Subnetting is a method of dividing a single large network into multiple smaller subnets, each with its own network address range. Think of subnetting as partitioning a big apartment building into smaller apartments. Just like how each apartment has its own address, each subnet has its own unique address range, known as the subnet address. Devices within a subnet can communicate with each other directly, just like how people in the same apartment can interact with each other. Here are some key details about subnets, which we will go into more detail about later:
- IP addresses: Subnets are created by dividing a single large IP address into multiple smaller subnet addresses. This allows for better organization and management of the network, and also helps conserve IP addresses.
- Network masks: A subnet mask is a 32-bit number (EG 255.255.255.0) that is used to differentiate between the network portion and the host portion of an IP address. The subnet mask is applied to an IP address to determine which portion of the address belongs to the network and which portion belongs to the host.
- Subnet addresses: Each subnet has its own unique subnet address, which is assigned to the network portion of the IP address. The subnet address is used to identify the subnet and distinguish it from other subnets within the same network.
- Host addresses: The host addresses are the addresses assigned to individual devices within a subnet. These addresses are used to identify and communicate with the devices on the subnet.
- CIDR notation: Subnets are commonly represented using Classless Inter-Domain Routing (CIDR) notation, which is a way of representing IP addresses and subnet masks in a compact form. CIDR notation consists of an IP address followed by a slash (/) and the number of bits used for the network portion of the address. For example, 192.168.1.0/24 is a CIDR notation that represents a subnet with a network address of 192.168.1.0 and a subnet mask of 255.255.255.0.
In networking, subnets are used to help improve network security and organization, and also to conserve IP addresses. By dividing a network into subnets, administrators can better control and monitor network traffic, and also more efficiently utilize IP addresses.
CIDR Notation
Using CIDR notation EG 192.168.1.0/24 the /24 at the end is the CIDR notation, we can figure out how many useable IP addresses we can have on our subnet. Here we need to remember that IP addresses are actually made up of sections of 8 bit binary numbers EG:
| 192 | 168 | 1 | 0 |
| 11000000 | 10101000 | 00000001 | 00000000 |
The /24 part of the CIDR notation relates to the number of bits that belong to the network part of the address. EG
| 192 | 168 | 1 | 0 |
| 11000000 | 10101000 | 00000001 | 00000000 |
The highlighted blue sections belong to the network and consist of 24 bits of binary EG 11000000.10101000.00000001.
The parts highlighted in red can be used to work out the number of hosts (or computers/devices) that we can attach to our subnet.
In this example we have 8 bits of binary that can in theory create 256 IP addresses (0-255 which makes 256). However, we must also take into account that there are 2 reserved network addresses in this range, one for the network address and one for the broadcast address so we need to subtract 2 from this number 256 – 2 = 254.
The subnet mask for this example would be 255.255.255.0. The three 255’s represent the network part of the address while the 0 represents the host address section of the address.
If we relate CIDR notation to classes we get:
- Class A – 10.0.0.0/8
- Class B – 130.0.0.0/16
- Class C – 192.0.0.0/24
Another CIDR notation example.
CIDR notation allows us to split networks up into subnets by borrowing binary bits from the host bits. EG a class C address with /28 allows us to borrow 4 extra bits from the host bits and instead have them for the network portion of the address:
192.168.1.40
| 192 | 168 | 1 | 40 |
| 11000000 | 10101000 | 00000001 | 00101000 |
As we have 4 bits left for our host address we can have 16 devices on each subnet but we need to remember to subtract the broadcast and network address from this number so 16 – 2 = 14 addressable hosts.
As we have reserved 4 bits for the subnet, we can also make 16 different sub networks.
The subnet mask for this would be 255.255.255.240 – but how did we get this?
As we have borrowed 4 bits from the end of the available host addresses we need to add the last 4 values together in decimal. The bits that we borrow always come from the left so we add the decimal values together.
| 128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |
| 128 | 128+64=192 | 128+64+32 =224 | 128+64+32+16=240 |
Since we know the decimal values of 8 bit binary, we simply write this out and then add the decimal values of each borrowed bit together so the 4 last bits are 128 + 64 + 32 +16 = 240.
Our new subnet mask is 255.255.255.240
An example
Let’s say a business has a single large network with a network address of 192.168.0.0/16. To divide the network into smaller subnets for different departments, the network administrator could use subnetting to create subnets with smaller network address ranges, as follows:
- Sales department: 192.168.1.0/24 – The subnet mask would be 255.255.255.0, which means that the first 24 bits of the IP address would be used for the network portion of the address. This would give the sales department 254 possible host addresses (256 -2), with an address range of 192.168.1.0 to 192.168.1.255.
- HR department: 192.168.2.0/24 – Similar to the sales department, the HR department would have a subnet mask of 255.255.255.0, giving it 254 possible host addresses (256 -2), with an address range of 192.168.2.0 to 192.168.2.255.
- IT department: 192.168.3.0/24 – The IT department would also have a subnet mask of 255.255.255.0, giving it 254 possible host addresses (256 -2), with an address range of 192.168.3.0 to 192.168.3.255.
Each subnet would have its own unique network address, which would be used to identify the subnet and distinguish it from other subnets within the same network. Devices within each subnet would communicate directly with each other without having to pass through routers or other networking devices.