.255	/16	APIPA (DHCP failure)
127.0.0.0 – 127.255.255.255	/8	Loopback (localhost)

Exam tip: If a host has a 169.254.x.x address, DHCP failed. That's always the answer on troubleshooting questions.

Subnet Masks & CIDR

The subnet mask is what tells a device which part of an IP is the network and which part is the host.

How a subnet mask works

A subnet mask is also 32 bits. It's always a block of 1s followed by 0s — never mixed. The 1s mark the network portion, the 0s mark the host portion.

Perform a bitwise AND between the IP and the mask — the result is the network address.

IP 11000000.10101000.00001010.00110010

Mask /24 11111111.11111111.11111111.00000000

AND result 11000000.10101000.00001010.00000000

192.168.10.50 AND 255.255.255.0 = 192.168.10.0 (network address)

CIDR notation

CIDR shorthand replaces the full mask with the count of network bits. 255.255.255.0 has 24 ones, so it becomes /24.

192.168.10.0 /24 → 24 network bits, 8 host bits, 254 usable hosts

CIDR	Subnet mask	Host bits	Usable hosts	Block size
/24	255.255.255.0	8	254	256
/25	255.255.255.128	7	126	128
/26	255.255.255.192	6	62	64
/27	255.255.255.224	5	30	32
/28	255.255.255.240	4	14	16
/29	255.255.255.248	3	6	8
/30	255.255.255.252	2	2	4

The host formula

Usable hosts = 2^h − 2 (h = number of host bits)

Subtract 2 for the network address (all host bits = 0) and the broadcast address (all host bits = 1). These can't be assigned to devices.

/24 example: 8 host bits → 2⁸ = 256 total → 256 − 2 = 254 usable hosts

/30 is the WAN link standard. 2 host bits → 2² − 2 = 2 usable. Perfect for point-to-point links. Expect this on Network+ and CCNA exams.

Subnet Calculator

Enter any IP and CIDR prefix to get a full breakdown. Read the manual method first — on the exam you won't have a calculator.

Manual method (exam-speed)

Given 192.168.10.50/26:

1. Host bits = 32 − 26 = 6

2. Block size = 2⁶ = 64

3. Multiples of 64: 0, 64, 128... → 50 falls in the 0 block

4. Network = 192.168.10.0 · Broadcast = 192.168.10.63 (0 + 64 − 1)

5. Usable: .1 to .62 = 62 hosts

The key insight: Network addresses are always multiples of the block size. Block size = 2^{host bits}. Memorize: 2, 4, 8, 16, 32, 64, 128, 256.

⚡ Subnet Calculator

IP Address

CIDR Prefix

Network Address—

Broadcast Address—

First Usable Host—

Last Usable Host—

Usable Hosts—

Subnet Mask—

Wildcard Mask—

CIDR—

Binary breakdown

IP addr

Subnet

Subnetting Practice

Work out each answer before checking. This is exactly what Network+ and CCNA test — no calculator allowed.

The 4-step shortcut

1. Host bits = 32 − CIDR e.g. /26 → 6 host bits

2. Block size = 2^{host bits} 2⁶ = 64

3. Find the largest multiple of block size ≤ the last octet 50 → 0

4. Network = that multiple · Broadcast = next multiple − 1 .0 and .63

Powers of 2 to memorize: 2, 4, 8, 16, 32, 64, 128, 256. These are your only block sizes.

Given — find:

Network Address

Broadcast Address

First Usable Host

Usable Hosts

VLSM — Variable Length Subnet Masking

VLSM lets you split a single network into subnets of different sizes. This is how real networks are designed.

Why VLSM exists

Without VLSM, every subnet in a network had to be the same size — hugely wasteful. If three subnets needed 100, 50, and 2 hosts respectively, you'd have to give them all 128 addresses each, wasting hundreds.

VLSM lets each subnet be exactly the right size. A WAN link gets a /30. A large LAN gets a /25. Same address space, zero waste.

Golden rule: Always allocate largest subnets first. This ensures clean packing without overlap.

Worked example — 10.0.0.0/24

Requirements: 100 hosts, 50 hosts, 20 hosts, 1 WAN link (2 hosts).

Requirement	Hosts needed	Best fit	Subnet	Usable range
LAN A (largest first)	100	/25 → 126 hosts	10.0.0.0/25	.1 – .126
LAN B	50	/26 → 62 hosts	10.0.0.128/26	.129 – .190
LAN C	20	/27 → 30 hosts	10.0.0.192/27	.193 – .222
WAN link	2	/30 → 2 hosts	10.0.0.224/30	.225 – .226

Each subnet starts exactly where the previous one ends. Next subnet = previous broadcast + 1.

⚡ VLSM Planner

Base Network

CIDR Prefix

Subnet requirements — hosts needed per subnet

Subnet allocation (sorted by allocation order)

#	Hosts Req.	CIDR	Network	Broadcast	First Host	Last Host	Usable

Cheat Sheet

Everything to memorize for the exam — in one place. Bookmark this.

Full CIDR reference

CIDR	Subnet Mask	Wildcard	Usable Hosts	Block Size
/8	255.0.0.0	0.255.255.255	16,777,214	16,777,216
/16	255.255.0.0	0.0.255.255	65,534	65,536
/20	255.255.240.0	0.0.15.255	4,094	4,096
/22	255.255.252.0	0.0.3.255	1,022	1,024
/23	255.255.254.0	0.0.1.255	510	512
/24	255.255.255.0	0.0.0.255	254	256
/25	255.255.255.128	0.0.0.127	126	128
/26	255.255.255.192	0.0.0.63	62	64
/27	255.255.255.224	0.0.0.31	30	32
/28	255.255.255.240	0.0.0.15	14	16
/29	255.255.255.248	0.0.0.7	6	8
/30	255.255.255.252	0.0.0.3	2	4
/31	255.255.255.254	0.0.0.1	2 (P2P)	2
/32	255.255.255.255	0.0.0.0	Host route	1

Powers of 2

2¹	2
2²	4
2³	8
2⁴	16
2⁵	32
2⁶	64
2⁷	128
2⁸	256

Key formulas

Host bits	32 − CIDR
Block size	2^{host bits}
Usable hosts	2^h − 2
Broadcast	Network + block − 1
First host	Network + 1
Last host	Broadcast − 1
Wildcard	255.255.255.255 − mask

Private & special ranges

10.0.0.0/8	Class A private
172.16.0.0/12	Class B private
192.168.0.0/16	Class C private
127.0.0.0/8	Loopback
169.254.0.0/16	APIPA
224.0.0.0/4	Multicast

VLSM checklist

1	Sort requirements largest → smallest
2	Find smallest CIDR that fits each
3	Assign starting at base network
4	Next subnet = previous broadcast + 1
5	Verify no overlap, all fit in base

Exam tips

/30 for WAN links — point-to-point serial links always use /30. Two usable hosts, one for each router interface. This is almost always an answer on Network+ troubleshooting questions.

APIPA = 169.254.x.x — a host assigns itself this when DHCP fails. On any troubleshooting question where a device can't get on the network, check for this first.

Wildcard mask = inverse of subnet mask — used in ACLs and OSPF. /24 mask 255.255.255.0 → wildcard 0.0.0.255. Used to say "match anything in this range."

Subnetting always tests /24 to /30 — you rarely see anything outside this range on Network+. Know your block sizes from 256 down to 4 cold.

Subnettingfrom scratch.