Computer Networking - Subnetting Explained

By: Daniel Imbellino
Updated: Feb 24, 2013

This section assumes you have studied our tutorials on IP addressing and the Binary numeric system, or have previous knowledge of these technologies before continuing with this section.

What is a subnet mask? As stated back in our IP addressing tutorial, an IP address consists of 2 sections: a network portion, and a host portion. One part of the address indentifies the network to which a computer or router is assigned, and the other part identifies the host (actual computer or device itself). Both of the portions combined make up a full IP address. Subnet masks help us to identify which portion of a network denotes the network, and which portion denotes the host. Just as an IP address consists of a 32bit string of characters, so does a subnet mask.

The three main classes of IP addresses have subnet masks of:
Class A IP addresses: 255.0.0.0 which = 11111111.00000000.00000000.00000000 (the 255 represents how many bits belong to the network portion of the address, while the zeros represent how many bits are available for the host address.
Class B IP addresses: 255.255.0.0 which = 11111111.11111111.0.0 Remember, 255 in binary is eight ones! You have 8 bits per octet, and 4 x 8 = 32, so 32 bits total.
Class C IP Addresses: 255.255.255.0 which = 11111111.11111111.11111111.0

Why do I need to subnet?
Many organizations today have different departments, or separate divisions that need to be addressed in different ways. With subnet masking, a large organization can divide their departments into separate entities. This provides not only a way to help organize departments, but also provides a form of security to internal networks. For a computer on one subnetwork to communicate with a computer on another subnetwork, both computers must go through a router. This ads a measure of security since routers can be configured to allow only certain traffic, such as certain IP addresses to access a particular network. These security measures are known as “Access Control Lists” on routers. If you have an accounting department on one subnetwork, and don’t want say, the sales department to have access to the accounting department, then you can configure the router not to allow traffic from that subnet.

How Do I Subnet a network?
Here’s a thorough, but brief explanation of the steps needed to subnet a network. This is followed by full examples to help you make sense of it all.

Step 1: First you need to figure out how many subnets you need. You do this by figuring out how many network cable segments you have on your network. Each cable segment indicates a subnet.

Step 2: Once you know how many subnets you need, just borrow bits from the host portion of the subnet mask. You will add these bits to the network portion. If you have 12 network segments, then you will need 12 subnets, so, 2 to the 4th power = 16, which is the closest power of 2 that can give you the minimum number of subnets needed. Borrow bits from the top of the host portion down (we will explain this in our example subnet).

Step 3: Determine how many host addresses are available per subnet. Use the bits you have left over from the host portion to determine this number. Remember, you have 8 bits in one octet, and we borrowed 4 bits to add to the network portion of the subnet mask. This gives you 4 bits left available for the host addresses. The formula to determine the available host addresses is 2 to the nth power – 2. So with 4 bits this would be 2 to the 4th power – 2, which = 16 – 2 = 14 host addresses. The reason you subtract 2 addresses is because you cannot use the network address to assign to hosts, this is because the network address is the address of the router that connects to that subnet. The other address that cannot be used is the Broadcast address which is all 1’s, therefore we subtracted those 2 addresses, and the ones left over (14) are the ones available for assigning to hosts (computers) on our subnetworks.

Continue to Part 2 of Subnetting Explained!